Does Easy Simple Contact Form have any unpatched vulnerabilities?

No. All known vulnerabilities in Easy Simple Contact Form have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Simple Contact Form compatible with WordPress 4.7.32?

According to WordPress.org data, Easy Simple Contact Form 1.0 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is Easy Simple Contact Form updated?

Easy Simple Contact Form was last updated on Feb 25, 2017. Frequent updates are generally a positive security signal.

What is Easy Simple Contact Form's security score?

Easy Simple Contact Form has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Simple Contact Form Security & Risk Analysis

wordpress.org/plugins/easy-simple-contact-form

This is a very simple contact form with form validation. Use shortcode to display form on page or use the widget to dispaly contact form in sidebar.

10 active installs v1.0 PHP + WP 3.7+ Updated Feb 25, 2017

contact-formemail-formresponsive-contact-form

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Easy Simple Contact Form Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Simple Contact Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "easy-simple-contact-form" plugin v1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, external HTTP requests, and critical or high-severity taint flows are all positive indicators. The high percentage of properly escaped output further suggests good development practices for preventing cross-site scripting vulnerabilities. The lack of any recorded vulnerabilities in its history is also a very positive sign. However, a significant concern arises from the absence of any nonce checks or capability checks. While the current analysis indicates zero unprotected entry points, this absence of authorization mechanisms for its two shortcodes represents a potential weakness. If the functionality behind these shortcodes were to become accessible without proper authentication or authorization in future versions or through a complex interaction, it could expose the site to risks. This plugin appears to be developed with security in mind, but the lack of explicit authorization checks is a notable oversight that warrants attention.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Easy Simple Contact Form Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Easy Simple Contact Form Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

56 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

88% escaped64 total outputs

Attack Surface

Easy Simple Contact Form Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[contact] cform-form.php:179

[contact-widget] cform-widget-form.php:177

WordPress Hooks 2

actionwp_enqueue_scriptsindex.php:24

actionwidgets_initindex.php:31

Maintenance & Trust

Easy Simple Contact Form Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedFeb 25, 2017

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Easy Simple Contact Form Alternatives

HTML Forms – Simple WordPress Forms Plugin

html-forms

A simpler, faster, and smarter WordPress forms plugin.

10K 9 CVEs

WPZOOM Forms – Drag & Drop Contact Form Builder for WordPress

wpzoom-forms

100

Drag & drop contact form builder for WordPress. Create contact forms, custom forms, email forms with spam protection. Works with Elementor, shortcodes

10K No CVEs

Contact Form Widget

new-contact-form-widget

Create contact forms with query table management. Simple setup, secure submissions, and easy customization for your site.

1K 1 unpatched

Quick Contact Form

quick-contact-form

An easy to set up, plug and play contact form with a huge range of options and styles. A beginner friendly WordPress contact form plugin.

1K 7 CVEs

modeloform

Este plugin construye un formulario de correo electrónico con los campos habituales, listo para usar. Dirige los mensajes al mail de administración de …

300 No CVEs

Developer Profile

Easy Simple Contact Form Developer Profile

Dial a Door

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Easy Simple Contact Form

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-simple-contact-form/css/main-style.css

Version Parameters

easy-simple-contact-form/css/main-style.css?ver=

HTML / DOM Fingerprints

CSS Classes

vscfvscf-infoerrorhide

Data Attributes

id="vscf"name="cform_name"id="cform_name"name="cform_email"id="cform_email"name="cform_subject"+6 more

JS Globals

$_SESSION['cform-rand']$_SESSION['cform-rand'] =

Shortcode Output

<form class="vscf" id="vscf" method="post"><label for="cform_name"><span class="error

FAQ