Does HelpDesk Contact Form have any unpatched vulnerabilities?

No. All known vulnerabilities in HelpDesk Contact Form have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is HelpDesk Contact Form compatible with WordPress 6.9.4?

According to WordPress.org data, HelpDesk Contact Form 1.1.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is HelpDesk Contact Form compatible with PHP 6.1+?

HelpDesk Contact Form requires PHP 6.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is HelpDesk Contact Form updated?

HelpDesk Contact Form was last updated on Unknown. Frequent updates are generally a positive security signal.

What is HelpDesk Contact Form's security score?

HelpDesk Contact Form has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HelpDesk Contact Form Security & Risk Analysis

wordpress.org/plugins/helpdesk-contact-form

Use the WordPress contact form plugin by the HelpDesk ticket system to connect with visitors. Organize and manage messages — all without coding!

30 active installs v1.1.6 PHP 6.1+ WP 4.6+ Updated Unknown

contact-formcontact-pagecustomer-supporthelpdeskticketing-system

A · Safe

CVEs total1

Unpatched0

Last CVEJan 6, 2026

Plugin page Download

Safety Verdict

Is HelpDesk Contact Form Safe to Use in 2026?

Generally Safe

Score 99/100

HelpDesk Contact Form has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 6, 2026

Risk Assessment

The "helpdesk-contact-form" plugin, version 1.1.6, exhibits a generally strong security posture based on the static analysis. The absence of dangerous functions, proper SQL query handling, and a high percentage of properly escaped outputs are commendable. The plugin also demonstrates good practices by including nonce and capability checks, and its limited attack surface (primarily through one shortcode) with no identified unprotected entry points is positive. Taint analysis shows no critical or high-severity unsanitized flows, indicating a lack of immediate code execution or data leakage risks.

Key Concerns

Known medium severity CVE in vulnerability history
Medium CVE is recent, suggesting ongoing issues
One file operation without context

Vulnerabilities

HelpDesk Contact Form Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-13657medium · 4.3Cross-Site Request Forgery (CSRF)

HelpDesk contact form plugin <= 1.1.5 - Cross-Site Request Forgery to Settings Update via handle_query_args

Jan 6, 2026 Patched in 1.1.6 (9d)

Code Analysis

Analyzed Mar 16, 2026

HelpDesk Contact Form Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

49 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped50 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

handle_query_args (includes\class-admin-page.php:63)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

HelpDesk Contact Form Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[helpdesk_contact_form] includes\class-contact-form.php:29

WordPress Hooks 5

actionadmin_menuincludes\class-admin-page.php:39

actionadmin_initincludes\class-admin-page.php:40

actionadmin_enqueue_scriptsincludes\class-admin-page.php:41

actionadmin_initincludes\class-admin-page.php:42

actionactivated_pluginincludes\class-plugin.php:35

Maintenance & Trust

HelpDesk Contact Form Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version6.1

Downloads2K

Community Trust

Rating100/100

Number of ratings4

Active installs30

Alternatives

HelpDesk Contact Form Alternatives

SupportCandy – Helpdesk & Customer Support Ticket System

supportcandy

Enhance your WordPress site with our helpdesk and support ticket system. Manage customer support, tickets, and email tickets efficiently.

10K 16 CVEs

Freshdesk (official)

freshdesk-support

Quickly embed the Freshdesk help widget, convert WordPress comments to tickets and seamlessly log your WordPress users into your support portal.

900 3 CVEs

Hive Support | AI-Powered Help Desk, Live Chat and Chatbot

hive-support

The All-In-One Help Desk, Live Chat & AI Chat Bot Plugin for WordPress.

50 1 unpatched

Paldesk – Live Chat & Helpdesk

paldesk-live-chat-helpdesk

Powerful live chat & helpdesk plugin made for your WordPress website. Convert leads to sales & help customers in real time - it's free!

30 No CVEs

ClientSync Support – AI Powered Customer Support Ticket System

clientsync-support

100

Transform your WordPress site into a professional customer support hub with elegant forms, ticket management, and seamless user experience.

0 No CVEs

Developer Profile

HelpDesk Contact Form Developer Profile

HelpDesk

1 plugin · 30 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

9 days

View full developer profile

Detection Fingerprints

How We Detect HelpDesk Contact Form

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/helpdesk-contact-form/assets/img/icon.svg/wp-content/plugins/helpdesk-contact-form/assets/css/admin-menu.css/wp-content/plugins/helpdesk-contact-form/assets/css/admin-page.css/wp-content/plugins/helpdesk-contact-form/assets/js/admin-page.js/wp-content/plugins/helpdesk-contact-form/assets/img/plug.svg/wp-content/plugins/helpdesk-contact-form/assets/img/check.svg/wp-content/plugins/helpdesk-contact-form/assets/img/logo-full.svg/wp-content/plugins/helpdesk-contact-form/assets/img/edit-icon.svg+1 more

Script Paths

/wp-content/plugins/helpdesk-contact-form/includes/class-plugin.php/wp-content/plugins/helpdesk-contact-form/includes/class-admin-page.php/wp-content/plugins/helpdesk-contact-form/includes/class-contact-form.php/wp-content/plugins/helpdesk-contact-form/includes/class-config.php/wp-content/plugins/helpdesk-contact-form/includes/class-livechat-accounts.php/wp-content/plugins/helpdesk-contact-form/includes/class-helpdesk-api.php

Version Parameters

helpdesk-contact-form/assets/css/admin-menu.css?ver=1.0.0helpdesk-contact-form/assets/css/admin-page.css?ver=1.0.0helpdesk-contact-form/assets/js/admin-page.js?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes

helpdesk_admin_page--contenthd-connectedhd-no-connectionhelpdesk_admin_page--logo-fullhelpdesk_admin_page--flex-row-containerhd-connected-containeradmin-page-boxbox-green+5 more

Data Attributes

sandbox="allow-scripts allow-popups allow-forms allow-same-origin"

FAQ