WP-Safety

Forget Spam Comment Security & Risk Analysis

wordpress.org/plugins/forget-spam-comment

The ultimate solution to stop spam comments in the default commenting system of WordPress

9K active installs v1.1.9 PHP 5.6+ WP 4.5+ Updated Jun 7, 2025
anti-spamfirewallgdprsecuritystop-spam
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Forget Spam Comment Safe to Use in 2026?

Generally Safe

Score 100/100

Forget Spam Comment has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The "forget-spam-comment" v1.1.9 plugin exhibits a seemingly strong security posture based on the provided static analysis. It reports zero entry points, a complete absence of dangerous functions, and all SQL queries utilizing prepared statements, which are excellent practices. Furthermore, the lack of known vulnerabilities in its history suggests a well-maintained and secure plugin. However, a significant concern arises from the output escaping analysis, where 100% of outputs are not properly escaped. This could lead to cross-site scripting (XSS) vulnerabilities if any user-supplied data is displayed without sanitization, allowing attackers to inject malicious scripts into the website. The taint analysis showing zero flows is positive, but the lack of output escaping remains a critical oversight.

Key Concerns

  • 100% of outputs are not properly escaped
Vulnerabilities
None known

Forget Spam Comment Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Forget Spam Comment Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped1 total outputs
Attack Surface

Forget Spam Comment Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
actionadmin_noticesforget-spam-comment.php:29
filtercomment_form_defaultsforget-spam-comment.php:65
actionwp_footerforget-spam-comment.php:83
Maintenance & Trust

Forget Spam Comment Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 7, 2025
PHP min version5.6
Downloads75K

Community Trust

Rating100/100
Number of ratings46
Active installs9K
Alternatives

Forget Spam Comment Alternatives

BotBlocker Security – Firewall & Bot Protection

BotBlocker Security – Firewall & Bot Protection

botblocker-security

A
100

Protect your WordPress site: firewall, bot & brute-force protection, anti-spam, multi-layer CAPTCHA, optional cloud threat intel.

2K No CVEs
Limit Login Attempts (Spam Protection)

Limit Login Attempts (Spam Protection)

wp-limit-failed-login-attempts

A
92

Limit rate of login attempts, including by way of cookies, for each IP. Fully customizable.

200 5 CVEs
CIDRAM

CIDRAM

cidram

A
100

CIDRAM: A PHP-level CIDR/IP-based firewall solution.

20 No CVEs
SpamShieldX

SpamShieldX

automatic-break-iframes

A
100

SpamShieldX is the ultimate solution for protecting your WordPress website from spam and iframe abuse. Our plugin blocks malicious iframes and prevent …

10 No CVEs
AbyssGuard

AbyssGuard

abyssguard

A
100

WordPress security plugin protecting from vulnerabilities, zero-day attacks, harvesters, spam, and hacking attempts.

0 No CVEs
Developer Profile

Forget Spam Comment Developer Profile

Gulshan Kumar

3 plugins · 9K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Forget Spam Comment

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes
updatednoticeis-dismissible
JS Globals
commentForm
FAQ

Frequently Asked Questions about Forget Spam Comment