Does Gravity Forms A/B Testing have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Gravity Forms A/B Testing compatible with WordPress 4.1.42?

According to WordPress.org data, Gravity Forms A/B Testing 0.1 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Gravity Forms A/B Testing updated?

Gravity Forms A/B Testing was last updated on Apr 10, 2015. Frequent updates are generally a positive security signal.

What is Gravity Forms A/B Testing's security score?

Gravity Forms A/B Testing has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gravity Forms A/B Testing Security & Risk Analysis

wordpress.org/plugins/gravity-forms-ab-testing

A simple plugin that allows A/B Testing for Gravity Forms

10 active installs v0.1 PHP + WP 3.0.1+ Updated Apr 10, 2015

ab-testingabgravity-forms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gravity Forms A/B Testing Safe to Use in 2026?

Generally Safe

Score 85/100

Gravity Forms A/B Testing has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The plugin "gravity-forms-ab-testing" v0.1 exhibits a generally positive security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is a strong indication of secure coding practices. Furthermore, the lack of known CVEs and a clean vulnerability history suggest a well-maintained and stable plugin.

However, a significant concern arises from the output escaping analysis. With 100% of outputs unescaped, this plugin presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities. Any data that is displayed to users without proper sanitization could be exploited by attackers to inject malicious scripts. The absence of nonce checks and capability checks, while not immediately indicating a vulnerability given the current entry point analysis, suggests a lack of defense-in-depth that could become problematic if new entry points are introduced or if existing ones are modified without security in mind.

In conclusion, while the plugin avoids many common pitfalls and boasts a clean vulnerability record, the unescaped output is a critical flaw that needs immediate attention. Addressing this would significantly improve the plugin's security and mitigate the risk of XSS attacks.

Key Concerns

Output is not properly escaped
No nonce checks present
No capability checks present

Vulnerabilities

None known

Gravity Forms A/B Testing Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Gravity Forms A/B Testing Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Gravity Forms A/B Testing Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

Gravity Forms A/B Testing Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[gravity_form_ab] gravity_ab.php:14

Maintenance & Trust

Gravity Forms A/B Testing Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedApr 10, 2015

PHP min version

Downloads2K

Community Trust

Rating20/100

Number of ratings1

Active installs10

Alternatives

Gravity Forms A/B Testing Alternatives

Unbounce Landing Pages

unbounce

100

Unbounce is the most powerful standalone landing page builder available.

10K No CVEs

WP Contact Slider – Contact Form Slider Widget

wp-contact-slider

Helps you to show slide out contact form to display CF7, Gravity forms, Ninja Forms, WP Forms, display random text/HTML and support some other forms.

10K 2 CVEs

WCAG 2.0 form fields for Gravity Forms

gravity-forms-wcag-20-form-fields

Modifies Gravity Forms form fields and improves validation so that forms meet WCAG 2.0 accessibility requirements.

5K No CVEs

Tooltip for Gravity Forms

tooltip-for-gravity-forms

Add tooltips next to Gravity Forms field labels very easily. Supports placements, themes, animations.

900 No CVEs

Personizely — A/B Testing, Personalization, Popups & CRO

personizely

Personizely is a Conversion Optimization Toolkit that helps you boost engagement and sales through A/B testing, website personalization, and popups.

400 1 CVE

Developer Profile

Gravity Forms A/B Testing Developer Profile

Asitha

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Gravity Forms A/B Testing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gravity-forms-ab-testing/gravity_ab.php

HTML / DOM Fingerprints

Shortcode Output

[gravityform id="" title="

FAQ