Does Gravity Forms Data Purge have any unpatched vulnerabilities?

No. All known vulnerabilities in Gravity Forms Data Purge have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gravity Forms Data Purge compatible with WordPress 4.9.29?

According to WordPress.org data, Gravity Forms Data Purge 1.0.4 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Gravity Forms Data Purge updated?

Gravity Forms Data Purge was last updated on Apr 7, 2018. Frequent updates are generally a positive security signal.

What is Gravity Forms Data Purge's security score?

Gravity Forms Data Purge has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gravity Forms Data Purge Security & Risk Analysis

wordpress.org/plugins/gf-data-purge

Simple plugin to purge data from Gravity Forms Entries that are older that a certain number of days.

60 active installs v1.0.4 PHP + WP + Updated Apr 7, 2018

data-protectiongdprgravity-forms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gravity Forms Data Purge Safe to Use in 2026?

Generally Safe

Score 85/100

Gravity Forms Data Purge has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "gf-data-purge" plugin v1.0.4 presents a mixed security posture. On the positive side, the static analysis reveals no dangerous functions, no direct SQL queries (all use prepared statements), no file operations, no external HTTP requests, and no taint flows, which are all excellent indicators. Furthermore, the plugin has no recorded vulnerability history, suggesting a history of safe development. However, a significant concern arises from the output escaping. With 100% of outputs not properly escaped, this plugin has a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data processed or displayed by the plugin that is not inherently safe could be injected with malicious scripts. The absence of nonce checks and capability checks on entry points, while seemingly low risk due to the zero entry points listed, still represents a potential gap if the plugin's functionality were to expand or if the static analysis missed any indirect entry points.

Key Concerns

100% of outputs not properly escaped
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Gravity Forms Data Purge Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Gravity Forms Data Purge Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

Gravity Forms Data Purge Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadmin_initgravity-forms-data-purge.php:18

filtergform_addon_navigationgravity-forms-data-purge.php:21

actiongfdp_check_for_expired_entriesgravity-forms-data-purge.php:46

actionwpgravity-forms-data-purge.php:54

Scheduled Events 1

gfdp_check_for_expired_entries

Maintenance & Trust

Gravity Forms Data Purge Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedApr 7, 2018

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

Gravity Forms Data Purge Alternatives

GDPR

gdpr

100

This plugin is meant to assist with the GDPR obligations of a Data processor and Controller.

10K No CVEs

Wider Gravity Forms Stop Entries

wider-gravity-forms-stop-entries

Selectively stop Gravity Forms entries being stored on your web server to comply with privacy and the GDPR.

700 No CVEs

Gravity Forms: GDPR Framework Add-On

gdpr-for-gravity-forms

The easiest way to make your Gravity Forms GDPR-compliant. Fully documented, extendable and developer-friendly.

400 No CVEs

Gravity Forms Privacy AddOn

gf-privacy-addon

Add Gravity Forms data to the "Export Personal Data" and "Erase Personal Data" tools.

70 No CVEs

GDPR Easycloud

gdpr-easycloud

GDPR Easycloud is the plugin that allows you to easily manage cookies in compliance with the general data protection regulations (GDPR).

20 No CVEs

Developer Profile

Gravity Forms Data Purge Developer Profile

Andrew Dixon

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Gravity Forms Data Purge

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gf-data-purge/gfdp-admin.js/wp-content/plugins/gf-data-purge/gfdp-admin.css

Script Paths

/wp-content/plugins/gf-data-purge/gfdp-admin.js

Version Parameters

gf-data-purge/gfdp-admin.js?ver=gf-data-purge/gfdp-admin.css?ver=

HTML / DOM Fingerprints

Data Attributes

id="gfdp_option_name"name="gfdp_option_name"

FAQ