Does scrap.me have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is scrap.me compatible with WordPress 4.7.33?

According to WordPress.org data, scrap.me 1.3 has been tested up to WordPress 4.7.33. Check the plugin's changelog for the latest compatibility information.

How often is scrap.me updated?

scrap.me was last updated on Jul 22, 2016. Frequent updates are generally a positive security signal.

What is scrap.me's security score?

scrap.me has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

scrap.me Security & Risk Analysis

wordpress.org/plugins/scrapme-advance-contact-form

Get an advance contact form for your site and offer site wide deals with additional tools like Deal Bar, Popups, Inline Popups, Social Bar, Leave inte …

10 active installs v1.3 PHP + WP 3.0.1+ Updated Jul 22, 2016

contact-formdeal-barin-site-deal-managementsocial-barsplash-image

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is scrap.me Safe to Use in 2026?

Generally Safe

Score 85/100

scrap.me has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "scrapme-advance-contact-form" v1.3 plugin exhibits a generally good security posture based on the static analysis. The absence of dangerous functions, raw SQL queries, and external HTTP requests are positive indicators. The plugin also demonstrates good practice by using prepared statements for its SQL queries. However, there are areas for improvement. The presence of a shortcode as the sole entry point without any explicit authorization checks or nonce verifications represents a potential security concern, as it could be triggered by an unauthenticated user. Furthermore, a significant portion of its output (33%) is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is reflected directly into the output without sanitization.

The vulnerability history shows no known CVEs for this plugin, which is a strong positive signal. This indicates a history of responsible development or simply a lack of past exploitation. However, the lack of recorded vulnerabilities does not guarantee future immunity. In conclusion, while the plugin benefits from a clean vulnerability history and secure database practices, the unauthenticated shortcode and unescaped output present specific, actionable risks that should be addressed to further harden its security.

Key Concerns

Shortcode without authorization checks
Unescaped output detected

Vulnerabilities

None known

scrap.me Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

scrap.me Release Timeline

v1.3Current

v1.2

Code Analysis

Analyzed Apr 16, 2026

scrap.me Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped3 total outputs

Attack Surface

scrap.me Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[scrapmelink] scrapme.php:26

WordPress Hooks 3

actionwp_footerscrapme.php:25

actionadmin_menuscrapme.php:39

actionadmin_initscrapme.php:47

Maintenance & Trust

scrap.me Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33

Last updatedJul 22, 2016

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

scrap.me Alternatives

Contact Form 7

contact-form-7

Just another contact form plugin. Simple but flexible.

10.0M 8 CVEs

Akismet Anti-spam: Spam Protection

akismet

The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.

6.0M 2 CVEs

WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More

wpforms-lite

The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.

6.0M 16 CVEs

Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder

fluentform

Get a fast contact form plugin. Create advanced forms using drag and drop form builder with all smart features.

700K 33 CVEs

Database Addon for Contact Form 7 – CFDB7

contact-form-cfdb7

Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.

600K 7 CVEs

Developer Profile

scrap.me Developer Profile

btushar

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect scrap.me

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

https://scrap.me/widget/popup/v1/script.js

HTML / DOM Fingerprints

CSS Classes

scrapme

HTML Comments

SCRAP.ME CODE

Data Attributes

scrapme_redirect_url

JS Globals

apikey

Shortcode Output

<a href="scrapme_popup" scrapme_redirect_url="

FAQ