Does FormsCRM – Connect Forms to CRM directly have any unpatched vulnerabilities?

No. All known vulnerabilities in FormsCRM – Connect Forms to CRM directly have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is FormsCRM – Connect Forms to CRM directly compatible with WordPress 6.9.4?

According to WordPress.org data, FormsCRM – Connect Forms to CRM directly 4.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is FormsCRM – Connect Forms to CRM directly updated?

FormsCRM – Connect Forms to CRM directly was last updated on Mar 4, 2026. Frequent updates are generally a positive security signal.

What is FormsCRM – Connect Forms to CRM directly's security score?

FormsCRM – Connect Forms to CRM directly has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

FormsCRM – Connect Forms to CRM directly Security & Risk Analysis

wordpress.org/plugins/formscrm

Connects your CRM, ERP and Email Marketing with your Forms plugin and create new Leads/Entries as the forms are filled automatically. GDPR compliant.

1K active installs v4.3.1 PHP + WP 5.5+ Updated Mar 4, 2026

crmgravityformsodoovtigerwpforms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is FormsCRM – Connect Forms to CRM directly Safe to Use in 2026?

Generally Safe

Score 100/100

FormsCRM – Connect Forms to CRM directly has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'formscrm' v4.3.2 plugin exhibits a generally good security posture with strong adherence to best practices in many areas. The absence of known CVEs and a history of unpatched vulnerabilities is a significant strength. The plugin also demonstrates good practices with a high percentage of SQL queries using prepared statements and properly escaped output. Furthermore, the presence of nonce and capability checks on its entry points is commendable, indicating a conscious effort to secure its functionality. However, a critical concern arises from the presence of the 'unserialize' function, which is inherently dangerous if used with untrusted data. While no specific taint flows were flagged as critical or high *in this analysis*, the potential for misuse of 'unserialize' combined with the six identified flows with unsanitized paths warrants careful attention. The plugin also makes external HTTP requests, which, without proper validation, could be a vector for certain types of attacks, although the analysis does not provide specifics on these requests.

Key Concerns

Presence of 'unserialize' function
All 6 taint flows have unsanitized paths
External HTTP requests present

Vulnerabilities

None known

FormsCRM – Connect Forms to CRM directly Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

FormsCRM – Connect Forms to CRM directly Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

231 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$list_items = unserialize( $list_value ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.seriincludes\formscrm-library\class-gravityforms-markdown-export.php:362

SQL Query Safety

86% prepared14 total queries

Output Escaping

91% escaped253 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths

handle_single_export (includes\formscrm-library\class-gravityforms-markdown-export.php:133)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

FormsCRM – Connect Forms to CRM directly Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_formscrm_resend_entryincludes\admin\class-error-log.php:37

authwp_ajax_formscrm_delete_logincludes\admin\class-error-log.php:38

authwp_ajax_formscrm_clear_all_logsincludes\admin\class-error-log.php:39

authwp_ajax_elementor_formscrm_connect_crmincludes\formscrm-library\elementor-ajax.php:30

WordPress Hooks 46

filterformscrm_choicesformscrm.php:32

filterformscrm_dependency_apipasswordformscrm.php:64

filterformscrm_crmlib_pathformscrm.php:78

actionadmin_enqueue_scriptsincludes\admin\class-admin-options.php:35

actionadmin_menuincludes\admin\class-admin-options.php:37

actionformscrm_settingsincludes\admin\class-admin-options.php:38

actionformscrm_notificationsincludes\admin\class-admin-options.php:39

actionadmin_initincludes\admin\class-admin-options.php:40

actionformscrm_error_log_contentincludes\admin\class-error-log-page.php:26

actionadmin_enqueue_scriptsincludes\admin\class-error-log-page.php:27

actionplugins_loadedincludes\admin\class-error-log.php:36

actionformscrm_retry_failed_entryincludes\admin\class-error-log.php:42

filterwpcf7_editor_panelsincludes\formscrm-library\class-contactform7.php:33

actionwpcf7_after_saveincludes\formscrm-library\class-contactform7.php:34

actionwpcf7_before_send_mailincludes\formscrm-library\class-contactform7.php:35

actionadmin_enqueue_scriptsincludes\formscrm-library\class-contactform7.php:36

actiongform_after_save_formincludes\formscrm-library\class-forms-clientify.php:35

actiongform_enqueue_scriptsincludes\formscrm-library\class-forms-clientify.php:36

actiongform_enqueue_scriptsincludes\formscrm-library\class-forms-clientify.php:37

actionwpcf7_after_saveincludes\formscrm-library\class-forms-clientify.php:41

actionwpcf7_enqueue_scriptsincludes\formscrm-library\class-forms-clientify.php:42

actionwpcf7_contact_formincludes\formscrm-library\class-forms-clientify.php:43

filterwoocommerce_checkout_fieldsincludes\formscrm-library\class-forms-clientify.php:46

filterelementor/widget/render_contentincludes\formscrm-library\class-forms-clientify.php:53

filtergform_entry_list_bulk_actionsincludes\formscrm-library\class-gravityforms-markdown-export.php:25

actiongform_entry_list_action_export_markdownincludes\formscrm-library\class-gravityforms-markdown-export.php:26

filtergform_entry_detail_meta_boxesincludes\formscrm-library\class-gravityforms-markdown-export.php:29

actioninitincludes\formscrm-library\class-gravityforms-markdown-export.php:33

actionadmin_initincludes\formscrm-library\class-gravityforms-markdown-export.php:34

filtergform_entry_detail_meta_boxesincludes\formscrm-library\class-gravityforms-widget.php:23

actiongform_post_add_feedincludes\formscrm-library\class-gravityforms-widget.php:24

actiongform_post_update_feedincludes\formscrm-library\class-gravityforms-widget.php:25

actiongform_post_delete_feedincludes\formscrm-library\class-gravityforms-widget.php:26

filtergform_form_list_columnsincludes\formscrm-library\class-gravityforms.php:150

actiongform_form_list_column_formscrm_feedsincludes\formscrm-library\class-gravityforms.php:151

actionadmin_enqueue_scriptsincludes\formscrm-library\class-gravityforms.php:152

filtergform_field_map_choicesincludes\formscrm-library\class-gravityforms.php:153

filterwoocommerce_settings_tabs_arrayincludes\formscrm-library\class-woocommerce.php:33

actionwoocommerce_settings_tabs_formscrmincludes\formscrm-library\class-woocommerce.php:34

actionwoocommerce_update_options_formscrmincludes\formscrm-library\class-woocommerce.php:35

actionwoocommerce_new_orderincludes\formscrm-library\class-woocommerce.php:36

actioninitincludes\formscrm-library\helpers-library-crm.php:174

actiongform_loadedincludes\formscrm-library\loader.php:23

actionwpforms_loadedincludes\formscrm-library\loader.php:71

actionelementor_pro/initincludes\formscrm-library\loader.php:90

actionelementor/editor/after_enqueue_scriptsincludes\formscrm-library\loader.php:104

Scheduled Events 1

formscrm_retry_failed_entry

Maintenance & Trust

FormsCRM – Connect Forms to CRM directly Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version

Downloads32K

Community Trust

Rating100/100

Number of ratings3

Active installs1K

Alternatives

FormsCRM – Connect Forms to CRM directly Alternatives

WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin

cf7-zoho

Send Contact Form 7, WPforms, Elementor, Formidable, Ninja Forms and many other contact form submissions to zoho CRM and Bigin.

3K 5 CVEs

Ultimate WP Mail

ultimate-wp-mail

Custom email and SMS notifications. Automatic send actions. WPForms SMS integration. WooCommerce notifications for purchases, abandoned cart and more!

800 1 unpatched

WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms

cf7-dynamics-crm

Send Contact Form 7, WPForms, Elementor, Ninja Forms, CRM Perks Forms and many other contact form submissions to dynamics crm Online.

300 1 CVE

Vtiger CRM Integration for WordPress

wp-tiger

Elevate Lead Capture and CRM Integration Effortlessly with Vtiger CRM Integration for WordPress

300 No CVEs

Integration for Zoho CRM and Zoho Bigin – Contact Form 7, WPForms, Elementor, Gravity Forms and More

integrate-any-form-with-zoho-crm

100

Connect Zoho CRM and Zoho Bigin. Create Leads, Contacts, Accounts, Deals, and Pipelines from any form submission.

50 No CVEs

Developer Profile

FormsCRM – Connect Forms to CRM directly Developer Profile

closemarketing

10 plugins · 8K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect FormsCRM – Connect Forms to CRM directly

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/formscrm/includes/assets/formscrm-admin.css

Version Parameters

formscrm-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

fcrm-settings-wrapperfcrm-headerfcrm-header-contentfcrm-header-textfcrm-version-badgefcrm-containerfcrm-noticefcrm-notice-success+6 more

Data Attributes

data-tab

FAQ