Does Caldera Forms Google Sheets Connector have any unpatched vulnerabilities?

Yes — Caldera Forms Google Sheets Connector currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Caldera Forms Google Sheets Connector compatible with WordPress 6.3.8?

According to WordPress.org data, Caldera Forms Google Sheets Connector 1.3 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

How often is Caldera Forms Google Sheets Connector updated?

Caldera Forms Google Sheets Connector was last updated on Sep 11, 2023. Frequent updates are generally a positive security signal.

What is Caldera Forms Google Sheets Connector's security score?

Caldera Forms Google Sheets Connector has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Caldera Forms Google Sheets Connector Security & Risk Analysis

wordpress.org/plugins/gsheetconnector-caldera-forms

Send your Caldera Forms data directly to your Google Sheets spreadsheet.

100 active installs v1.3 PHP + WP 6.0+ Updated Sep 11, 2023

caldera-formscaldera-forms-integrationscontact-formsgoogle-sheetgoogle-sheets-integrations

C · Use Caution

CVEs total1

Unpatched1

Last CVEJun 26, 2023

Plugin page Download

Safety Verdict

Is Caldera Forms Google Sheets Connector Safe to Use in 2026?

Use With Caution

Score 64/100

Caldera Forms Google Sheets Connector has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Jun 26, 2023Updated 2yr ago

Risk Assessment

The gsheetconnector-caldera-forms plugin exhibits a generally good security posture with a limited attack surface and no identified critical or high severity taint flows. The static analysis shows a strong adherence to security best practices in several areas, including a significant majority of outputs being properly escaped and the presence of nonce and capability checks on its AJAX handlers. The absence of dangerous functions, shortcodes, cron events, and REST API routes further reduces potential entry points for attackers. However, the plugin's security is undermined by a known unpatched medium severity vulnerability and the use of raw SQL queries without prepared statements. While the vulnerability history is limited, the presence of a medium severity CSRF vulnerability indicates a potential weakness that, if exploited, could lead to unauthorized actions. The bundled Guzzle library is also a point of consideration, as outdated versions can introduce security risks.

Key Concerns

Unpatched medium severity CVE
SQL queries without prepared statements
Bundled library (Guzzle)

Vulnerabilities

Caldera Forms Google Sheets Connector Security Vulnerabilities

CVEs by Year

1 CVE in 2023 · unpatched

2023

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2023-2330medium · 4.3Cross-Site Request Forgery (CSRF)

Caldera Forms Google Sheets Connector <= 1.3 - Cross-Site Request Forgery

Jun 26, 2023Unpatched

Code Analysis

Analyzed Mar 16, 2026

Caldera Forms Google Sheets Connector Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

65 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

SQL Query Safety

0% prepared2 total queries

Output Escaping

78% escaped83 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

verify_caldera_gs_integation (includes\class-caldera-gs-service.php:34)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Caldera Forms Google Sheets Connector Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_verify_caldera_gs_integationincludes\class-caldera-gs-service.php:23

authwp_ajax_cf_gs_clear_logincludes\class-caldera-gs-service.php:24

authwp_ajax_deactivate_caldera_gs_integationincludes\class-caldera-gs-service.php:25

WordPress Hooks 9

actionadmin_menugsheetconnector-caldera-forms.php:68

actioninitgsheetconnector-caldera-forms.php:71

actioninitgsheetconnector-caldera-forms.php:74

actionadmin_initgsheetconnector-caldera-forms.php:80

actionadmin_noticesgsheetconnector-caldera-forms.php:151

actionnetwork_admin_noticesgsheetconnector-caldera-forms.php:152

actionadmin_print_stylesgsheetconnector-caldera-forms.php:195

actionadmin_print_scriptsgsheetconnector-caldera-forms.php:196

filtercaldera_forms_get_form_processorsincludes\class-caldera-gs-service.php:27

Maintenance & Trust

Caldera Forms Google Sheets Connector Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedSep 11, 2023

PHP min version

Downloads9K

Community Trust

Rating100/100

Number of ratings1

Active installs100

Alternatives

Caldera Forms Google Sheets Connector Alternatives

GSheetConnector for CF7 – Connect Contact Form 7 to Google Sheets and Send Form Submissions in Real Time

cf7-google-sheets-connector

Send your Contact Form 7 data directly to your Google Sheets spreadsheet.

40K 4 CVEs

SA Integrations For Google Sheets

sa-integrations-for-google-sheets

100

This plugin connects your WordPress website with Google Sheets, enabling automatic synchronization of form submissions and WooCommerce order data.

0 No CVEs

Gsheet Contact Addons & ShortCode

shortcode-addons-for-google-sheet-api

Send your Contact Form 7 data directly to your Google Sheets spreadsheet API.

0 No CVEs

OttoKit: All-in-One Automation Platform

suretriggers

Experience the power of automation within WordPress: Connect 1,300+ apps, automate manual tasks, and unlock your full potential. Get started now!

100K 4 CVEs

Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin

uncanny-automator

Uncanny Automator is the easiest and most powerful way to connect your WordPress plugins, sites and apps together with powerful automations.

50K 11 CVEs

Developer Profile

Caldera Forms Google Sheets Connector Developer Profile

WesternDeal

11 plugins · 63K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

126 days

View full developer profile

Detection Fingerprints

How We Detect Caldera Forms Google Sheets Connector

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gsheetconnector-caldera-forms/assets/css/gsheetconnector-caldera-forms.css/wp-content/plugins/gsheetconnector-caldera-forms/assets/css/gsheetconnector-caldera-forms-admin.css/wp-content/plugins/gsheetconnector-caldera-forms/assets/css/gsheetconnector-caldera-forms.min.css/wp-content/plugins/gsheetconnector-caldera-forms/assets/css/gsheetconnector-caldera-forms-admin.min.css

Script Paths

/wp-content/plugins/gsheetconnector-caldera-forms/assets/js/gsheetconnector-caldera-forms.js/wp-content/plugins/gsheetconnector-caldera-forms/assets/js/gsheetconnector-caldera-forms.min.js

Version Parameters

gsheetconnector-caldera-forms/assets/css/gsheetconnector-caldera-forms.css?ver=gsheetconnector-caldera-forms/assets/css/gsheetconnector-caldera-forms-admin.css?ver=gsheetconnector-caldera-forms/assets/js/gsheetconnector-caldera-forms.js?ver=

HTML / DOM Fingerprints

CSS Classes

caldera-forms-menu-dashicon

JS Globals

Caldera_Gs_Connector_UtilityCALDERA_GOOGLESHEET_VERSIONCALDERA_GOOGLESHEET_DB_VERSIONCALDERA_GOOGLESHEET_ROOTCALDERA_GOOGLESHEET_URLCALDERA_GOOGLESHEET_BASE_FILE+3 more

FAQ