WP-Safety

FormStatus Form Monitoring Security & Risk Analysis

wordpress.org/plugins/formstatus

Fully-automated monitoring via [FormStatus](https://formstatus.co) ensures you’re the first to know when your webforms break.

30 active installs v1.0.12 PHP 7.4+ WP 5.5+ Updated Feb 24, 2026
automationformsmonitoringtestinguptime
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is FormStatus Form Monitoring Safe to Use in 2026?

Generally Safe

Score 100/100

FormStatus Form Monitoring has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The formstatus plugin version 1.0.12 exhibits a strong security posture based on the provided static analysis. The complete absence of an identifiable attack surface, including AJAX handlers, REST API routes, shortcodes, and cron events, significantly limits potential entry points for attackers. Furthermore, the code's adherence to secure coding practices is evident with 100% of SQL queries utilizing prepared statements and all output being properly escaped. The lack of file operations and external HTTP requests further reduces the plugin's exposure to common vulnerabilities. The plugin's vulnerability history is also exceptionally clean, with no recorded CVEs, suggesting a well-maintained and secure codebase. While the absence of taint analysis results and the limited scope of analysis make it difficult to declare absolute security, the available data points to a plugin that is developed with security in mind. The primary areas for potential concern, albeit not explicitly identified as vulnerabilities here, lie in the 'External HTTP requests' and the 'Nonce checks' and 'Capability checks' being zero, which could indicate areas that might warrant closer inspection in a more thorough review, especially if any of the external requests were to process untrusted data.

Key Concerns

  • Zero Nonce checks
  • Zero Capability checks
  • External HTTP requests (potential for XSS/CSRF)
Vulnerabilities
None known

FormStatus Form Monitoring Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

FormStatus Form Monitoring Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
11 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

100% escaped11 total outputs
Attack Surface

FormStatus Form Monitoring Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 89
actionupgrader_process_completeapp\app.php:171
actionswitch_themeapp\app.php:187
actionupdate_option_active_pluginsapp\app.php:237
actionplugins_loadedapp\app.php:298
actionplugins_loadedapp\FormStatus.php:8
actioninitapp\FormStatus.php:9
actioninitapp\FormStatus.php:10
actionwp_enqueue_scriptsapp\FormStatus.php:11
filterformstatus_form_identifierapp\FormStatus.php:12
filterrender_blockapp\FormStatus.php:13
filterdo_shortcode_tagapp\FormStatus.php:14
filterpre_wp_mailapp\FormStatus.php:15
filterwp_mailapp\FormStatus.php:16
actionwp_mail_succeededapp\FormStatus.php:17
filterformstatus_supportplugin-mods\contact-form-7.php:12
actionwpcf7_mail_sentplugin-mods\contact-form-7.php:23
actionwpcf7_mail_failedplugin-mods\contact-form-7.php:34
filterwpcf7_validateplugin-mods\contact-form-7.php:51
filterwpcf7_validateplugin-mods\contact-form-7.php:82
filterwpcf7_recaptcha_verify_responseplugin-mods\contact-form-7.php:93
filterwpcf7_skip_spam_checkplugin-mods\contact-form-7.php:108
filterformstatus_supportplugin-mods\divi.php:12
actionet_pb_contact_form_submitplugin-mods\divi.php:23
filteret_pb_module_shortcode_attributesplugin-mods\divi.php:47
filterformstatus_supportplugin-mods\elementor.php:12
actionelementor-pro/forms/pre_renderplugin-mods\elementor.php:29
actionelementor_pro/forms/new_recordplugin-mods\elementor.php:42
actionelementor_pro/forms/validationplugin-mods\elementor.php:73
filterelementor_pro/forms/default_submit_actionsplugin-mods\elementor.php:90
filterformstatus_supportplugin-mods\fluent-forms.php:12
actionfluentform/submission_insertedplugin-mods\fluent-forms.php:23
filterfluentform/validation_errorsplugin-mods\fluent-forms.php:38
filterfluentform/disable_captchaplugin-mods\fluent-forms.php:53
filterfluentform/prevent_malicious_attacksplugin-mods\fluent-forms.php:68
filterfluentform/nonce_verifyplugin-mods\fluent-forms.php:69
filterfluentform/akismet_check_spamplugin-mods\fluent-forms.php:70
filterfluentform/cleantalk_check_spamplugin-mods\fluent-forms.php:71
filterfluentform/honeypot_statusplugin-mods\fluent-forms.php:72
filterfluentform/token_based_spam_protection_statusplugin-mods\fluent-forms.php:73
filterfluentform/filter_insert_dataplugin-mods\fluent-forms.php:88
actionfluentform/submission_insertedplugin-mods\fluent-forms.php:105
filterformstatus_supportplugin-mods\formidable-forms.php:12
filterfrm_validate_formplugin-mods\formidable-forms.php:27
filterfrm_validate_entryplugin-mods\formidable-forms.php:28
filterfrm_validate_captcha_field_entryplugin-mods\formidable-forms.php:47
filterfrm_run_antispamplugin-mods\formidable-forms.php:62
filterfrm_run_honeypotplugin-mods\formidable-forms.php:63
filterfrm_process_antispamplugin-mods\formidable-forms.php:74
filterfrm_process_honeypotplugin-mods\formidable-forms.php:85
actionfrm_after_create_entryplugin-mods\formidable-forms.php:100
filterformstatus_supportplugin-mods\forminator-forms.php:12
filterforminator_submission_successplugin-mods\forminator-forms.php:25
filterforminator_submission_errorplugin-mods\forminator-forms.php:38
filterpre_optionplugin-mods\forminator-forms.php:57
filterforminator_spam_protectionplugin-mods\forminator-forms.php:72
filterforminator_akismet_is_spamplugin-mods\forminator-forms.php:73
filterforminator_form_is_prevent_storeplugin-mods\forminator-forms.php:88
filterformstatus_supportplugin-mods\gravity-forms.php:12
actiongform_after_emailplugin-mods\gravity-forms.php:23
actiongform_send_email_failedplugin-mods\gravity-forms.php:34
filtergform_validationplugin-mods\gravity-forms.php:51
filtergform_pre_renderplugin-mods\gravity-forms.php:76
filtergform_pre_validationplugin-mods\gravity-forms.php:77
filtergform_pre_submission_filterplugin-mods\gravity-forms.php:78
filtergform_admin_pre_renderplugin-mods\gravity-forms.php:79
filtergform_validationplugin-mods\gravity-forms.php:125
filtergform_form_post_get_metaplugin-mods\gravity-forms.php:138
filtergform_entry_is_spamplugin-mods\gravity-forms.php:153
actiongform_after_submissionplugin-mods\gravity-forms.php:176
filtergform_pre_send_emailplugin-mods\gravity-forms.php:199
filterformstatus_supportplugin-mods\ninja-forms.php:12
actionninja_forms_after_form_displayplugin-mods\ninja-forms.php:17
filterninja_forms_action_email_sendplugin-mods\ninja-forms.php:62
actionninja_forms_before_responseplugin-mods\ninja-forms.php:77
actionninja_forms_after_submissionplugin-mods\ninja-forms.php:78
filterninja_forms_localize_field_recaptchaplugin-mods\ninja-forms.php:96
filterninja_forms_pre_validate_field_settingsplugin-mods\ninja-forms.php:115
filterninja_forms_action_recaptcha__verify_responseplugin-mods\ninja-forms.php:130
actionninja_forms_after_form_displayplugin-mods\ninja-forms.php:154
filterninja_forms_save_submissionplugin-mods\ninja-forms.php:169
filterformstatus_supportplugin-mods\wp-forms.php:12
actionwpforms_process_completeplugin-mods\wp-forms.php:23
filterwpforms_process_initial_errorsplugin-mods\wp-forms.php:38
filterwpforms_ajax_submit_errorsplugin-mods\wp-forms.php:39
filterwpforms_process_bypass_captchaplugin-mods\wp-forms.php:54
filterwpforms_process_anti_spam_honeypot_bypassplugin-mods\wp-forms.php:55
filterwpforms_process_anti_spam_direct_post_bypassplugin-mods\wp-forms.php:56
filterwpforms_frontend_recaptcha_disableplugin-mods\wp-forms.php:57
filterwpforms_entry_saveplugin-mods\wp-forms.php:72
Maintenance & Trust

FormStatus Form Monitoring Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 24, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

FormStatus Form Monitoring Alternatives

Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce

Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce

sender-net-automated-emails

A
99

Sender is an all-in-one email & SMS marketing platform designed keeping the challenges of ecommerce and small businesses in mind.

5K 2 CVEs
Zoho Campaigns

Zoho Campaigns

zoho-campaigns

A
95

Zoho Campaigns

4K 4 CVEs
Account Engagement

Account Engagement

pardot

A
91

Integrate Account Engagement with WordPress: easily track visitors, embed forms and dynamic content in pages and posts, or use the forms or dynamic co …

2K 1 CVE
CheckView – Form & Checkout Testing

CheckView – Form & Checkout Testing

checkview

A
100

CheckView automates WordPress form and WooCommerce testing, monitoring key flows to catch failures early before they cost you leads or sales everyday.

1K No CVEs
Uptime Monitoring for WordPress – My Website is Online

Uptime Monitoring for WordPress – My Website is Online

my-website-is-online-uptime-monitoring

A
85

My Website is Online is a Web service that monitors your website every minute to check if it's down. Don’t let downtimes impact your business.

600 No CVEs
Developer Profile

FormStatus Form Monitoring Developer Profile

formstatus

1 plugin · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect FormStatus Form Monitoring

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/formstatus/assets/js/formstatus.js
Script Paths
wp-content/plugins/formstatus/assets/js/formstatus.js
Version Parameters
formstatus/assets/js/formstatus.js?ver=

HTML / DOM Fingerprints

Data Attributes
formstatusdata-formstatus
Shortcode Output
[FormStatus]
FAQ

Frequently Asked Questions about FormStatus Form Monitoring