Description
ZEJ Forms is an honest, complete forms plugin for WordPress. Build a form visually, store every submission in your dashboard, and set up reliable email with guided SMTP and real deliverability checks – without paywalling the parts that actually matter.
It is built to be calm and predictable: the free plugin does the whole job of a contact or lead form, and it never sends a “valid submission” into the void just because an email failed.
Build forms visually
- Drag-free visual builder with a live canvas preview, plus Build, Design, and Settings modes.
- Field types: text, email, phone, textarea, select, radio, checkbox, consent, number, URL, date, time, and file upload.
- Per-field label, key, placeholder, required toggle, and choice options.
- Starter templates for Contact, Quote, Newsletter, and Support.
- Gutenberg block,
[zejfo_form id="1"]shortcode, and azejfo_render_form( 1 )template tag.
Never lose a lead
- Every submission can be stored in WordPress as a private entry – searchable, filterable, and exportable to CSV.
- Submissions are saved before the notification email is attempted, so a mail outage can never discard a real lead.
- If a notification email fails, the stored lead is flagged in the dashboard so you still see it.
- Read / unread / spam status, starring, internal notes, and bulk actions.
Smart fields
- Conditional visibility rules to show or hide fields based on other answers.
- Dynamic labels, placeholders, and required-state dependencies.
- Optional multi-step layout using per-field step numbers.
- Prefill from URL parameters, page context, post meta, or the logged-in user.
Honest email and deliverability
- Scoped SMTP that applies to ZEJ Forms email only – it never changes how the rest of WordPress sends mail.
- Provider presets for Gmail / Google Workspace, Brevo, SendGrid, Mailgun, and Postmark, plus custom SMTP.
- A branded From name and address, with the SMTP password encrypted at rest or supplied via the
ZEJFO_SMTP_PASSWORDconstant. - A deliverability check for From alignment, transport, SPF, and DMARC, and a test send that reports the real failure reason instead of a generic error.
- Optional confirmation email to the person who submitted the form, with HTML templates you can override from your theme.
ZEJ Forms gives you guided setup, test sending, and deliverability checks. No plugin can guarantee inbox placement – that depends on your domain, DNS, and sending reputation – so ZEJ Forms focuses on getting your configuration right and telling you the truth when something is wrong.
Spam protection
- Honeypot field and a signed form-start timing check.
- Configurable minimum submit time and maximum link count.
- Per-IP rate limiting.
- Optional Akismet integration.
Integrations
- Send submissions to a named webhook destination after a successful submission.
- Presets for Zapier, Make, n8n, Pabbly Connect, HighLevel, Google Sheets (Apps Script), HubSpot, and Kit.
- Field mapping, custom headers, HMAC-signed payloads, and test payloads.
Styling
- Optional frontend stylesheet driven by
--zej-custom properties. - Nine presets plus per-form controls for layout, spacing, radius, button width and alignment, and colors.
- A Design canvas that previews your form as you adjust it.
Privacy
- A personal-data exporter and eraser, integrated with WordPress’ core privacy tools.
- Suggested privacy-policy text.
- Optional IP anonymization (
add_filter( 'zejfo_anonymize_ip', '__return_true' );). - A clean uninstall that removes the plugin’s options, forms, and stored submissions.
External Services
ZEJ Forms does not send form submissions to any external anti-spam or webhook service unless the site administrator explicitly enables and configures that feature.
Akismet
When the Akismet spam provider is enabled for a form, ZEJ Forms sends the submitted form data to Akismet to check whether the submission appears to be spam. The request may include the submitted field values, the submitter IP address, user agent, referrer, current page URL, site URL, form title, and the configured Akismet API key. This request is sent only when a visitor submits a form where Akismet protection is enabled.
Service provider: Akismet, an Automattic service.
Privacy policy: https://akismet.com/privacy/
Terms of service: https://akismet.com/tos/
Webhooks
When webhooks are enabled for a form, ZEJ Forms sends a JSON payload to the webhook URL configured by the site administrator. The payload may include mapped submission fields, submission metadata, form title, page URL, site URL, destination name, preset name, custom headers, and an optional HMAC signature. This request is sent only after a successful submission on a form where webhook delivery is enabled, or when an administrator sends a test payload from the form editor.
Webhook destinations are chosen by the site administrator and may include services such as Zapier, Make, n8n, Pabbly Connect, HighLevel, Google Sheets Apps Script, HubSpot, Kit, or a custom URL. The destination service’s privacy policy and terms depend on the URL configured by the site administrator.
Screenshots
The visual form builder with the live canvas preview and field inspector. 
The stored submissions dashboard with status, starring, search, and CSV export. 
The Email and Deliverability screen with SMTP presets and the deliverability check. 
Conditional logic and field behavior controls. 
A styled form on the frontend.
Blocks
This plugin provides 1 block.
- ZEJ Form
Installation
- Upload the
zej-formsfolder to/wp-content/plugins/, or install the plugin through the Plugins > Add New screen. - Activate the plugin through the Plugins screen in WordPress.
- Open ZEJ Forms in the admin menu. A starter “Project Inquiry” form is created automatically.
- Add the form to a page with the ZEJ Form block, the
[zejfo_form id="..."]shortcode, orzejfo_render_form( $id )in a template. - Visit ZEJ Forms > Email to set a branded From address, optionally configure SMTP, and run the deliverability check.
FAQ
-
Does ZEJ Forms guarantee my emails reach the inbox?
-
No – and be cautious of any plugin that claims it does. Inbox placement depends on your domain, DNS (SPF/DMARC), and sending reputation. ZEJ Forms gives you guided SMTP setup, a deliverability check, and a test send that reports the real error, so you can fix problems instead of guessing.
-
Are submissions saved even if the email fails?
-
Yes, when submission storage is enabled. The submission is stored before the notification email is attempted, and a failed notification is flagged on the saved entry. You will not lose a lead because of a mail problem.
-
Does SMTP affect the rest of my site’s email?
-
No. ZEJ Forms’ SMTP and custom From settings apply only to email that ZEJ Forms sends. WordPress core and other plugins continue to send mail exactly as before.
-
Will it work with my theme?
-
Yes. Forms render with semantic markup and minimal CSS. You can enable the optional stylesheet and presets, or style everything yourself using the
.zej-formand#zej-form-{id}selectors. -
Can visitors upload files?
-
Yes. Enable uploads per form and set a size limit and an allowed-extension list. Uploads are validated by extension and MIME type through WordPress’ own upload handling.
-
How do I handle data export and deletion requests?
-
ZEJ Forms integrates with the WordPress privacy tools under Tools > Export Personal Data and Tools > Erase Personal Data, matching stored submissions by the submitter’s email address.
-
Is there a Pro version?
-
The free plugin is designed to be complete for everyday contact and lead forms. Any future Pro features will ship as a separate add-on; the free plugin will not be crippled to push an upgrade.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“ZEJ Forms” is open source software. The following people have contributed to this plugin.
Contributors
Translate “ZEJ Forms” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
0.4.2
- WordPress.org review: replaced the short pre-review code prefix with the canonical
zejfo_/ZEJFO_prefix across PHP functions, constants, options, meta keys, AJAX actions, hooks, shortcode, custom post types, script handles, and JavaScript globals. - Migration: existing local/test form and submission data is migrated from the old prefix to the canonical prefix without deleting legacy data.
- Quality: added JavaScript file documentation headers and normalized frontend asset line endings for PHPCS/WPCS compliance.
0.4.1
- WordPress.org compliance hardening: nonce verification, input sanitization, and output escaping across all forms, handlers, and settings.
- Privacy: complete personal-data exporter and eraser integration, privacy-policy content, and opt-in IP anonymization.
- External services disclosure: explicit documentation of Akismet and webhook integrations with privacy policies and terms of service links.
- Security: SMTP password encryption, encrypted-at-rest storage, and optional environment-variable configuration via ZEJFO_SMTP_PASSWORD constant.
- Code quality: comprehensive PHPCS/WPCS cleanup across all 20 production PHP files (WordPress, Extra, Core, Docs standards).
- Documentation: complete PHPDoc on every function with @since 0.4.0, @param, and @return annotations.
- No functional changes; 0.4.1 is a pure compliance and documentation polish for WordPress.org readiness.
0.4.0
- Visual builder with a direct-manipulation canvas: per-field toolbar (move, duplicate, delete) and between-field inserters.
- Stronger canvas empty state and starter templates with intent copy and field previews.
- Email and Deliverability: scoped SMTP, provider presets, encrypted password storage, deliverability check, and a test send that reports the real error.
- Submissions are stored before the notification email is attempted, so a delivery failure never loses a lead; undelivered notifications are flagged on the entry.
- Privacy: personal-data exporter and eraser, suggested privacy-policy content, and opt-in IP anonymization.
- Hardened CSV export against spreadsheet formula injection.
- Added a clean uninstall routine.