Does Footer Contacts D have any unpatched vulnerabilities?

Yes — Footer Contacts D currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Footer Contacts D compatible with WordPress 6.7.5?

According to WordPress.org data, Footer Contacts D 1.8.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Footer Contacts D compatible with PHP 5.6+?

Footer Contacts D requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Footer Contacts D updated?

Footer Contacts D was last updated on Dec 20, 2025. Frequent updates are generally a positive security signal.

What is Footer Contacts D's security score?

Footer Contacts D has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Footer Contacts D Security & Risk Analysis

wordpress.org/plugins/dn-footer-contacts

Elegant and customizable buttons bar with "Call to Action" for Whatsapp, map address, phone, email, download and custom button.

200 active installs v1.8.1 PHP 5.6+ WP 5.0+ Updated Dec 20, 2025

call-to-actioncontact-buttonfixed-barfloat-buttonsresponsive-bar

B · Generally Safe

CVEs total2

Unpatched1

Last CVEApr 1, 2025

Download

Safety Verdict

Is Footer Contacts D Safe to Use in 2026?

Mostly Safe

Score 78/100

Footer Contacts D is generally safe to use. 2 past CVEs were resolved. Keep it updated.

2 known CVEs 1 unpatched Last CVE: Apr 1, 2025Updated 3mo ago

Risk Assessment

The "dn-footer-contacts" plugin v1.8.1 exhibits a mixed security posture. While it demonstrates good practices in areas like SQL query preparation and output escaping, significant concerns arise from its attack surface and vulnerability history. The presence of three AJAX handlers, all lacking authentication checks, presents a considerable risk for unauthorized actions. Taint analysis showing no flows is a positive sign, indicating no immediately obvious code injection vulnerabilities in this specific analysis. However, the plugin's history of two known CVEs, one of which is currently unpatched, is a major red flag. The common vulnerability types (CSRF and XSS) found in its history suggest a pattern of input validation and state management weaknesses. The existence of an unpatched medium severity vulnerability is particularly worrying, leaving users exposed to known exploits. While the plugin's handling of SQL and output escaping is commendable, the unprotected entry points and historical vulnerabilities significantly elevate the overall risk.

Key Concerns

Unpatched CVE
Unprotected AJAX handlers (3)
Medium severity vulnerabilities in history (2)
Large attack surface without authentication
Vulnerabilities often related to input validation/state management

Vulnerabilities

Footer Contacts D Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-31839medium · 4.3Cross-Site Request Forgery (CSRF)

DN Footer Contacts <= 1.8 - Cross-Site Request Forgery

Apr 1, 2025Unpatched

CVE-2024-3410medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DN Footer Contacts <= 1.6.2 - Authenticated (Admin+) Stored Cross-Site Scripting

Jun 18, 2024 Patched in 1.6.3 (14d)

Code Analysis

Analyzed Mar 16, 2026

Footer Contacts D Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

254 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

92% escaped276 total outputs

Attack Surface

3 unprotected

Footer Contacts D Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 3

authwp_ajax_dn_footer_contacts_call_to_actiondn-footer-contacts.php:30

noprivwp_ajax_dn_footer_contacts_call_to_actiondn-footer-contacts.php:31

authwp_ajax_dn_footer_contacts_item_ajax_manageincludes\admin-ajax.php:2

WordPress Hooks 9

actiondn_footerdn-footer-contacts.php:26

actionwp_footerdn-footer-contacts.php:27

actionwp_enqueue_scriptsdn-footer-contacts.php:28

actiondn_footer_contacts_manage_main_footincludes\admin-contacts.php:306

actionadmin_noticesincludes\admin-notify.php:23

actionadmin_initincludes\admin-notify.php:45

actionadmin_menuincludes\admin.php:10

actionadmin_enqueue_scriptsincludes\admin.php:21

actionadmin_initincludes\admin.php:33

Maintenance & Trust

Footer Contacts D Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 20, 2025

PHP min version5.6

Downloads8K

Community Trust

Rating100/100

Number of ratings2

Active installs200

Alternatives

Footer Contacts D Alternatives

Sticky Floating Button (Book Now, Contact, Call To Action…)

sticky-button

The button can be centered at the bottom of the page or placed on the left/right sides. Display the button on the entire website or on specific pages.

900 No CVEs