Plugin inspection:

Fast Secure Contact Form

No issues found

Last revised:

Confidence: Medium
This plugin has been given a short, targeted code review.

We didn't find anything worrying in this plugin. It's probably safe. Read more about this recommendation.


Uses a hard-coded path (it assumes its directory will be called “si-contact-form”). Creates a directory within the plugin’s directory rather than using wp-content/uploads, which could cause issues in hardened environments where write access is only allowed in the uploads directory. Writes .htaccess files to prevent access to that directory via the Web, which will not be respected by servers other than Apache and by Apache installations which disable .htaccess files.

Failure criteria

  • Very large codebase

Read more about our failure criteria.