WP-Safety

FormRank Lead Scoring Security & Risk Analysis

wordpress.org/plugins/formrank-lead-scoring

See which form submissions are worth calling back. Automatically sorts your WordPress form leads by quality so you stop wasting time on junk and focus …

0 active installs v1.1.5 PHP 7.4+ WP 5.8+ Updated Mar 11, 2026
contact-formform-notificationsgravity-formslead-managementwpforms
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is FormRank Lead Scoring Safe to Use in 2026?

Generally Safe

Score 100/100

FormRank Lead Scoring has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 27d ago
Risk Assessment

The "formrank-lead-scoring" v1.1.5 plugin exhibits a mixed security posture. While it demonstrates good practices with a high percentage of properly escaped outputs and a significant number of SQL queries using prepared statements, there are notable areas of concern. The presence of 10 unprotected AJAX handlers significantly increases the attack surface, as these can potentially be triggered by unauthenticated users. Furthermore, the taint analysis revealed 4 high-severity flows with unsanitized paths, indicating potential vulnerabilities that could be exploited by attackers to manipulate data or execute unintended actions. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator. However, this positive history, coupled with the high-severity taint flows and numerous unprotected AJAX endpoints, suggests a potential for undiscovered vulnerabilities. The overall assessment is that while the plugin has some strong security foundations, the unprotected entry points and high-severity taint flows present tangible risks that require attention.

Key Concerns

  • Unprotected AJAX handlers
  • High severity taint flows with unsanitized paths
  • Bundled Freemius v1.0 library
Vulnerabilities
None known

FormRank Lead Scoring Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

FormRank Lead Scoring Release Timeline

v1.1.5Current
v1.1.4
v1.1.3
v1.1.2
v1.1.0
v1.0.3
Code Analysis
Analyzed Mar 17, 2026

FormRank Lead Scoring Code Analysis

Dangerous Functions
0
Raw SQL Queries
69
116 prepared
Unescaped Output
13
650 escaped
Nonce Checks
23
Capability Checks
26
File Operations
1
External Requests
7
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

63% prepared185 total queries

Output Escaping

98% escaped663 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths
<lead-list> (templates\admin\lead-list.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
10 unprotected

FormRank Lead Scoring Attack Surface

Entry Points20
Unprotected10

AJAX Handlers 19

authwp_ajax_formrank_import_entriesincludes\admin\class-data-import.php:41
authwp_ajax_formrank_get_import_statusincludes\admin\class-data-import.php:42
authwp_ajax_formrank_grant_permissionincludes\admin\class-data-import.php:43
authwp_ajax_formrank_revoke_permissionincludes\admin\class-data-import.php:44
authwp_ajax_formrank_complete_onboardingincludes\admin\class-onboarding.php:46
authwp_ajax_formrank_skip_onboardingincludes\admin\class-onboarding.php:47
authwp_ajax_formrank_get_onboarding_dataincludes\admin\class-onboarding.php:48
authwp_ajax_formrank_setup_wizard_insertincludes\admin\class-setup-wizard.php:31
authwp_ajax_formrank_remove_demo_dataincludes\admin\class-setup-wizard.php:32
authwp_ajax_formrank_test_apiincludes\class-formrank-lead-scoring.php:87
authwp_ajax_formrank_rescore_leadincludes\class-formrank-lead-scoring.php:88
authwp_ajax_formrank_update_statusincludes\class-formrank-lead-scoring.php:89
authwp_ajax_formrank_save_notesincludes\class-formrank-lead-scoring.php:90
authwp_ajax_formrank_get_statsincludes\class-formrank-lead-scoring.php:91
authwp_ajax_formrank_get_ai_statsincludes\class-formrank-lead-scoring.php:92
authwp_ajax_formrank_get_conversion_analyticsincludes\class-formrank-lead-scoring.php:93
authwp_ajax_formrank_activate_licenseincludes\class-formrank-lead-scoring.php:94
authwp_ajax_formrank_deactivate_licenseincludes\class-formrank-lead-scoring.php:95
authwp_ajax_formrank_dismiss_enrichment_noticeincludes\class-formrank-lead-scoring.php:96

REST API Routes 1

GET/wp-json/formrank/v1/enrichincludes\class-formrank-lead-scoring.php:182
WordPress Hooks 38
actionplugins_loadedformrank-lead-scoring.php:67
actionadmin_menuincludes\admin\class-data-import.php:39
actionadmin_initincludes\admin\class-data-import.php:40
actionadmin_enqueue_scriptsincludes\admin\class-data-import.php:45
actionadmin_noticesincludes\admin\class-onboarding.php:43
actionadmin_enqueue_scriptsincludes\admin\class-onboarding.php:49
actionadmin_menuincludes\admin\class-setup-wizard.php:28
actionadmin_initincludes\admin\class-setup-wizard.php:29
actionadmin_initincludes\admin\class-setup-wizard.php:30
actionupdate_option_formrank_settingsincludes\class-data-retention.php:31
actioninitincludes\class-data-retention.php:34
actionadmin_menuincludes\class-formrank-lead-scoring.php:72
actionadmin_enqueue_scriptsincludes\class-formrank-lead-scoring.php:73
actionadmin_enqueue_scriptsincludes\class-formrank-lead-scoring.php:74
actionadmin_initincludes\class-formrank-lead-scoring.php:75
actionadmin_initincludes\class-formrank-lead-scoring.php:78
actionadmin_initincludes\class-formrank-lead-scoring.php:79
actionadmin_initincludes\class-formrank-lead-scoring.php:80
actionadmin_initincludes\class-formrank-lead-scoring.php:81
actionadmin_noticesincludes\class-formrank-lead-scoring.php:84
actionrest_api_initincludes\class-formrank-lead-scoring.php:114
actionwpforms_process_completeincludes\class-formrank-lead-scoring.php:121
actiongform_after_submissionincludes\class-formrank-lead-scoring.php:127
actionwpcf7_before_send_mailincludes\class-formrank-lead-scoring.php:135
actionfluentform/submission_insertedincludes\class-formrank-lead-scoring.php:141
actionfrm_after_create_entryincludes\class-formrank-lead-scoring.php:147
actionformrank_score_leadincludes\class-formrank-lead-scoring.php:153
actionformrank_webhook_retryincludes\class-formrank-lead-scoring.php:156
actionafter_license_changeincludes\class-freemius.php:57
actionafter_uninstallincludes\class-freemius.php:74
filteraccount/page_hookincludes\class-freemius.php:194
filterconnect_messageincludes\class-freemius.php:226
filteruninstall_reasonsincludes\class-freemius.php:249
filterpermission_listincludes\class-freemius.php:299
filterwp_privacy_personal_data_exportersincludes\class-privacy.php:23
filterwp_privacy_personal_data_erasersincludes\class-privacy.php:26
actionadmin_initincludes\class-privacy.php:29
actionformrank_cleanup_old_cacheincludes\core\class-cache-manager.php:128

Scheduled Events 4

formrank_cleanup_old_cache
formrank_webhook_retry
formrank_webhook_retry
formrank_score_lead
Maintenance & Trust

FormRank Lead Scoring Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 11, 2026
PHP min version7.4
Downloads334

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

FormRank Lead Scoring Alternatives

Autopreenchimento de endereço em formulários

Autopreenchimento de endereço em formulários

cf7-cep-autofill

A
92

Preenchimento automático de campos de endereço baseado no CEP informado.

1K No CVEs
Integration for Zoho CRM and Zoho Bigin – Contact Form 7, WPForms, Elementor, Gravity Forms and More

Integration for Zoho CRM and Zoho Bigin – Contact Form 7, WPForms, Elementor, Gravity Forms and More

integrate-any-form-with-zoho-crm

A
100

Connect Zoho CRM and Zoho Bigin. Create Leads, Contacts, Accounts, Deals, and Pipelines from any form submission.

60 No CVEs
Advanced Date Time Field For Contact Form 7, Gravity Forms, WPForms

Advanced Date Time Field For Contact Form 7, Gravity Forms, WPForms

advanced-date-time-field

A
100

This plugin is a lightweight yet powerful date and time picker designed for popular form builder plugins.

30 No CVEs
Integration for HubSpot – Contact Form 7, WPForms, Elementor, Gravity Forms and More

Integration for HubSpot – Contact Form 7, WPForms, Elementor, Gravity Forms and More

integrate-with-hubspot-crm

A
100

Connect Contact Form 7, WPForms, Elementor Forms, Gravity Forms, and more form submissions with HubSpot CRM.

20 No CVEs
Integration for Mailchimp – Contact Form 7, WPForms, Elementor, Gravity Forms and More

Integration for Mailchimp – Contact Form 7, WPForms, Elementor, Gravity Forms and More

integrate-with-mailchimp

A
100

Connect Contact Form 7, WPForms, Elementor Forms, Gravity Forms, and more form submissions with Mailchimp.

10 No CVEs
Developer Profile

FormRank Lead Scoring Developer Profile

FormRank

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect FormRank Lead Scoring

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/formrank-lead-scoring/assets/css/admin.min.css/wp-content/plugins/formrank-lead-scoring/assets/css/admin.css/wp-content/plugins/formrank-lead-scoring/assets/js/admin.min.js/wp-content/plugins/formrank-lead-scoring/assets/js/admin.js/wp-content/plugins/formrank-lead-scoring/assets/images/menu-icon.png
Script Paths
/wp-content/plugins/formrank-lead-scoring/assets/js/admin.min.js/wp-content/plugins/formrank-lead-scoring/assets/js/admin.js
Version Parameters
formrank-lead-scoring/assets/css/admin.min.css?ver=formrank-lead-scoring/assets/css/admin.css?ver=formrank-lead-scoring/assets/js/admin.min.js?ver=formrank-lead-scoring/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
formrank-lead-scoring
Data Attributes
data-formrank-lead-id
JS Globals
formrankLS
REST Endpoints
/wp-json/formrank-lead-scoring/v1/leads/wp-json/formrank-lead-scoring/v1/lead/wp-json/formrank-lead-scoring/v1/settings/wp-json/formrank-lead-scoring/v1/integrations/wp-json/formrank-lead-scoring/v1/sync
FAQ

Frequently Asked Questions about FormRank Lead Scoring