Contact Form by tech-c.net Security & Risk Analysis
wordpress.org/plugins/contact-form-by-tech-c-netPlugin that shows a contact form by shortcode.
Is Contact Form by tech-c.net Safe to Use in 2026?
Generally Safe
Score 100/100Contact Form by tech-c.net has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "contact-form-by-tech-c-net" version 2.0.1 presents a mixed security posture. On the positive side, it boasts no known vulnerabilities in its history and utilizes prepared statements for all SQL queries, indicating good database interaction practices. The attack surface appears minimal with no unprotected entry points identified in the static analysis. However, significant concerns arise from the code analysis. A low percentage of output escaping (40%) suggests a high likelihood of cross-site scripting (XSS) vulnerabilities, as untrusted data might be directly rendered to the user's browser. Furthermore, the taint analysis reveals two flows with unsanitized paths, which, while not classified as critical or high severity in this report, still represent potential risks for data manipulation or injection if exploited. The absence of nonce checks and capability checks on potential entry points is also a notable weakness that could be leveraged by attackers to perform unauthorized actions.
Key Concerns
- Unsanitized paths in taint flows
- Low percentage of properly escaped output
- Missing nonce checks
- Missing capability checks
Contact Form by tech-c.net Security Vulnerabilities
Contact Form by tech-c.net Code Analysis
Output Escaping
Data Flow Analysis
Contact Form by tech-c.net Attack Surface
Shortcodes 1
WordPress Hooks 5
Maintenance & Trust
Contact Form by tech-c.net Maintenance & Trust
Maintenance Signals
Community Trust
Contact Form by tech-c.net Alternatives
ReCaptcha v2 for Contact Form 7
wpcf7-recaptcha
Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1
Contact Form 7 Captcha
contact-form-7-simple-recaptcha
Protect your Contact Form 7 forms with Google reCAPTCHA V2, Google reCAPTCHA V3, hCAPTCHA, or Cloudflare Turnstile.
Invisible reCaptcha for WordPress
invisible-recaptcha
Invisible reCaptcha for WordPress plugin helps you to protect your sites against bad spam bots using the new Invisible reCaptcha by Google.
Friendly Captcha for WordPress
friendly-captcha
Friendly Captcha is a privacy-first anti-bot solution that protects WordPress website forms from spam and abuse.
Business Essentials for Contact Form 7
cf7-redirect-thank-you-page
Business Essentials for Contact Form 7
Contact Form by tech-c.net Developer Profile
2 plugins · 40 total installs
How We Detect Contact Form by tech-c.net
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/contact-form-by-tech-c-net/tc-contact-form.csscontact-form-by-tech-c-net/tc-contact-form.css?ver=HTML / DOM Fingerprints
cf_formcf_tblcf_rowcf_cell_lcf_cell_rcf_labeldivcf_inputdivcf_input+3 moreid="id_salutation"name="salutation"id="id_thename"name="thename"id="id_email"name="email"+2 more<form class="cf_form"<div class="cf_tbl"<div class="cf_row"<div class="cf_cell_l"