FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Security & Risk Analysis

AI-powered form builder that’s built for performance, simplicity, and feels like a part of WordPress, not a separate platform.

1K active installs v1.5.5 PHP 7.4+ WP 6.6+ Updated Mar 12, 2026

conversational-formform-buildermultistep-formpayment-formsurvey

C · Use Caution

CVEs total2

Unpatched1

Last CVEMar 3, 2026

Download

Safety Verdict

Is FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Safe to Use in 2026?

Use With Caution

Score 65/100

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

2 known CVEs 1 unpatched Last CVE: Mar 3, 2026Updated 22d ago

Risk Assessment

The formgent plugin v1.5.5 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in SQL query handling, with 100% of queries utilizing prepared statements, and a high percentage of output escaping (94%). The attack surface from AJAX and REST API endpoints is commendably zero and zero respectively, indicating an effort to secure these common entry points. However, significant concerns arise from the plugin's vulnerability history. Two known CVEs, one critical and one high, have been disclosed, with one critical vulnerability remaining unpatched. This indicates a persistent and severe security flaw that is actively exploitable.

Key Concerns

Unpatched critical CVE
Known high severity CVE
No nonce checks
Taint flows with unsanitized paths
Less than ideal output escaping (94%)

Vulnerabilities

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Critical

High

2 total CVEs

CVE-2026-22460critical · 9.1Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More <= 1.4.2 - Unauthenticated Arbitrary File Deletion

Mar 3, 2026Unpatched

CVE-2025-10916high · 7.5Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More < 1.0.4 - Unauthenticated Arbitrary File Deletion

Sep 30, 2025 Patched in 1.0.4 (30d)

Code Analysis

Analyzed Mar 16, 2026

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

336 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

GuzzleStripe PHP

SQL Query Safety

100% prepared11 total queries

Output Escaping

94% escaped358 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

save_and_redirect_oauth_confirm (app\Providers\ZohoCRMServiceProvider.php:28)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Attack Surface

Entry Points3

Unprotected0

Shortcodes 3

[formgent_payment_success] app\Providers\PaymentServiceProvider.php:21

[formgent_payment_failed] app\Providers\PaymentServiceProvider.php:22

[formgent] app\Providers\ShortCodeServiceProvider.php:20

WordPress Hooks 47

filterupload_dirapp\Http\Controllers\AttachmentController.php:36

actionadmin_menuapp\Providers\Admin\MenuServiceProvider.php:12

actionadmin_headapp\Providers\Admin\MenuServiceProvider.php:13

filterplugin_action_links_formgent/formgent.phpapp\Providers\Admin\MenuServiceProvider.php:14

actioninitapp\Providers\BlockServiceProvider.php:12

filterformgent_pagination_summeryapp\Providers\BlockServiceProvider.php:13

filterrender_block_core/headingapp\Providers\BlockServiceProvider.php:49

actiondirectorist_before_load_dashboardapp\Providers\DirectoristScriptProvider.php:12

actioninitapp\Providers\ElementorServiceProvider.php:14

actionelementor/widgets/registerapp\Providers\ElementorServiceProvider.php:22

actionelementor/controls/registerapp\Providers\ElementorServiceProvider.php:23

actionelementor/editor/before_enqueue_scriptsapp\Providers\ElementorServiceProvider.php:24

actionformgent_push_queue_itemsapp\Providers\EmailNotificationServiceProvider.php:21

actionformgent_after_create_formapp\Providers\EmailNotificationServiceProvider.php:22

actionformgent_before_attachment_storeapp\Providers\FileUploadServiceProvider.php:14

actionformgent_push_queue_itemsapp\Providers\MailchimpProvider.php:23

filterformgent_form_submission_responseapp\Providers\PaymentServiceProvider.php:20

actioninitapp\Providers\PostTypeServiceProvider.php:13

filterallowed_block_types_allapp\Providers\PostTypeServiceProvider.php:14

filterthe_contentapp\Providers\PostTypeServiceProvider.php:15

filterblock_categories_allapp\Providers\PostTypeServiceProvider.php:16

actionadmin_initapp\Providers\PostTypeServiceProvider.php:17

actiontemplate_redirectapp\Providers\PostTypeServiceProvider.php:18

filtertemplate_includeapp\Providers\PostTypeServiceProvider.php:19

actionadmin_initapp\Providers\PostTypeServiceProvider.php:20

actionsend_headersapp\Providers\PostTypeServiceProvider.php:21

actionpost_updatedapp\Providers\PostTypeServiceProvider.php:22

filterdisplay_post_statesapp\Providers\PostTypeServiceProvider.php:23

actionformgent_after_create_form_responseapp\Providers\QueueServiceProvider.php:20

actionformgent_after_submit_formapp\Providers\QueueServiceProvider.php:21

actionformgent_after_create_responseapp\Providers\QuizProvider.php:18

filterformgent_form_submission_responseapp\Providers\QuizProvider.php:19

filterformgent_response_itemapp\Providers\QuizProvider.php:20

actionformgent_before_update_responseapp\Providers\ResponseLogServiceProvider.php:22

actionformgent_after_update_responseapp\Providers\ResponseLogServiceProvider.php:23

actioninitapp\Providers\ShortCodeServiceProvider.php:13

actionformgent_push_queue_itemsapp\Providers\SpreadsheetServiceProvider.php:34

actionpost_updatedapp\Providers\SpreadsheetServiceProvider.php:36

actionformgent_before_rest_requestapp\Providers\WPMLCompatibilityProvider.php:18

filterformgent_http_headersapp\Providers\WPMLCompatibilityProvider.php:19

filterformgent_form_idapp\Providers\WPMLCompatibilityProvider.php:20

actionformgent_forms_select_queryapp\Providers\WPMLCompatibilityProvider.php:21

filterwpml_current_languageapp\Providers\WPMLCompatibilityProvider.php:31

actionadmin_initapp\Providers\ZohoCRMServiceProvider.php:20

filterformgent_rest_settings_saved_responseapp\Providers\ZohoCRMServiceProvider.php:21

actionformgent_push_queue_itemsapp\Providers\ZohoCRMServiceProvider.php:25

actionplugins_loadedformgent.php:49

Maintenance & Trust

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version7.4

Downloads25K

Community Trust

Rating88/100

Number of ratings7

Active installs1K

Alternatives

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Alternatives

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

formidable

The most advanced WordPress forms plugin. Go beyond contact forms with our drag and drop form builder for surveys, quizzes, and more.

300K 23 CVEs

Easy Form Builder by WhiteStudio — Drag & Drop Form Builder

easy-form-builder

Create flexible contact forms, survey forms, payment forms, and user authentication forms using a drag-and-drop form builder plugin for WordPress.

2K 1 unpatched

WPEForm Lite – Drag and Drop Live Form Builder for Contact, Payment & Quiz Forms

wpeform-lite

Drag and Drop Live Form Builder with landing page, cost estimation, quizzes, personality tests, surveys, data collection and user feedback of all kind

40 No CVEs

SureForms – Contact Form, Payment Form & Other Custom Form Builder

sureforms

The most beginner-friendly, AI Form Builder for WordPress to create contact forms, payment forms & other custom forms with advanced features, with …

400K 15 CVEs

Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

everest-forms

The best WordPress form builder. Create contact forms, payment forms, conversational forms, custom forms, surveys, & quizzes using drag and drop.

100K 12 CVEs

Developer Profile

FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More Developer Profile

wpWax

15 plugins · 62K total installs

trust score

Avg Security Score

83/100

Avg Patch Time

210 days

View full developer profile

Detection Fingerprints

How We Detect FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/formgent/app/public/css/formgent.css/wp-content/plugins/formgent/app/public/css/formgent.lite.css/wp-content/plugins/formgent/app/public/js/formgent.js/wp-content/plugins/formgent/app/public/js/formgent.lite.js/wp-content/plugins/formgent/app/public/js/blocks-frontend.js/wp-content/plugins/formgent/app/public/js/editor.js/wp-content/plugins/formgent/app/public/js/vendor.js/wp-content/plugins/formgent/app/public/css/embed.css+1 more

Script Paths

formgent/blocks-frontend

HTML / DOM Fingerprints

CSS Classes

formgent-form-builderformgent-form-fieldsformgent-form-share-viewformgent-form-embedfg-form-designfg-form-design-wrapfg-form-design-toolbarfg-form-design-content+14 more

HTML Comments

+1 more

Data Attributes

data-formgent-form-iddata-formgent-form-slugdata-formgent-field-typedata-formgent-field-iddata-formgent-field-namedata-formgent-editor-mode

JS Globals

formgentFormGentFormGentBlocks

Shortcode Output

[formgent-form[formgent-embed[formgent-share

FAQ