WP-Safety

Gravity Forms Data Persistence Add-On Reloaded Security & Risk Analysis

wordpress.org/plugins/gravity-forms-data-persistence-add-on-reloaded

This plugin makes your Gravity Forms data-persistent.

700 active installs v3.3.1 PHP + WP 2.9.2+ Updated Feb 14, 2016
datafieldformgravitypersistence
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Gravity Forms Data Persistence Add-On Reloaded Safe to Use in 2026?

Generally Safe

Score 85/100

Gravity Forms Data Persistence Add-On Reloaded has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The plugin "gravity-forms-data-persistence-add-on-reloaded" v3.3.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and having no recorded vulnerabilities. This suggests a developer who is mindful of common web application security pitfalls.

However, significant concerns arise from the static analysis. The plugin exposes two AJAX handlers, and critically, neither of them includes authentication checks. This creates a substantial attack surface where unauthenticated users could potentially trigger these handlers, leading to unintended actions or information disclosure. Furthermore, only 50% of its output is properly escaped, which could open the door to cross-site scripting (XSS) vulnerabilities if user-controlled data is involved in the unescaped outputs.

The absence of any recorded vulnerabilities, while a positive sign, might also be attributed to the lack of known exploits targeting these specific weaknesses or the plugin's limited adoption. The lack of taint analysis flows is also noteworthy, meaning the analysis couldn't identify any data flow issues, which is good, but it's limited by the analysis itself. Overall, while the plugin avoids some common pitfalls, the unprotected AJAX endpoints and potential for XSS due to incomplete output escaping represent real security risks that require immediate attention.

Key Concerns

  • Unprotected AJAX handlers
  • Incomplete output escaping (50%)
  • No nonce checks on entry points
  • No capability checks on entry points
Vulnerabilities
None known

Gravity Forms Data Persistence Add-On Reloaded Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Gravity Forms Data Persistence Add-On Reloaded Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

50% escaped4 total outputs
Attack Surface
2 unprotected

Gravity Forms Data Persistence Add-On Reloaded Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_gfdp_savegravity-forms-data-persistence-add-on-reloaded.php:89
authwp_ajax_gfdp_purgegravity-forms-data-persistence-add-on-reloaded.php:519
WordPress Hooks 14
actioninitgravity-forms-data-persistence-add-on-reloaded.php:37
actionwp_headgravity-forms-data-persistence-add-on-reloaded.php:46
actionwp_enqueue_scriptsgravity-forms-data-persistence-add-on-reloaded.php:52
filtergform_pre_rendergravity-forms-data-persistence-add-on-reloaded.php:58
actiongform_enqueue_scriptsgravity-forms-data-persistence-add-on-reloaded.php:114
actionwp_print_footer_scriptsgravity-forms-data-persistence-add-on-reloaded.php:117
actiongform_post_paginggravity-forms-data-persistence-add-on-reloaded.php:187
actiongform_after_submissiongravity-forms-data-persistence-add-on-reloaded.php:199
filtergform_form_settingsgravity-forms-data-persistence-add-on-reloaded.php:310
filtergform_pre_form_settings_savegravity-forms-data-persistence-add-on-reloaded.php:409
actiongform_advanced_settingsgravity-forms-data-persistence-add-on-reloaded.php:432
actiongform_field_advanced_settingsgravity-forms-data-persistence-add-on-reloaded.php:451
actiongform_editor_jsgravity-forms-data-persistence-add-on-reloaded.php:468
filtergform_tooltipsgravity-forms-data-persistence-add-on-reloaded.php:484
Maintenance & Trust

Gravity Forms Data Persistence Add-On Reloaded Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39
Last updatedFeb 14, 2016
PHP min version
Downloads10K

Community Trust

Rating98/100
Number of ratings18
Active installs700
Alternatives

Gravity Forms Data Persistence Add-On Reloaded Alternatives

Gravity Forms Data Persistence Add-On

Gravity Forms Data Persistence Add-On

gravity-forms-data-persistence-add-on

A
85

This plugin makes your Gravity Forms data-persistent.

100 No CVEs
Gravity Forms Sticky Form

Gravity Forms Sticky Form

gravity-forms-sticky-form

A
85

A plugin that makes your Gravity Forms stick!

50 No CVEs
Advanced Custom Fields: Gravity Forms Add-on

Advanced Custom Fields: Gravity Forms Add-on

acf-gravityforms-add-on

A
100

Provides an Advanced Custom Field which allows a WordPress user to select a Gravity Form as part of a field group configuration.

30K No CVEs
Smart phone field for Gravity Forms

Smart phone field for Gravity Forms

smart-phone-field-for-gravity-forms

A
100

A simple and nice plugin to get auto country flag from user ip address on gravity form phone field.

5K No CVEs
Gravity Slider Fields

Gravity Slider Fields

gravity-slider-fields

A
92

Adds slider fields to Gravity Forms

3K No CVEs
Developer Profile

Gravity Forms Data Persistence Add-On Reloaded Developer Profile

unclhos

3 plugins · 880 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Gravity Forms Data Persistence Add-On Reloaded

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths
/wp-content/plugins/gravity-forms-data-persistence-add-on-reloaded/gfdp.js
Version Parameters
gravity-forms-data-persistence-add-on-reloaded/gfdp.js?ver=

HTML / DOM Fingerprints

CSS Classes
gfdp
HTML Comments
<!-- Gravity Forms Data Persistence Add-On Reloaded Version 3.3.1 -->
JS Globals
gfdp_eventsgfdp_ajax
FAQ

Frequently Asked Questions about Gravity Forms Data Persistence Add-On Reloaded