Does Gravity Forms RSS Add-On have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Gravity Forms RSS Add-On compatible with WordPress 4.5.33?

According to WordPress.org data, Gravity Forms RSS Add-On 1.1.3 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Gravity Forms RSS Add-On updated?

Gravity Forms RSS Add-On was last updated on Apr 11, 2016. Frequent updates are generally a positive security signal.

What is Gravity Forms RSS Add-On's security score?

Gravity Forms RSS Add-On has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gravity Forms RSS Add-On Security & Risk Analysis

wordpress.org/plugins/gravity-forms-rss

Output Gravity Forms entries as an RSS feed on a per-form basis.

40 active installs v1.1.3 PHP + WP 2.8+ Updated Apr 11, 2016

formformsgravitygravity-formgravity-forms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gravity Forms RSS Add-On Safe to Use in 2026?

Generally Safe

Score 85/100

Gravity Forms RSS Add-On has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The plugin "gravity-forms-rss" v1.1.3 presents a generally positive security posture based on the static analysis. There are no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication or permission checks. The code also demonstrates good practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and avoiding file operations and external HTTP requests. This significantly limits the attack vectors.

However, there are areas for improvement. The low percentage of properly escaped output (20%) suggests a potential risk of Cross-Site Scripting (XSS) vulnerabilities. While no critical or high-severity taint flows were detected, two flows with unsanitized paths were found, which could lead to unexpected behavior or privilege escalation if not handled carefully, though the absence of entry points mitigates this immediate concern. The plugin's vulnerability history is clean, with no recorded CVEs, which is a strong indicator of its current security.

Overall, "gravity-forms-rss" v1.1.3 is a relatively secure plugin due to its limited attack surface and good SQL handling. The main concern lies in the insufficient output escaping, which requires attention to prevent potential XSS issues. The absence of critical vulnerabilities and a clean history are positive indicators.

Key Concerns

Low percentage of properly escaped output
Flows with unsanitized paths

Vulnerabilities

None known

Gravity Forms RSS Add-On Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Gravity Forms RSS Add-On Release Timeline

v1.1.3Current

v1.1.2

v1.1.1

v1.1

v1.0.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Gravity Forms RSS Add-On Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

20% escaped10 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

export (gravity-forms-rss.php:68)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Gravity Forms RSS Add-On Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionplugins_loadedgravity-forms-rss.php:29

actioninitgravity-forms-rss.php:30

actionadmin_noticesgravity-forms-rss.php:40

actionadmin_footergravity-forms-rss.php:47

filtergform_form_settingsgravity-forms-rss.php:49

filtergform_tooltipsgravity-forms-rss.php:50

Maintenance & Trust

Gravity Forms RSS Add-On Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedApr 11, 2016

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

Gravity Forms RSS Add-On Alternatives

Gravity Forms Zero Spam

gravity-forms-zero-spam

100

Enhance your Gravity Forms to include anti-spam measures originally based on the work of David Walsh's "Zero Spam" technique.

100K No CVEs

Gravity Booster – Styles & Layouts for Gravity Forms

styles-and-layouts-for-gravity-forms

100

Gravity Booster - Styles and Layouts for Gravity Forms plugin lets you design and style Gravity Forms without CSS coding. You can also use it for addi …

40K No CVEs

Advanced Custom Fields: Gravity Forms Add-on

acf-gravityforms-add-on

100

Provides an Advanced Custom Field which allows a WordPress user to select a Gravity Form as part of a field group configuration.

30K No CVEs

Event Tracking for Gravity Forms

gravity-forms-google-analytics-event-tracking

Easily add event tracking using Gravity Forms and your Google Analytics or Google Tag Manager account. Supports Google Analytics v3 and Gravity Forms …

20K No CVEs

Gravity PDF

gravity-forms-pdf-extended

100

Automatically generate, email and download PDF documents from Gravity Forms entries

20K 1 CVE

Developer Profile

Gravity Forms RSS Add-On Developer Profile

Zack Katz

24 plugins · 14K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Gravity Forms RSS Add-On

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ