Does Flexible PDF have any unpatched vulnerabilities?

No. All known vulnerabilities in Flexible PDF have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Flexible PDF compatible with WordPress 4.8.28?

According to WordPress.org data, Flexible PDF 1.0.1 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Flexible PDF updated?

Flexible PDF was last updated on Mar 17, 2018. Frequent updates are generally a positive security signal.

What is Flexible PDF's security score?

Flexible PDF has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Flexible PDF Security & Risk Analysis

wordpress.org/plugins/flexible-pdf

Creates PDF documents from HTML

30 active installs v1.0.1 PHP + WP 4.5+ Updated Mar 17, 2018

html-to-pdfpdf

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Flexible PDF Safe to Use in 2026?

Generally Safe

Score 85/100

Flexible PDF has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "flexible-pdf" plugin v1.0.1 demonstrates a generally positive security posture with no recorded vulnerabilities in its history. The static analysis reveals no dangerous functions, SQL queries are exclusively prepared, and there are no identified taint flows with unsanitized paths. This suggests a good understanding of secure coding principles regarding direct data manipulation and common web vulnerabilities. However, the analysis does highlight some areas for improvement. Notably, only 54% of output is properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled rigorously throughout the entire output process. Additionally, the presence of a single external HTTP request without specific details raises a potential concern, as it could be a vector for various attacks if the external resource is compromised or malicious.

Key Concerns

Output escaping is only 54% proper
One external HTTP request identified

Vulnerabilities

None known

Flexible PDF Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Flexible PDF Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

54% escaped54 total outputs

Attack Surface

Flexible PDF Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionadmin_noticesclasses\wpdesk\class-helper.php:43

filterplugins_apiclasses\wpdesk\class-plugin.php:58

actionadmin_noticesclasses\wpdesk\class-plugin.php:59

actionadmin_enqueue_scriptsclasses\wpdesk\class-plugin.php:131

actionwp_enqueue_scriptsclasses\wpdesk\class-plugin.php:133

actionplugins_loadedclasses\wpdesk\class-plugin.php:135

actionadmin_menuclasses\wpdesk\settings-api\class.s214-settings.php:113

actionadmin_initclasses\wpdesk\settings-api\class.s214-settings.php:116

actionadmin_enqueue_scriptsclasses\wpdesk\settings-api\class.s214-settings.php:120

actionadmin_initclasses\wpdesk\settings-api\class.s214-settings.php:123

Maintenance & Trust

Flexible PDF Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedMar 17, 2018

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs30

Alternatives

Flexible PDF Alternatives

GrabzIt Web Capture

grabzit-web-capture

100

Use a simple shortcode to screenshot a webpage or convert any text or HTML snippet into images, PDF's, DOCX, GIF's, CSV, JSON, MP4 and more!

10 No CVEs

PDFSmith – HTML to PDF Converter

pdfsmith

100

Convert WordPress posts and pages into beautiful, print-ready PDFs using a simple shortcode or auto-insert button.

0 No CVEs

PDF Embedder

pdf-embedder

100

Seamlessly embed PDFs into your content, with customizations and intelligent responsive resizing, and no third-party services or iframes.

300K 1 CVE

PDF Invoices & Packing Slips for WooCommerce

woocommerce-pdf-invoices-packing-slips

Create, print & automatically email PDF or XML Invoices & PDF Packing Slips for WooCommerce orders.

300K 12 CVEs

Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer

3d-flipbook-dflip-lite

Dear Flipbook creates PDF Flipbook, 3D Flipbook, PDF viewer, PDF embed for WordPress sites. Create impressive and realistic 3D flipbooks with PDFs.

100K 8 CVEs

Developer Profile

Flexible PDF Developer Profile

kursorA

2 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Flexible PDF

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/flexible-pdf/assets/css/pdf-styles.css/wp-content/plugins/flexible-pdf/assets/js/pdf-scripts.js

Script Paths

/wp-content/plugins/flexible-pdf/assets/js/pdf-scripts.js

Version Parameters

flexible-pdf/assets/css/pdf-styles.css?ver=flexible-pdf/assets/js/pdf-scripts.js?ver=

HTML / DOM Fingerprints

JS Globals

FLEXIBLE_PDF

FAQ