WP-Safety

Ninja Forms – Modal Security & Risk Analysis

wordpress.org/plugins/ninja-forms-modal

Ninja Forms Modal makes it super easy to open any Ninja Form in a pop up modal from a text or image link.

200 active installs v1.0.2 PHP + WP 3.5+ Updated Feb 13, 2015
contactformformsmodalpop-up
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Ninja Forms – Modal Safe to Use in 2026?

Generally Safe

Score 85/100

Ninja Forms – Modal has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The ninja-forms-modal v1.0.2 plugin demonstrates a generally good security posture with several positive indicators. The absence of dangerous functions, SQL queries without prepared statements, external HTTP requests, and file operations is commendable. The high percentage of properly escaped outputs also suggests an awareness of preventing cross-site scripting (XSS) vulnerabilities. The lack of any recorded vulnerabilities in its history is a strong positive signal, implying a history of secure development and maintenance.

However, there are some areas that warrant caution. The most significant concern is the complete absence of nonce checks and capability checks. While the current attack surface appears small and without immediate unprotected entry points, the lack of these fundamental WordPress security mechanisms means that any future addition of functionality, particularly AJAX handlers or REST API routes, could introduce significant vulnerabilities if not properly secured. This oversight, combined with the presence of a shortcode which is an entry point, represents a potential future risk if the plugin evolves without addressing these core security features.

In conclusion, ninja-forms-modal v1.0.2 is currently in a relatively secure state due to its clean code and vulnerability-free history. The developers appear to follow good practices regarding SQL and output escaping. The primary weakness lies in the omission of essential WordPress security checks like nonces and capability checks. This makes the plugin's long-term security dependent on future development adhering to best practices.

Key Concerns

  • Missing nonce checks
  • Missing capability checks
  • High percentage of unescaped outputs (14%)
Vulnerabilities
None known

Ninja Forms – Modal Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Ninja Forms – Modal Release Timeline

v1.0.2Current
v1.0.1
Code Analysis
Analyzed Mar 16, 2026

Ninja Forms – Modal Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
6 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

86% escaped7 total outputs
Attack Surface

Ninja Forms – Modal Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[ninja_forms_modal_form] includes\shortcodes.php:38
WordPress Hooks 3
actionninja_forms_display_jsincludes\shortcodes.php:29
actionwp_footerincludes\shortcodes.php:30
actionplugins_loadedninja-forms-modal.php:48
Maintenance & Trust

Ninja Forms – Modal Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41
Last updatedFeb 13, 2015
PHP min version
Downloads28K

Community Trust

Rating60/100
Number of ratings4
Active installs200
Alternatives

Ninja Forms – Modal Alternatives

Popup addon for Ninja Forms

Popup addon for Ninja Forms

popup-addon-for-ninja-forms

A
98

Popup/Modal addon for Ninja Forms. Create beautiful popups using Ninja Forms for newsletters, login, registration forms.

1K 2 CVEs
WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More

WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More

wpforms-lite

A
88

The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.

6.0M 16 CVEs
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder

Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder

fluentform

B
82

Get a fast contact form plugin. Create advanced forms using drag and drop form builder with all smart features.

700K 33 CVEs
Forminator Forms – Contact Form, Payment Form & Custom Form Builder

Forminator Forms – Contact Form, Payment Form & Custom Form Builder

forminator

B
76

Best WordPress form builder plugin. Create contact forms, payment forms & order forms with 1000+ integrations.

600K 41 CVEs
Ninja Forms – The Contact Form Builder That Grows With You

Ninja Forms – The Contact Form Builder That Grows With You

ninja-forms

B
76

The 100% beginner friendly WordPress form builder. Drag & drop form fields to build beautiful, professional contact forms in minutes.

600K 75 CVEs
Developer Profile

Ninja Forms – Modal Developer Profile

James Laws

3 plugins · 560 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Ninja Forms – Modal

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ninja-forms-modal/css/ninja-forms-modal-display.css/wp-content/plugins/ninja-forms-modal/js/jquery.modal.min.js/wp-content/plugins/ninja-forms-modal/js/jquery.modal.options.js
Script Paths
/wp-content/plugins/ninja-forms-modal/js/jquery.modal.min.js/wp-content/plugins/ninja-forms-modal/js/jquery.modal.options.js
Version Parameters
ninja-forms-modal/js/jquery.modal.min.js?ver=ninja-forms-modal/js/jquery.modal.options.js?ver=ninja-forms-modal/css/ninja-forms-modal-display.css?ver=

HTML / DOM Fingerprints

CSS Classes
nf-modal-linknf-modalnf-modal-content
Data Attributes
rel="nf-modal:open"
JS Globals
ninja_forms_modal
Shortcode Output
<a href="#ninja-forms-modal-rel="nf-modal:open" class="nf-modal-link"><div id="ninja-forms-modal-class="nf-modal" style="display: none;">
FAQ

Frequently Asked Questions about Ninja Forms – Modal