FormDesigner – online web form builder Security & Risk Analysis
wordpress.org/plugins/formdesignerMultifunctional online constructor of web forms, surveys, quizzes and calculators for the website.
Is FormDesigner – online web form builder Safe to Use in 2026?
Generally Safe
Score 85/100FormDesigner – online web form builder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The formdesigner plugin v2.2.0 exhibits a mixed security posture. On the positive side, the absence of any known CVEs and the use of prepared statements for all SQL queries are strong indicators of good development practices. The plugin also avoids bundling external libraries and making excessive external HTTP requests, which reduces potential attack vectors.
However, significant security concerns arise from the static analysis. The plugin has a relatively large attack surface with 4 total entry points, and a concerning 3 of these are completely unprotected by authentication checks. Furthermore, only 15% of its output is properly escaped, suggesting a high likelihood of cross-site scripting (XSS) vulnerabilities. The lack of nonce checks on AJAX handlers is another critical weakness, as it can allow unauthorized users to trigger plugin functionalities.
Given the lack of historical vulnerabilities, it might suggest that the plugin's existing protections have been sufficient up to this point. However, the current code analysis reveals several fundamental security oversights that expose the plugin and its users to significant risk, particularly from XSS and unauthorized action execution.
Key Concerns
- 3 unprotected AJAX handlers
- Low output escaping (15%)
- No nonce checks on AJAX
- 1 unprotected shortcode
FormDesigner – online web form builder Security Vulnerabilities
FormDesigner – online web form builder Code Analysis
Output Escaping
FormDesigner – online web form builder Attack Surface
AJAX Handlers 3
Shortcodes 1
WordPress Hooks 7
Maintenance & Trust
FormDesigner – online web form builder Maintenance & Trust
Maintenance Signals
Community Trust
FormDesigner – online web form builder Alternatives
SVS Quiz & Survey & Contact
svs-quiz-survey-contact
Create quizes & surveys & contact forms using drag&drop.
SurveyJS: Drag & Drop Form Builder
surveyjs
Drag & Drop Form Builder for WordPress
involve.me – Create Surveys, Quizzes, Calculators & Forms as Embedded Widgets or Pop-ups
involve-me
Add forms, quizzes, surveys and interactive calculators to your WordPress site. Easily embed or use as pop-ups. No coding required.
WP Guidant | Guided Selling & Product Recommendation Quiz Plugin
guidant
Boost conversions with WP Guidant! Drive sales using guided selling, product recommendations, and quizzes to help customers find the perfect choice.
Yay! Forms
yayforms
Embed custom forms, surveys, and quizzes into your WordPress site with ease.
FormDesigner – online web form builder Developer Profile
1 plugin · 200 total installs
How We Detect FormDesigner – online web form builder
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/formdesigner/src/gutenberg.js/wp-content/plugins/formdesigner/src/editor.css/wp-content/plugins/formdesigner/src/gutenberg.jsformdesigner/src/editor.css?ver=formdesigner/src/gutenberg.js?ver=HTML / DOM Fingerprints
data-formdesigner-blockformdesigner_hostformdesigner_langsformdesigner_shortcode