Does flodjiContacts have any unpatched vulnerabilities?

No. All known vulnerabilities in flodjiContacts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is flodjiContacts compatible with WordPress 3.9.40?

According to WordPress.org data, flodjiContacts 1.9 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is flodjiContacts updated?

flodjiContacts was last updated on Jun 6, 2014. Frequent updates are generally a positive security signal.

What is flodjiContacts's security score?

flodjiContacts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

flodjiContacts Security & Risk Analysis

wordpress.org/plugins/flodjicontacts-lite

So wirds benutzt: <code>[contact-box]</code> Dazu gibt es dann unter jedem Artikel eine Metabox über die die Contact Box befüllt wird.

10 active installs v1.9 PHP + WP 3.3+ Updated Jun 6, 2014

contactsgoogle-mapsmetaboxrich-snippetsshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is flodjiContacts Safe to Use in 2026?

Generally Safe

Score 85/100

flodjiContacts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The flodjicontacts-lite plugin v1.9 exhibits a generally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, cron events, and external HTTP requests significantly limits its attack surface. Furthermore, the code demonstrates good practices by using prepared statements for all SQL queries and incorporating nonce and capability checks where applicable.

However, a notable concern arises from the output escaping. With 54% of outputs properly escaped, there's a risk of cross-site scripting (XSS) vulnerabilities. This means that user-supplied data, if not handled carefully by the remaining 46% of outputs, could be injected into the page and executed by a user's browser.

The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the limited attack surface and good coding practices in critical areas like SQL, suggests a well-maintained plugin. The primary weakness lies in the incomplete output escaping, which warrants attention despite the otherwise positive security findings.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

flodjiContacts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

flodjiContacts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

37 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

54% escaped68 total outputs

Attack Surface

flodjiContacts Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[contact-box] flodjicontacts_lite.php:382

WordPress Hooks 3

actionadd_meta_boxesflodjicontacts_lite.php:35

actionsave_postflodjicontacts_lite.php:232

actionadmin_menuflodjicontacts_lite.php:385

Maintenance & Trust

flodjiContacts Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJun 6, 2014

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

flodjiContacts Alternatives

Simple Map

simple-map

Easy way to embed google map(s).

10K No CVEs

Simple Shortcode for Google Maps

simple-google-maps-short-code

A simple shortcode for embedding Google Maps in any WordPress post, page or widget.

4K 1 CVE

WebMan Amplifier

webman-amplifier

Amplifies functionality of WP themes. Provides custom post types, shortcodes, metaboxes, icons. Theme developer's best friend!

2K 1 CVE

Flexia Core

flexia-core

Core plugin for Flexia theme. Controls all the plugin territory functionality for Flexia.

200 No CVEs

Meta Content

flodjiContacts Developer Profile

Florian Leyrer

5 plugins · 50 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect flodjiContacts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

flodjicontacts

Data Attributes

name="_flodjicontactsbox_firma_name"id="firma_name"name="_flodjicontactsbox_firma_adr"id="firma_adr"name="_flodjicontactsbox_firma_plzort"id="firma_plzort"+34 more

Shortcode Output

[contact-box]

FAQ