Clio Grow Form Security & Risk Analysis
wordpress.org/plugins/clio-grow-formThe Clio Grow Wordpress plugin enables law firms who use Clio Grow to automatically capture leads from their website or blog into the Clio Grow CRM.
Is Clio Grow Form Safe to Use in 2026?
Generally Safe
Score 98/100Clio Grow Form has a strong security track record. Known vulnerabilities have been patched promptly.
The clio-grow-form plugin v1.0.4 exhibits a generally good static security posture with no identified critical or high severity taint flows and all SQL queries utilizing prepared statements. The plugin also demonstrates good output escaping practices, with all 107 outputs properly escaped. The presence of 3 known medium severity vulnerabilities, specifically Cross-site Scripting (XSS), in its history is a significant concern, even though none are currently unpatched in this version. The last reported vulnerability was quite recent, suggesting ongoing security issues. While the code analysis shows a small attack surface and good use of nonces, the historical pattern of XSS vulnerabilities, coupled with the lack of capability checks on any entry points, warrants caution. A key weakness is the absence of capability checks on any entry points, meaning that potentially sensitive actions could be triggered by users without the necessary permissions. This, combined with the historical XSS issues, means that while the immediate code analysis is promising, the plugin's past indicates a propensity for certain types of vulnerabilities.
Key Concerns
- Multiple medium XSS vulnerabilities historically
- No capability checks on entry points
- Recent vulnerability reported (2024-10-15)
Clio Grow Form Security Vulnerabilities
CVEs by Year
Severity Breakdown
3 total CVEs
Clio Grow <= 1.0.2 - Reflected Cross-Site Scripting
Clio Grow <= 1.0.2 - Reflected Cross-Site Scripting
Clio Grow <= 1.0.0 - Authenticated (Admin+) Stored Cross Site Scripting
Clio Grow Form Code Analysis
Output Escaping
Data Flow Analysis
Clio Grow Form Attack Surface
Shortcodes 1
WordPress Hooks 9
Maintenance & Trust
Clio Grow Form Maintenance & Trust
Maintenance Signals
Community Trust
Clio Grow Form Alternatives
WP Lawyer
wp-lawyer
WP-Lawyer is a custom WordPress plugin for Lawyers and Law Firms which use WordPress.
WCC CF7 to Clio
wcc-cf7-to-clio
Send Contact Form 7 Plugin Submissions to Clio.
Contact Form 7
contact-form-7
Just another contact form plugin. Simple but flexible.
Akismet Anti-spam: Spam Protection
akismet
The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.
WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More
wpforms-lite
The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.
Clio Grow Form Developer Profile
1 plugin · 1K total installs
How We Detect Clio Grow Form
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/clio-grow-form/assets/css/admin.css/wp-content/plugins/clio-grow-form/assets/css/form.css/wp-content/plugins/clio-grow-form/assets/js/admin.js/wp-content/plugins/clio-grow-form/assets/js/form.js/wp-content/plugins/clio-grow-form/assets/js/settings.js/wp-content/plugins/clio-grow-form/assets/js/admin.js/wp-content/plugins/clio-grow-form/assets/js/form.js/wp-content/plugins/clio-grow-form/assets/js/settings.js/wp-content/plugins/clio-grow-form/assets/css/admin.css?ver=/wp-content/plugins/clio-grow-form/assets/css/form.css?ver=/wp-content/plugins/clio-grow-form/assets/js/admin.js?ver=/wp-content/plugins/clio-grow-form/assets/js/form.js?ver=/wp-content/plugins/clio-grow-form/assets/js/settings.js?ver=HTML / DOM Fingerprints
clio-grow-form-wrapclio-grow-form-container<!-- Clio Grow Form Settings --><!-- End Clio Grow Form Settings --><!-- Clio Grow Form --><!-- End Clio Grow Form -->data-clio-grow-form-idgrow_form_params[grow_form]