Does GDPress have any unpatched vulnerabilities?

No. All known vulnerabilities in GDPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GDPress compatible with WordPress 5.5.18?

According to WordPress.org data, GDPress 2.0.1 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

Is GDPress compatible with PHP 7.0+?

GDPress requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GDPress updated?

GDPress was last updated on Sep 10, 2020. Frequent updates are generally a positive security signal.

What is GDPress's security score?

GDPress has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GDPress Security & Risk Analysis

wordpress.org/plugins/gdpress

More than a privacy plugin

10 active installs v2.0.1 PHP 7.0+ WP 5.4+ Updated Sep 10, 2020

formgdprprivacyrgpdtools

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GDPress Safe to Use in 2026?

Generally Safe

Score 85/100

GDPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "gdpress" v2.0.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by primarily using prepared statements for its SQL queries and having no recorded vulnerabilities or CVEs. This suggests a history of generally secure development. However, the static analysis reveals significant concerns, particularly regarding the attack surface. With three out of four identified entry points lacking authentication checks, these AJAX handlers represent a direct pathway for potential unauthorized actions. Furthermore, the plugin's output escaping is only 57% proper, leaving a substantial portion of its output potentially vulnerable to cross-site scripting (XSS) attacks. While taint analysis showed no immediate critical flows, the combination of unprotected entry points and insufficient output sanitization creates a plausible scenario for exploitation.

Key Concerns

Unprotected AJAX handlers
Insufficient output escaping
No nonce checks on AJAX

Vulnerabilities

None known

GDPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

GDPress Code Analysis

Dangerous Functions

Raw SQL Queries

44 prepared

Unescaped Output

104 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

96% prepared46 total queries

Output Escaping

57% escaped181 total outputs

Attack Surface

3 unprotected

GDPress Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 3

authwp_ajax_gdpress_formGDPress.php:80

noprivwp_ajax_gdpress_formGDPress.php:81

authwp_ajax_gdp_ajaxGDPress.php:82

Shortcodes 1

[gdpress] GDPress.php:106

WordPress Hooks 77

actionplugins_loadedGDPress.php:75

actioninitGDPress.php:76

actionwidgets_initGDPress.php:77

actiongdpress_check_floodGDPress.php:78

actiongdp_scheduleGDPress.php:84

actiongdp_installGDPress.php:85

actionupgrader_process_completeGDPress.php:89

actionswitch_themeGDPress.php:90

actionactivate_pluginGDPress.php:91

actiondeactivated_pluginGDPress.php:92

actionadmin_initGDPress.php:100

actionadmin_menuGDPress.php:101

actionwp_headGDPress.php:104

actionadmin_menuGDPress.php:199

actionadmin_bar_menuGDPress.php:204

filtergdpress_is_floodGDPress.php:232

filtergdpress_flood_filterGDPress.php:233

actionadmin_footergp-admin\ropa.php:22

filterparse_querygp-includes\class\GDP_Archivist.class.php:63

actioncheck_admin_referergp-includes\class\GDP_Archivist.class.php:64

actionlogin_form_confirmactiongp-includes\class\GDP_Archivist.class.php:65

filterpre_delete_postgp-includes\class\GDP_Archivist.class.php:66

filteruser_request_action_descriptiongp-includes\class\GDP_Archivist.class.php:83

filteruser_request_action_email_headersgp-includes\class\GDP_Archivist.class.php:92

actionuser_request_action_confirmedgp-includes\class\GDP_Archivist.class.php:108

actiondeleted_postgp-includes\class\GDP_Archivist.class.php:121

filteruser_request_action_email_headersgp-includes\class\GDP_Archivist.class.php:138

filteruser_request_confirmed_email_headersgp-includes\class\GDP_Archivist.class.php:139

filteruser_request_action_descriptiongp-includes\class\GDP_Archivist.class.php:164

actionwp_privacy_personal_data_export_file_createdgp-includes\class\GDP_Archivist.class.php:183

filterwp_mailgp-includes\class\GDP_Archivist.class.php:201

actionwp_privacy_personal_data_erasedgp-includes\class\GDP_Archivist.class.php:212

actionphpmailer_initgp-includes\class\GDP_Archivist.class.php:251

actionMailPress_swift_message_builtgp-includes\class\GDP_Archivist.class.php:252

actionadmin_footergp-includes\class\GDP_Dashboard.class.php:23

filterGDPress_dashboard_metaboxes_registergp-includes\class\GDP_dashboard_metabox_.class.php:8

actionGDPress_dashboard_add_meta_boxgp-includes\class\GDP_dashboard_metabox_.class.php:9

filteruser_request_action_email_headersgp-includes\class\GDP_Mail_Headers.class.php:24

filteruser_request_confirmed_email_headersgp-includes\class\GDP_Mail_Headers.class.php:25

filterwp_privacy_personal_data_email_headersgp-includes\class\GDP_Mail_Headers.class.php:26

filteruser_erasure_complete_email_headersgp-includes\class\GDP_Mail_Headers.class.php:27

actionadmin_initgp-includes\class\GDP_WP_Admin_page_.class.php:15

actionadmin_initgp-includes\class\GDP_WP_Admin_page_.class.php:16

actionadmin_headgp-includes\class\GDP_WP_Admin_page_.class.php:18

filterscreen_meta_screengp-includes\class\GDP_WP_Admin_page_.class.php:19

filtercurrent_screengp-includes\class\GDP_WP_Admin_page_.class.php:20

actionadmin_print_stylesgp-includes\class\GDP_WP_Admin_page_.class.php:22

actionadmin_print_scriptsgp-includes\class\GDP_WP_Admin_page_.class.php:23

actionadmin_print_footer_scriptsgp-includes\class\GDP_WP_Admin_page_.class.php:24

actionwp_print_scriptsgp-includes\class\GDP_WP_Admin_page_.class.php:26

actionwp_print_footer_scriptsgp-includes\class\GDP_WP_Admin_page_.class.php:27

filterset-screen-optiongp-includes\class\GDP_WP_Admin_page_list_.class.php:10

actionplugins_loadedgp-includes\class\GDP_WP_Embed_handlers.class.php:24

actionplugins_loadedgp-includes\class\GDP_WP_oEmbed_providers.class.php:73

filterdefault_avatar_selectgp-includes\class\GDP_WP_off_Avatars.class.php:7

actionplugins_loadedgp-includes\class\GDP_WP_off_Embed.class.php:6

filtertiny_mce_pluginsgp-includes\class\GDP_WP_off_Emojis.class.php:19

filterwp_resource_hintsgp-includes\class\GDP_WP_off_Emojis.class.php:20

actionplugins_loadedgp-includes\class\GDP_WP_off_Events_News.class.php:6

actionwp_dashboard_setupgp-includes\class\GDP_WP_off_Events_News.class.php:11

actioninitgp-includes\class\GDP_WP_off_HeartBeat.class.php:6

actionplugins_loadedgp-includes\class\GDP_WP_off_oEmbed.class.php:6

filteroembed_dataparsegp-includes\class\GDP_WP_off_oEmbed.class.php:7

filterrest_authentication_errorsgp-includes\class\GDP_WP_off_Rest_Api.class.php:26

filterrest_url_prefixgp-includes\class\GDP_WP_off_Rest_Api.class.php:27

actionplugins_loadedgp-includes\class\GDP_WP_off_Site_Health.class.php:10

filtersite_status_testsgp-includes\class\GDP_WP_off_Site_Health.class.php:17

filterdebug_informationgp-includes\class\GDP_WP_off_Site_Health.class.php:22

filterpre_schedule_eventgp-includes\class\GDP_WP_off_Site_Health.class.php:30

actionadmin_menugp-includes\class\GDP_WP_off_Site_Health.class.php:33

actionwp_dashboard_setupgp-includes\class\GDP_WP_off_Site_Health.class.php:34

actioncurrent_screengp-includes\class\GDP_WP_off_Site_Health.class.php:38

filterwp_xmlrpc_server_classgp-includes\class\GDP_WP_off_Xmlrpc.class.php:7

actionplugins_loadedgp-includes\class\GDP_WP_Site_Health_tests.class.php:24

filterGDPress_scriptsgp-includes\class\options\dashboard\metaboxes\wp_wellness.php:10

filteruser_erasure_complete_email_headersgp-includes\class\options\privacy\erasers\_archivist.php:13

actionwp_privacy_personal_data_export_filegp-includes\class\options\privacy\exporters\_archivist.php:13

Scheduled Events 3

gdp_install

gdp_schedule

wp_site_health_scheduled_check

Maintenance & Trust

GDPress Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedSep 10, 2020

PHP min version7.0

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

GDPress Alternatives

Inazo's flamingo automatically delete old messages

inazo-flamingo-automatically-delete-old-messages

This plugin help you to auto removed all information stored by flamingo.

4K No CVEs

Manage Privacy Options Page

manage-privacy-options

Add roles that can edit the privacy page.

1K No CVEs

Wider Gravity Forms Stop Entries

wider-gravity-forms-stop-entries

Selectively stop Gravity Forms entries being stored on your web server to comply with privacy and the GDPR.

700 No CVEs

Gravity Forms: GDPR Framework Add-On

gdpr-for-gravity-forms

The easiest way to make your Gravity Forms GDPR-compliant. Fully documented, extendable and developer-friendly.

400 No CVEs

Disable Privacy Tools

disable-privacy-tools

Removes the tools for creating a privacy policy and exporting/erasing personal data.

200 No CVEs

Developer Profile

GDPress Developer Profile

arena

19 plugins · 2K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

50 days

View full developer profile

Detection Fingerprints

How We Detect GDPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gdpress/gp-content/css/gdpress-admin-bar.css/wp-content/plugins/gdpress/gp-content/css/gdpress-form.css/wp-content/plugins/gdpress/gp-content/css/gdpress-admin.css/wp-content/plugins/gdpress/gp-content/css/gdpress-theme.css/wp-content/plugins/gdpress/gp-content/css/gdpress-style.css

Script Paths

/wp-content/plugins/gdpress/gp-content/js/gdpress-admin.js/wp-content/plugins/gdpress/gp-content/js/gdpress-form.js/wp-content/plugins/gdpress/gp-content/js/gdpress-theme.js

Version Parameters

gdpress/gp-content/css/gdpress-admin-bar.css?ver=gdpress/gp-content/css/gdpress-form.css?ver=gdpress/gp-content/css/gdpress-admin.css?ver=gdpress/gp-content/css/gdpress-theme.css?ver=gdpress/gp-content/css/gdpress-style.css?ver=gdpress/gp-content/js/gdpress-admin.js?ver=gdpress/gp-content/js/gdpress-form.js?ver=gdpress/gp-content/js/gdpress-theme.js?ver=

HTML / DOM Fingerprints

CSS Classes

gdpress-form

JS Globals

GDPress_Form

REST Endpoints

/wp-json/gdpress/

Shortcode Output

[gdpress]

FAQ