WP-Safety

Image Picker For Gravity Forms Security & Risk Analysis

wordpress.org/plugins/image-choices-for-gravity-forms

A simple and nice plugin to add images easily on gravity forms radio and checkbox field.

1K active installs v1.1.3 PHP 5.6+ WP 5.0+ Updated Sep 24, 2025
dropdowngravityformsimage-choicesimage-pickerimages
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Image Picker For Gravity Forms Safe to Use in 2026?

Generally Safe

Score 100/100

Image Picker For Gravity Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The "image-choices-for-gravity-forms" plugin, version 1.1.3, demonstrates a generally strong security posture. The static analysis reveals a very small attack surface with all identified entry points (AJAX handlers) protected by nonce checks and capability checks. The code heavily relies on prepared statements for SQL queries, and a high percentage of output is properly escaped, indicating good coding practices to prevent common vulnerabilities like SQL injection and XSS.

Despite the positive static analysis, there are minor areas for attention. The presence of file operations and external HTTP requests, while not flagged as inherently dangerous in this analysis, represent potential vectors if not handled with extreme care. The bundled Freemius library at version 1.0, while not explicitly stated as outdated or vulnerable in this data, is a component that should be monitored for security updates.

The plugin's vulnerability history is remarkably clean, with no recorded CVEs. This is a significant strength, suggesting a mature and well-maintained codebase. Overall, the plugin appears to be securely developed, with its main points of interest being the careful management of its limited file and network interaction capabilities and keeping bundled libraries up-to-date.

Key Concerns

  • Bundled outdated library (Freemius v1.0)
Vulnerabilities
None known

Image Picker For Gravity Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Image Picker For Gravity Forms Release Timeline

v1.1.3Current
v1.1.2
v1.1.1
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Image Picker For Gravity Forms Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
108 escaped
Nonce Checks
2
Capability Checks
1
File Operations
1
External Requests
1
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

96% escaped112 total outputs
Attack Surface

Image Picker For Gravity Forms Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_gfimp_offer_notice_dismissadmin\class-dashboard.php:14
authwp_ajax_gfimp_upgrade_notice_dismissadmin\class-dashboard.php:15
WordPress Hooks 13
filteradmin_footer_textadmin\class-dashboard.php:8
actionadmin_menuadmin\class-dashboard.php:9
actionadmin_enqueue_scriptsadmin\class-dashboard.php:10
actionadmin_noticesadmin\class-dashboard.php:12
actionadmin_noticesadmin\class-dashboard.php:13
filtergform_tooltipsclass-gfImgChoice.php:42
actiongform_enqueue_scriptsclass-gfImgChoice.php:43
filtergform_field_choice_markup_pre_renderclass-gfImgChoice.php:44
filtergform_field_css_classclass-gfImgChoice.php:45
filtergform_field_settings_tabsclass-gfImgChoice.php:47
actiongform_field_settings_tab_content_img_choice_tabclass-gfImgChoice.php:48
actionadmin_enqueue_scriptsclass-gfImgChoice.php:104
actiongform_loadedgf-img-choices.php:67
Maintenance & Trust

Image Picker For Gravity Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedSep 24, 2025
PHP min version5.6
Downloads12K

Community Trust

Rating100/100
Number of ratings8
Active installs1K
Alternatives

Image Picker For Gravity Forms Alternatives

Image Picker – Image Choices for Elementor Forms

Image Picker – Image Choices for Elementor Forms

image-picker-for-elementor-forms

A
100

Add beautiful image picker / image choices fields (radio, checkbox, select) to Elementor Forms.

100 No CVEs
Post Picker for Gravity Forms

Post Picker for Gravity Forms

post-picker-for-gravity-forms

A
100

Creates dynamic dropdowns populated with posts from any post type in your Gravity Forms

0 No CVEs
Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

imagify

A
100

Optimize images in 1‑click: compress, resize & convert to WebP/AVIF - free up to 20MB/month. Enjoy the easiest WordPress image optimizer to set up.

1.0M No CVEs
Smush – Image Optimization, Compression, Lazy Load, WebP & CDN

Smush – Image Optimization, Compression, Lazy Load, WebP & CDN

wp-smushit

A
93

Compress and optimize images, enable lazy load, serve WebP & AVIF, and speed up your site with a global image CDN.

1.0M 6 CVEs
Autoptimize

Autoptimize

autoptimize

B
77

Autoptimize speeds up your website by optimizing JS, CSS, images (incl. lazy-load), HTML and Google Fonts, asyncing JS, removing emoji cruft and more.

900K 12 CVEs
Developer Profile

Image Picker For Gravity Forms Developer Profile

PluginsCafe

16 plugins · 12K total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
24 days
View full developer profile
Detection Fingerprints

How We Detect Image Picker For Gravity Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/image-choices-for-gravity-forms/admin/assets/css/gfimp_dashboard_style.css/wp-content/plugins/image-choices-for-gravity-forms/admin/assets/js/gfimp_dashboard_script.js
Version Parameters
gfimp_dashboard_style.css?ver=gfimp_dashboard_script.js?ver=

HTML / DOM Fingerprints

CSS Classes
pcafe_imp_dashboardpcafe_container
Data Attributes
data-ajax-urldata-nonce
JS Globals
GF_Image_Picker_Field
FAQ

Frequently Asked Questions about Image Picker For Gravity Forms