OweBest Contact Form Security & Risk Analysis
wordpress.org/plugins/ob-contact-formOweBest Contact form is a simple contact form which works out of the box. Use shortcode on posts or pages to generate OweBest Contact Form.
Is OweBest Contact Form Safe to Use in 2026?
Generally Safe
Score 100/100OweBest Contact Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "ob-contact-form" v1.0 exhibits a mixed security posture. On the positive side, it has no known vulnerabilities (CVEs) and utilizes prepared statements for all its SQL queries, which is a significant strength. The absence of dangerous functions, file operations, and external HTTP requests also contributes to a generally safer codebase. However, there are notable concerns that detract from its overall security. The presence of two AJAX handlers without authentication checks creates a considerable attack surface, as these can be triggered by unauthenticated users. Furthermore, the code analysis indicates that only 52% of output is properly escaped, suggesting a potential for cross-site scripting (XSS) vulnerabilities in the remaining unescaped outputs. The taint analysis revealed one flow with an unsanitized path, which, while not categorized as critical or high, still represents a potential entry point for malicious input. The single nonce check and zero capability checks on entry points further highlight areas where security mechanisms are lacking.
Key Concerns
- AJAX handlers without auth checks
- Low output escaping percentage
- Unsanitized path in taint flow
- Zero capability checks on entry points
OweBest Contact Form Security Vulnerabilities
OweBest Contact Form Code Analysis
Output Escaping
Data Flow Analysis
OweBest Contact Form Attack Surface
AJAX Handlers 2
Shortcodes 1
WordPress Hooks 2
Maintenance & Trust
OweBest Contact Form Maintenance & Trust
Maintenance Signals
Community Trust
OweBest Contact Form Alternatives
OB Contact Form to DB
ob-contact-form-to-db
OB Contact form to DB is an addon to OB Contact Form plugin, to stor all submitted entries into database and show them in back-end.
Email Customizer for Contact Form 7
email-customizer-for-contact-form-7
Allows customizing the email design from Contact Form 7 with layouts, colors, images, and logos to match your brand's style.
AKM Feedback Form
akm-feedback-form
Just insert the [AKMFORM] shortcode in pages of your WordPress site to display a simple and easy to use Feedback form.
ALIDANI Contact forms
alidani-contact-form
Contact form with visual form builder. Contact form that sends the data to email, to a database list and easy to update the content.
Contact Form by ContactMetrics
contact-form-by-contactmetrics
This plugin allows you to create a simple, elegant, contact form in minutes.
OweBest Contact Form Developer Profile
2 plugins · 20 total installs
How We Detect OweBest Contact Form
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/ob-contact-form/style.cssob-contact-form/style.css?ver=HTML / DOM Fingerprints
obcf_first_name_inputobcf_last_name_inputobcf_tel_inputobcf_email_inputobcf_submit_inputname="obcf_name"id="obcf_name"name="obcf_lastname"id="obcf_lastname"name="obcf_phone"id="obcf_phone"+13 moreob_squeeze_formajaxurlsuccess_messageerror_message[obcf_contact_form]