Logo

Sender Click Authorization for Contact Form 7 – Release Notes

Sender Click Authorization for Contact Form 7Logo
Sender Click Authorization (SCA) for Contact Form 7 protects your site from spam and fake submissions by requiring senders to verify their email address before the form is delivered. With a simple verification click, only real, authorized messages reach you — keeping your inbox clean and your leads trustworthy.

 

At LegitSquares, we take a proactive approach to development—regularly testing, updating, and refining our plugin to ensure maximum compatibility, performance, and reliability with every new release of WordPress and Contact Form 7. We’re committed to delivering a stable, secure experience while continuously improving based on user feedback and evolving best practices. Below is a detailed log of all updates, enhancements, and fixes. These are all of the change made to the Sender Click Authorization for Contact Form 7 WordPress Plugin.

 

01 Sep 2025
25.9.1

Tweaked Hide the CF7 form after submit when verification is required and smoothly scroll to the on-page notice.

Updated Email subject now includes the site host for clearer context.

Fixed Additional mail headers are sanitized line-by-line to prevent malformed output.

improvement Hardened capability checks and nonces across admin actions and settings pages.

31 Aug 2025
25.8.31

New **Envato-ready** build (CodeCanyon packaging): standardized readme/changelog, verified GPL headers, included POT for translations.

Tweaked Added “Settings” link on the Plugins list for quick access.

Fixed Admin stylesheet loads only on the plugin’s settings page to avoid conflicts.

26 Aug 2025
25.8.26

New **Blocked Domains** management with add/remove UI and front-end enforcement via CF7 email validation filters.

Tweaked Default blocklist now includes the site’s own host to prevent self-address submissions.

Updated “Submission Details” view shows captured fields as key/value pairs.

Fixed Consistent escaping in admin tables and chips UI.

20 Aug 2025
25.8.20

New Hourly cleanup job to prune expired, unverified submissions with a “Pruning Jobs” status card (timestamp, status, records).

Tweaked Interception uses `wpcf7_before_send_mail` with `$abort = true` to hold delivery until verification.

Fixed Scheduled cleanup hook is cleared on deactivation to prevent orphaned events.

15 Aug 2025
25.8.15

New **Timeout (hours)** option controlling verification link validity.

New **Delete data on deactivation** and **delete on uninstall** toggles for clean removals.

Tweaked Default post-submit message clarifies flow, bolds `[your-email]`, and references `[timeout_hours]`.

Updated Registered settings now include sanitize callbacks for all options.

08 Aug 2025
25.8.08

New **Templates** tab—customize verification email (plain text) and post-submit message (HTML) with placeholders (`[your-name]`, `[your-email]`, `[_site_title]`, `[_site_url]`, `[verification_url]`, `[timeout_hours]`).

Tweaked Added color options for the on-page post-submit notice (background/border).

Fixed Internationalized email subjects render correctly.

04 Aug 2025
25.8.04

New Core **Sender Click Authorization** flow—store submission, email verification link, deliver CF7 mail only after verification.

New On-page post-submit notice injected into CF7’s AJAX response and rendered via footer JS (with optional colors).

Fixed Graceful error when no valid email field is found on a form.

23 Jul 2025
25.7.23

New Initial public beta—database table creation, admin menu (Submissions / Settings / Templates), pending-submission listing, and basic logging.

Send Message on Whatsapp!