WP-Safety

Embed PDF for Gravity Forms Security & Risk Analysis

wordpress.org/plugins/embed-pdf-gravityforms

An add-on for Gravity Forms. Provides a PDF Viewer field.

80 active installs v1.1.4 PHP 5.6+ WP 4.0+ Updated Jan 21, 2025
gravity-formsgravityformsinklesspdf
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Embed PDF for Gravity Forms Safe to Use in 2026?

Generally Safe

Score 92/100

Embed PDF for Gravity Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "embed-pdf-gravityforms" plugin v1.1.4 exhibits a strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to security best practices, with all identified entry points being protected by authentication and capability checks. The absence of dangerous functions, SQL injection vulnerabilities due to the exclusive use of prepared statements, and proper output escaping further bolster its security. Furthermore, the lack of file operations, external HTTP requests, and recorded vulnerabilities in its history indicate a mature and well-maintained codebase.

While the static analysis reveals no critical or high-risk issues, the limited scope of the analysis (zero taint flows analyzed) means that sophisticated vulnerabilities that might only be revealed through dynamic analysis or more in-depth taint analysis are not accounted for. However, based solely on the provided data, the plugin appears to be secure and presents a very low risk to WordPress installations. The strengths far outweigh any potential, unproven weaknesses.

In conclusion, this plugin's security is commendable. The developers have implemented robust security measures, and the absence of any historical vulnerabilities is a significant positive indicator. Users can have high confidence in the security of this plugin, assuming the provided static analysis covers all relevant code paths.

Vulnerabilities
None known

Embed PDF for Gravity Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Embed PDF for Gravity Forms Release Timeline

v1.1.4Current
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.4
Code Analysis
Analyzed Mar 16, 2026

Embed PDF for Gravity Forms Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
8 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped8 total outputs
Attack Surface

Embed PDF for Gravity Forms Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_download_pdf_mediaincludes\class-gf-addon-pdf-viewer.php:140
WordPress Hooks 4
actiongform_loadedembed-pdf-gravityforms.php:28
actioninitembed-pdf-gravityforms.php:47
actiongform_field_standard_settingsincludes\class-gf-addon-pdf-viewer.php:129
actionadmin_enqueue_scriptsincludes\class-gf-addon-pdf-viewer.php:137
Maintenance & Trust

Embed PDF for Gravity Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJan 21, 2025
PHP min version5.6
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs80
Alternatives

Embed PDF for Gravity Forms Alternatives

Gravity PDF

Gravity PDF

gravity-forms-pdf-extended

A
100

Automatically generate, email and download PDF documents from Gravity Forms entries

20K 1 CVE
GravityExport Lite for Gravity Forms

GravityExport Lite for Gravity Forms

gf-entries-in-excel

A
100

Export all Gravity Forms entries to Excel (.xlsx) or CSV via a download button or a secret shareable URL.

10K No CVEs
Multiple Columns for Gravity Forms

Multiple Columns for Gravity Forms

gf-form-multicolumn

A
85

Introduces new form elements into Gravity Forms which allow for simple column creation.

10K No CVEs
Surbma | Divi & Gravity Forms

Surbma | Divi & Gravity Forms

surbma-divi-gravity-forms

A
100

Responsive Divi form styles for Gravity Forms.

9K No CVEs
Fresh Forms for Gravity

Fresh Forms for Gravity

fresh-forms-for-gravity

A
100

Prevent supported caching and JS optimization plugins breaking Gravity Forms.

3K No CVEs
Developer Profile

Embed PDF for Gravity Forms Developer Profile

Corey Salzano

11 plugins · 7K total installs

94
trust score
Avg Security Score
91/100
Avg Patch Time
1 days
View full developer profile
Detection Fingerprints

How We Detect Embed PDF for Gravity Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/embed-pdf-gravityforms/includes/class-gf-field-pdf-viewer.php/wp-content/plugins/embed-pdf-gravityforms/assets/js/pdfjs/build/pdf.worker.entry.js/wp-content/plugins/embed-pdf-gravityforms/assets/js/pdfjs/build/pdf.js/wp-content/plugins/embed-pdf-gravityforms/assets/js/pdfjs/build/pdf_viewer.js/wp-content/plugins/embed-pdf-gravityforms/assets/css/embed-pdf-gravityforms.css
Script Paths
/wp-content/plugins/embed-pdf-gravityforms/assets/js/pdfjs/build/pdf.worker.entry.js/wp-content/plugins/embed-pdf-gravityforms/assets/js/pdfjs/build/pdf.js/wp-content/plugins/embed-pdf-gravityforms/assets/js/pdfjs/build/pdf_viewer.js
Version Parameters
embed-pdf-gravityforms/assets/css/embed-pdf-gravityforms.css?ver=embed-pdf-gravityforms/assets/js/pdfjs/build/pdf.worker.entry.js?ver=embed-pdf-gravityforms/assets/js/pdfjs/build/pdf.js?ver=embed-pdf-gravityforms/assets/js/pdfjs/build/pdf_viewer.js?ver=

HTML / DOM Fingerprints

CSS Classes
pdf_url_settinginitial_scale_settinggform-button--white
Data Attributes
id="field_pdf_url"id="choose_pdf_url"id="field_initial_scale"id="gform_server_initial_scale_notice"
JS Globals
window.epdf_gf_download_pdf_media
FAQ

Frequently Asked Questions about Embed PDF for Gravity Forms