WP-Safety

PDF Builder for Ninja Forms Security & Risk Analysis

wordpress.org/plugins/pdf-builder-for-ninja-forms

The first and only PDF drag and drop builder for Gravity Forms.

10 active installs v1.2.142 PHP + WP 3.3+ Updated Mar 22, 2026
formsninjaninja-formspdfpdf-builder
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is PDF Builder for Ninja Forms Safe to Use in 2026?

Generally Safe

Score 100/100

PDF Builder for Ninja Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "pdf-builder-for-ninja-forms" plugin exhibits a mixed security posture. While it demonstrates good practices in utilizing prepared statements for SQL queries and includes some capability checks, significant concerns arise from its attack surface and data sanitization. The presence of four unprotected AJAX handlers represents a substantial entry point for potential attacks. Furthermore, the taint analysis reveals four high-severity flows with unsanitized paths, indicating a risk of data being processed insecurely. The use of the `unserialize` function is also a red flag, as it can be a vector for object injection vulnerabilities if not handled with extreme care, especially when dealing with user-supplied data. The plugin's history of zero known CVEs is positive, suggesting a relatively stable past. However, this must be weighed against the immediate risks identified in the static analysis.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Dangerous function: unserialize
  • Low output escaping percentage
  • Bundled outdated library: TCPDF v1.0.004
Vulnerabilities
None known

PDF Builder for Ninja Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

PDF Builder for Ninja Forms Release Timeline

No version history available.
Code Analysis
Analyzed Mar 16, 2026

PDF Builder for Ninja Forms Code Analysis

Dangerous Functions
1
Raw SQL Queries
4
70 prepared
Unescaped Output
34
36 escaped
Nonce Checks
1
Capability Checks
5
File Operations
43
External Requests
1
Bundled Libraries
3

Dangerous Functions Found

unserialize$options=unserialize($options);Integration\Adapters\NinjaForms\FormProcessor\NinjaFormsFormProcessor.php:192

Bundled Libraries

dompdfSelect2TCPDF1.0.004

SQL Query Safety

95% prepared74 total queries

Output Escaping

51% escaped70 total outputs
Data Flows · Security
6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths
ValidateGoogleAuthToken1 (ajax\DesignerAjax.php:60)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

PDF Builder for Ninja Forms Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_rednao_validate_google_auth_token1ajax\DesignerAjax.php:39
authwp_ajax_rednao_validate_google_auth_token2ajax\DesignerAjax.php:40
authwp_ajax_rednao_validate_google_auth_token3ajax\DesignerAjax.php:41
authwp_ajax_pdf_builder_dont_show_again_noticeajax\TemplateListAjax.php:35
WordPress Hooks 11
actioninitajax\AjaxBase.php:33
filterupgrader_process_completecore\Loader.php:49
filterpdfbuilder_get_loadercore\Loader.php:51
actionadmin_enqueue_scriptscore\Loader.php:165
actionadmin_enqueue_scriptscore\PluginBase.php:121
actionadmin_menucore\PluginBase.php:122
actionadmin_initcore\PluginBase.php:123
actionadmin_print_stylescore\PluginBase.php:177
actionadmin_print_scriptscore\PluginBase.php:178
filterwp_die_ajax_handlerhtmlgenerator\generators\PDFGenerator.php:116
actionninja_forms_action_email_messageIntegration\Adapters\NinjaForms\Entry\NinjaFormsEntryProcessor.php:41
Maintenance & Trust

PDF Builder for Ninja Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 22, 2026
PHP min version
Downloads10K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

PDF Builder for Ninja Forms Alternatives

WP Contact Slider – Contact Form Slider Widget

WP Contact Slider – Contact Form Slider Widget

wp-contact-slider

A
99

Helps you to show slide out contact form to display CF7, Gravity forms, Ninja Forms, WP Forms, display random text/HTML and support some other forms.

10K 2 CVEs
Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms

Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms

cf7-mailchimp

A
98

Send Contact Form 7, WPforms, Elementor, Ninja Forms, CRM Perks Forms and many other contact form submissions to Mailchimp.

9K 2 CVEs
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms

Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms

cf7-hubspot

A
95

Send Contact Form 7, WPForms, Elementor, Ninja Forms, WPforms, Elementor, Ninja Forms, Contact Form Entries Plugin and many other contact form submiss …

5K 5 CVEs
TelSender – Сontact form 7, Events, Wpforms, ninja forms and woocommerce to telegram bot

TelSender – Сontact form 7, Events, Wpforms, ninja forms and woocommerce to telegram bot

telsender

A
96

TelSender - a plugin that works with contact form 7 and the woocommerce store in wordpress. It sends applications from forms to a chat telegram.

5K 2 CVEs
WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin

WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin

cf7-zoho

A
90

Send Contact Form 7, WPforms, Elementor, Formidable, Ninja Forms and many other contact form submissions to zoho CRM and Bigin.

3K 5 CVEs
Developer Profile

PDF Builder for Ninja Forms Developer Profile

EDGARROJAS

19 plugins · 12K total installs

75
trust score
Avg Security Score
94/100
Avg Patch Time
278 days
View full developer profile
Detection Fingerprints

How We Detect PDF Builder for Ninja Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pdf-builder-for-ninja-forms/css/pdfbuilder_designer.css/wp-content/plugins/pdf-builder-for-ninja-forms/css/pdfbuilder_frontend.css/wp-content/plugins/pdf-builder-for-ninja-forms/js/pdfbuilder_designer.js/wp-content/plugins/pdf-builder-for-ninja-forms/js/pdfbuilder_frontend.js/wp-content/plugins/pdf-builder-for-ninja-forms/js/dist/DeactivationDialog_bundle.js
Script Paths
/wp-content/plugins/pdf-builder-for-ninja-forms/js/pdfbuilder_designer.js/wp-content/plugins/pdf-builder-for-ninja-forms/js/pdfbuilder_frontend.js
Version Parameters
pdf-builder-for-ninja-forms/css/pdfbuilder_designer.css?ver=pdf-builder-for-ninja-forms/css/pdfbuilder_frontend.css?ver=pdf-builder-for-ninja-forms/js/pdfbuilder_designer.js?ver=pdf-builder-for-ninja-forms/js/pdfbuilder_frontend.js?ver=pdf-builder-for-ninja-forms/js/dist/DeactivationDialog_bundle.js?ver=

HTML / DOM Fingerprints

CSS Classes
pdfbuilder-designer-container
HTML Comments
<!-- Looks like you already have a version of the plugin installed (perhaps the free version)? please deactivate/delete it before activating this version -->
Data Attributes
data-pdfbuilder-iddata-pdfbuilder-type
JS Globals
pdfbuilderDesignerrednaoformpdfbuilder
FAQ

Frequently Asked Questions about PDF Builder for Ninja Forms