cleantalk
Vulnerabilities and Security Researches

Flamingo, PSC-2025-64564

PSC, Research URL

PSC-2025-64564

Home page URL

Security reports for Flamingo

Application

Flamingo

Published on
Apr 16, 2025
Research Description
When it comes to handling communication on WordPress websites, Contact Form 7 is one of the most popular plugins for form submissions. However, it doesn’t store messages by default. This is where Flamingo steps in—a reliable message storage plugin that captures all submissions directly into the WordPress database. Whether it’s email delivery issues or server misconfigurations, Flamingo ensures no submitted message is ever lost. With version 2.5 of Flamingo successfully passing the Plugin Security Certification (PSC-2024-64564) by CleanTalk, users can now rely on not just functionality, but verified code security when storing contact form submissions. The certification guarantees that Flamingo adheres to secure coding standards and doesn’t introduce vulnerabilities into the site it’s installed on.
Affected versions
Min 2.4, max 2.5.
Status
SAFE & CERTIFIED
Previous vulnerability researches
Advanced Flamingo (CVE-2023-52226) , Jun 07, 2024
Flamingo , Apr 16, 2025
Flamingo (022a9997dfc335fe7d818f90b085eb691dd3ba3c) , Jun 07, 2024
New vulnerability
EUCookieLaw (CVE-2025-3897) , May 10, 2025
Frontend Login and Registration Blocks (CVE-2025-3605) , May 10, 2025
WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg (CVE-2025-4206) , May 10, 2025
Top 10 – WordPress Popular posts by WebberZone (CVE-2025-47509) , May 09, 2025
Easy Replace Image (CVE-2025-47483) , May 09, 2025