WP-Safety

Gravity Slider Fields Security & Risk Analysis

wordpress.org/plugins/gravity-slider-fields

Adds slider fields to Gravity Forms

3K active installs v2.1 PHP 5.6+ WP 3.1+ Updated Nov 19, 2024
fieldformsgravitynumberslider
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Gravity Slider Fields Safe to Use in 2026?

Generally Safe

Score 92/100

Gravity Slider Fields has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The plugin 'gravity-slider-fields' v2.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices in avoiding dangerous functions, utilizing prepared statements for all SQL queries, and having no recorded vulnerabilities. The absence of file operations and external HTTP requests also reduces the potential attack surface. However, a significant concern is the presence of one AJAX handler that lacks authentication checks. This creates a direct entry point for unauthenticated users, which can be a gateway for various attacks if the AJAX action itself is vulnerable to input manipulation or unauthorized execution. While the taint analysis shows no critical or high severity flows, this doesn't fully mitigate the risk of the unprotected AJAX handler, as its impact is dependent on the functionality it exposes. The lack of nonce checks on this unprotected AJAX handler further exacerbates the risk. The overall security posture is thus weakened by this single, but critical, unprotected entry point.

Key Concerns

  • Unprotected AJAX handler
  • Missing nonce checks on AJAX
  • Low output escaping (80%)
Vulnerabilities
None known

Gravity Slider Fields Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Gravity Slider Fields Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
8 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

80% escaped10 total outputs
Attack Surface
1 unprotected

Gravity Slider Fields Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_dismiss_noticetypewheel-notice\class-typewheel-notice.php:270
WordPress Hooks 9
filtergform_pre_submission_filterclass-gfsliderfields.php:40
filtergform_admin_pre_renderclass-gfsliderfields.php:41
filtergform_tooltipsclass-gfsliderfields.php:51
actiongform_editor_js_set_default_valuesclass-gfsliderfields.php:52
actiongform_editor_jsclass-gfsliderfields.php:53
filtergform_field_standard_settingsclass-gfsliderfields.php:54
filtergform_custom_merge_tagsclass-gfsliderfields.php:56
actiongform_loadedgravity-slider-fields.php:30
actionadmin_enqueue_scriptstypewheel-notice\class-typewheel-notice.php:10
Maintenance & Trust

Gravity Slider Fields Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedNov 19, 2024
PHP min version5.6
Downloads50K

Community Trust

Rating92/100
Number of ratings14
Active installs3K
Alternatives

Gravity Slider Fields Alternatives

GravityWP – Count

GravityWP – Count

gravitywp-count

A
100

Count, filter and display the number of Gravity Forms entries or the total of a number field for multiple entries.

2K No CVEs
Advanced Custom Fields: Gravity Forms Add-on

Advanced Custom Fields: Gravity Forms Add-on

acf-gravityforms-add-on

A
100

Provides an Advanced Custom Field which allows a WordPress user to select a Gravity Form as part of a field group configuration.

30K No CVEs
WP Contact Slider – Contact Form Slider Widget

WP Contact Slider – Contact Form Slider Widget

wp-contact-slider

A
99

Helps you to show slide out contact form to display CF7, Gravity forms, Ninja Forms, WP Forms, display random text/HTML and support some other forms.

10K 2 CVEs
Smart phone field for Gravity Forms

Smart phone field for Gravity Forms

smart-phone-field-for-gravity-forms

A
100

A simple and nice plugin to get auto country flag from user ip address on gravity form phone field.

5K No CVEs
Real Time Validation for Gravity Forms

Real Time Validation for Gravity Forms

real-time-validation-for-gravity-forms

F
24

Real Time Validation for Gravity Forms increases conversion rates of your Gravity Form using inline validation messages as user types in field.

2K 3 unpatched
Developer Profile

Gravity Slider Fields Developer Profile

uamv

3 plugins · 3K total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Gravity Slider Fields

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/gravity-slider-fields/gravity-slider-fields.php/wp-content/plugins/gravity-slider-fields/class-gfsliderfields.php/wp-content/plugins/gravity-slider-fields/class-gf-field-slider.php/wp-content/plugins/gravity-slider-fields/typewheel-notice/typewheel-notice.css/wp-content/plugins/gravity-slider-fields/typewheel-notice/typewheel-notice.js
Script Paths
/wp-content/plugins/gravity-slider-fields/typewheel-notice/typewheel-notice.js
Version Parameters
gravity-slider-fields/gravity-slider-fields.php?ver=2.1gravity-slider-fields/class-gfsliderfields.php?ver=2.1gravity-slider-fields/class-gf-field-slider.php?ver=2.1gravity-slider-fields/typewheel-notice/typewheel-notice.css?ver=2.1gravity-slider-fields/typewheel-notice/typewheel-notice.js?ver=2.1

HTML / DOM Fingerprints

CSS Classes
typewheel-notice
HTML Comments
<!-- Typewheel Notice -->
Data Attributes
data-typewheel-notice-id
JS Globals
TypewheelNotice
FAQ

Frequently Asked Questions about Gravity Slider Fields