Does No Spam AI have any unpatched vulnerabilities?

No. All known vulnerabilities in No Spam AI have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is No Spam AI compatible with WordPress 6.8.5?

According to WordPress.org data, No Spam AI 1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is No Spam AI compatible with PHP 7.4+?

No Spam AI requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is No Spam AI updated?

No Spam AI was last updated on May 18, 2025. Frequent updates are generally a positive security signal.

What is No Spam AI's security score?

No Spam AI has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

No Spam AI Security & Risk Analysis

wordpress.org/plugins/no-spam-ai

AI-powered spam filtering for Gravity Forms. Automatically detects and blocks spam submissions using advanced AI algorithms.

10 active installs v1.0 PHP 7.4+ WP 5.0+ Updated May 18, 2025

aianti-spamcontact-formgravity-formsspam

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is No Spam AI Safe to Use in 2026?

Generally Safe

Score 100/100

No Spam AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The static analysis of the "no-spam-ai" plugin v1.0 reveals a strong adherence to secure coding practices. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and complete output escaping are commendable. Furthermore, the plugin demonstrates a minimal attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks.

Despite these strengths, the plugin does present a couple of areas for improvement. The lack of nonce checks and capability checks, while not directly exploitable given the current attack surface, represent a missed opportunity to implement robust access control and would be a significant risk if new entry points were introduced without them. The presence of a single external HTTP request, without further context on its purpose, warrants careful review to ensure it does not introduce vulnerabilities related to data validation or server-side request forgery.

The plugin's vulnerability history is remarkably clean, with no recorded CVEs. This indicates a potentially well-maintained codebase or a lack of past scrutiny. However, the absence of past vulnerabilities should not be interpreted as absolute security; continuous vigilance and updates remain crucial.

Key Concerns

Missing nonce checks
Missing capability checks
External HTTP request without details

Vulnerabilities

None known

No Spam AI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

No Spam AI Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped6 total outputs

Attack Surface

No Spam AI Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

filtergform_entry_is_spamincludes\class-nospamai-addon.php:34

filtergform_addon_navigationincludes\class-nospamai-addon.php:35

actiongform_loadedno-spam-ai.php:21

Maintenance & Trust

No Spam AI Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 18, 2025

PHP min version7.4

Downloads469

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

No Spam AI Alternatives

Essential Form – The lightest plugin for contact forms, ultra lightweight and no spam

essential-form

100

The lightest contact form for WordPress. It's so essential you'll either love it or hate it. Ultra lightweight and no spam.

500 No CVEs

Exact Match Disallowed Comment & Contact Forms

exact-match-disallowed-comment-contact-forms

100

Change the default WordPress comment blocklist functionality to exact match and save entries marked as spam for review.

100 No CVEs

Contact Form Zero

contact-form-zero

100

Add a stupidly simple and lightweight contact form to your website with [contact-form-zero].

30 No CVEs

Never Loose Contact Form

never-loose-contact-form

100

Spam proof contact form that emails you the message and saves it in database.

20 No CVEs

Tectite Forms

tectite-forms

Install a secure anti-spam form. Use our sample forms or easily design your own form.

20 No CVEs

Developer Profile

No Spam AI Developer Profile

nospamai

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect No Spam AI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/no-spam-ai/assets/css/style.css/wp-content/plugins/no-spam-ai/assets/js/script.js

Script Paths

/wp-content/plugins/no-spam-ai/assets/js/script.js

Version Parameters

no-spam-ai/assets/css/style.css?ver=no-spam-ai/assets/js/script.js?ver=

HTML / DOM Fingerprints

FAQ