Does Drip for Gravity Forms have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Drip for Gravity Forms compatible with WordPress 6.8.5?

According to WordPress.org data, Drip for Gravity Forms 2.1.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Drip for Gravity Forms updated?

Drip for Gravity Forms was last updated on Nov 11, 2025. Frequent updates are generally a positive security signal.

What is Drip for Gravity Forms's security score?

Drip for Gravity Forms has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Drip for Gravity Forms Security & Risk Analysis

wordpress.org/plugins/drip-gravity-forms

Integrates Gravity Forms with personalized Email Marketing tool Drip.

500 active installs v2.1.2 PHP + WP 3.0.1+ Updated Nov 11, 2025

dripemailgetdripgravity-formsgravityforms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Drip for Gravity Forms Safe to Use in 2026?

Generally Safe

Score 100/100

Drip for Gravity Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The plugin "drip-gravity-forms" v2.1.2 presents a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, utilizing prepared statements exclusively, and has no recorded vulnerability history, suggesting a potentially stable codebase. However, significant concerns arise from its attack surface and output handling. The presence of two AJAX handlers without any authentication or capability checks creates a direct pathway for unauthenticated users to interact with potentially sensitive plugin functionalities, which is a major security risk. Additionally, the complete lack of output escaping is highly problematic, as it opens the door to Cross-Site Scripting (XSS) vulnerabilities if any user-supplied data is rendered directly to the browser.

Key Concerns

AJAX handlers without authentication checks
No output escaping
No nonce checks
No capability checks

Vulnerabilities

None known

Drip for Gravity Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Drip for Gravity Forms Release Timeline

v2.1.2Current

v2.1.1

v2.1.0

v2.0.0

Code Analysis

Analyzed Mar 16, 2026

Drip for Gravity Forms Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

0% escaped4 total outputs

Attack Surface

2 unprotected

Drip for Gravity Forms Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_gf_dismiss_drip_menuincludes\class-addon.php:189

authwp_ajax_gf_get_drip_field_guideincludes\class-addon.php:191

WordPress Hooks 2

filtergform_addon_navigationincludes\class-addon.php:206

actionplugins_loadedincludes\class-gfp-drip.php:57

Maintenance & Trust

Drip for Gravity Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 11, 2025

PHP min version

Downloads15K

Community Trust

Rating74/100

Number of ratings6

Active installs500

Alternatives

Drip for Gravity Forms Alternatives

Gravity PDF

gravity-forms-pdf-extended

100

Automatically generate, email and download PDF documents from Gravity Forms entries

20K 1 CVE

GravityExport Lite for Gravity Forms

gf-entries-in-excel

100

Export all Gravity Forms entries to Excel (.xlsx) or CSV via a download button or a secret shareable URL.

10K No CVEs

Multiple Columns for Gravity Forms

gf-form-multicolumn

Introduces new form elements into Gravity Forms which allow for simple column creation.

10K No CVEs

Gravity Forms Email Blacklist

gravity-forms-email-blacklist

Add-on for Gravity Forms to create a Blacklisting of specific emails or domains for the Email input field to throw a validation error or mark as spam.

10K No CVEs

Surbma | Divi & Gravity Forms

surbma-divi-gravity-forms

100

Responsive Divi form styles for Gravity Forms.

9K No CVEs

Developer Profile

Drip for Gravity Forms Developer Profile

getdrip

3 plugins · 4K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Drip for Gravity Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/drip-gravity-forms/js/gf-drip-admin.js/wp-content/plugins/drip-gravity-forms/css/gf-drip-admin.css

Script Paths

/wp-content/plugins/drip-gravity-forms/js/gf-drip-admin.js

Version Parameters

drip-gravity-forms/js/gf-drip-admin.js?ver=drip-gravity-forms/css/gf-drip-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

gf_drip_section_title

Data Attributes

data-drip-id

JS Globals

gfdrip_admin_params

FAQ

Drip for Gravity Forms Security & Risk Analysis

Is Drip for Gravity Forms Safe to Use in 2026?

Generally Safe

Key Concerns

Drip for Gravity Forms Security Vulnerabilities

Drip for Gravity Forms Release Timeline

Drip for Gravity Forms Code Analysis

SQL Query Safety

Output Escaping

Drip for Gravity Forms Attack Surface

AJAX Handlers 2

Drip for Gravity Forms Maintenance & Trust

Maintenance Signals

Community Trust

Drip for Gravity Forms Alternatives

Gravity PDF

GravityExport Lite for Gravity Forms

Multiple Columns for Gravity Forms

Gravity Forms Email Blacklist

Surbma | Divi & Gravity Forms

Drip for Gravity Forms Developer Profile

How We Detect Drip for Gravity Forms

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Drip for Gravity Forms