Does Scooter Contact have any unpatched vulnerabilities?

No. All known vulnerabilities in Scooter Contact have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Scooter Contact compatible with WordPress 6.9.4?

According to WordPress.org data, Scooter Contact 1.7.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Scooter Contact compatible with PHP 7.4.0+?

Scooter Contact requires PHP 7.4.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Scooter Contact updated?

Scooter Contact was last updated on Dec 5, 2025. Frequent updates are generally a positive security signal.

What is Scooter Contact's security score?

Scooter Contact has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Scooter Contact Security & Risk Analysis

wordpress.org/plugins/scootercontact

Plugin ULTRA Léger permettant d'afficher un formulaire de contact simple et sécurisé via un shortcode.

80 active installs v1.7.0 PHP 7.4.0+ WP 6.0+ Updated Dec 5, 2025

contactcontact-formlight

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Scooter Contact Safe to Use in 2026?

Generally Safe

Score 100/100

Scooter Contact has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The scootercontact v1.7.0 plugin exhibits a mixed security posture. On the positive side, it avoids dangerous functions, has no known historical vulnerabilities, and its SQL queries are properly prepared. However, there are significant concerns regarding its attack surface and output handling. The presence of an unprotected AJAX handler represents a critical entry point that could be exploited without proper authentication. Furthermore, a very low percentage of output escaping indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or dynamically generated content is likely being rendered directly into the HTML without adequate sanitization. The lack of nonce checks on the AJAX handler exacerbates this risk.

While the absence of known CVEs and critical taint flows is reassuring, the identified issues in the static analysis cannot be ignored. The unprotected AJAX handler and poor output escaping are common vectors for attacks. The plugin's strengths lie in its database interaction security and lack of historical baggage, but its weaknesses in input validation (implied by unescaped output) and access control for its AJAX endpoint present a notable risk. Therefore, while not critically flawed in all areas, the plugin requires immediate attention to secure its AJAX endpoint and improve output sanitization to mitigate potential XSS and unauthorized action vulnerabilities.

Key Concerns

Unprotected AJAX handler
Low percentage of output escaping
Missing nonce check on AJAX handler

Vulnerabilities

None known

Scooter Contact Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Scooter Contact Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

6% escaped17 total outputs

Attack Surface

1 unprotected

Scooter Contact Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_test_send_emailscooter2talk.php:447

Shortcodes 1

[scootercontact] scooter2talk.php:343

WordPress Hooks 8

actionwp_footerscooter2talk.php:352

actionadmin_initscooter2talk.php:360

actionadmin_menuscooter2talk.php:365

actionadmin_enqueue_scriptsscooter2talk.php:389

filtermce_external_pluginsscooter2talk.php:400

filtermce_buttonsscooter2talk.php:401

actionadmin_initscooter2talk.php:409

actioninitscooter2talk.php:441

Maintenance & Trust

Scooter Contact Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 5, 2025

PHP min version7.4.0

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs80

Alternatives

Scooter Contact Alternatives

Essential Form – The lightest plugin for contact forms, ultra lightweight and no spam

essential-form

100

The lightest contact form for WordPress. It's so essential you'll either love it or hate it. Ultra lightweight and no spam.

500 No CVEs

Lightbox for Contact Form 7

lightbox-for-contact-form-7

Shows Contact Form 7 in a fancy lightbox.

100 No CVEs

Lightweight Contact Form

lightweight-contact-form

The most lightweight Contact Form plugin for WordPress. No CSS files, no overhead, no SPAM. The goal is fastest page speed.

100 No CVEs

Bitcoin Payment for Contact Form 7

coinsnap-for-contact-form-7

100

With this Bitcoin payment plugin for Contact Form 7 you can now offer products, downloads, bookings or get donations in Bitcoin right in your forms!

0 No CVEs

Zontact – Lightweight Floating Contact Button

zontact

100

A simple floating contact button for WordPress fast, accessible, and clutter-free.

0 No CVEs

Developer Profile

Scooter Contact Developer Profile

Kapsule Corp

7 plugins · 200 total installs

100

trust score

Avg Security Score

100/100

Avg Patch Time

2 days

View full developer profile

Detection Fingerprints

How We Detect Scooter Contact

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/scootercontact/scooter2talk.css

HTML / DOM Fingerprints

CSS Classes

fade-in

Data Attributes

placeholderautocomplete

JS Globals

myscooterform

Shortcode Output

<form method="POST" id="myscooterform">

FAQ