WP-Safety

PDF for Gravity Forms + Drag And Drop Template Builder Security & Risk Analysis

wordpress.org/plugins/pdf-for-gravity-forms

The plugin helps you create PDF for Gravity Forms you can builder template pdf

400 active installs v6.5.1 PHP 5.6+ WP 2.0+ Updated Feb 13, 2026
contact-form-pdfform-pdfgravity-forms-pdfpdf-contact-formpdf-gravity-forms
98
A · Safe
CVEs total1
Unpatched0
Last CVEAug 23, 2025
Plugin page Download
Safety Verdict

Is PDF for Gravity Forms + Drag And Drop Template Builder Safe to Use in 2026?

Generally Safe

Score 98/100

PDF for Gravity Forms + Drag And Drop Template Builder has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 23, 2025Updated 1mo ago
Risk Assessment

The "pdf-for-gravity-forms" plugin v6.5.1 presents a moderate security risk. While it demonstrates good practices like a high percentage of properly escaped outputs and prepared SQL statements, several concerns warrant attention. The presence of one unprotected AJAX handler significantly increases the attack surface, as it's a direct entry point that could be exploited without proper authentication. The taint analysis revealed four high-severity flows with unsanitized paths, indicating potential for attackers to manipulate data in ways that could lead to compromise. The historical vulnerability data, particularly the mention of "Deserialization of Untrusted Data" as a common type and a past high-severity CVE, further reinforces the need for vigilance. The plugin also utilizes the `unserialize` function, which is inherently risky when dealing with user-supplied data, especially in conjunction with the identified taint flows and historical issues.

Despite these concerns, the plugin also shows strengths. A substantial majority of SQL queries use prepared statements, and over 90% of output is properly escaped, which are positive indicators of secure coding. The relatively low number of total entry points compared to some plugins is also a good sign. However, the combination of an unprotected AJAX handler, high-severity unsanitized taint flows, and a history of deserialization vulnerabilities suggests that careful review and potential patching are necessary to mitigate the identified risks.

Key Concerns

  • Unprotected AJAX handler
  • High severity unsanitized taint flows
  • Dangerous function: unserialize
  • Historical high severity CVE
  • Bundled library: TCPDF
Vulnerabilities
1

PDF for Gravity Forms + Drag And Drop Template Builder Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

CVE-2025-60080high · 7.5Deserialization of Untrusted Data

PDF for Gravity Forms + Drag And Drop Template Builder <= 6.5.0 - Authenticated (Subscriber+) PHP Object Injection

Aug 23, 2025 Patched in 6.5.1 (161d)
Code Analysis
Analyzed Mar 16, 2026

PDF for Gravity Forms + Drag And Drop Template Builder Code Analysis

Dangerous Functions
3
Raw SQL Queries
9
15 prepared
Unescaped Output
35
438 escaped
Nonce Checks
13
Capability Checks
11
File Operations
19
External Requests
7
Bundled Libraries
2

Dangerous Functions Found

unserialize$key_info = unserialize( trim( $raw_response['body'] ) );gravityforms\gfcommon_style.php:2338
unserialize$terms_copy = unserialize( serialize( $terms ) ); // deep copy the terms to avoid repeating GFCategogravityforms\gfcommon_style.php:4037
unserialize$data = is_string( $string ) ? @unserialize( $string ) : $string;gravityforms\gfcommon_style.php:6115

Bundled Libraries

TinyMCETCPDF

SQL Query Safety

63% prepared24 total queries

Output Escaping

93% escaped473 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

11 flows6 with unsanitized paths
get_hooks_javascript_code (gravityforms\gfcommon_style.php:4774)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

PDF for Gravity Forms + Drag And Drop Template Builder Attack Surface

Entry Points15
Unprotected1

AJAX Handlers 9

authwp_ajax_yeepdf_builder_textbackend\ajax.php:8
authwp_ajax_yeepdf_builder_export_htmlbackend\ajax.php:9
authwp_ajax_pdf_reset_templatebackend\ajax.php:10
authwp_ajax_yeepdf_import_templatebackend\ajax.php:11
authwp_ajax_yeepdf_remove_fontbackend\settings.php:10
authwp_ajax_yeepdf_dropbox_client_id_validatebackend\settings.php:13
authwp_ajax_yeepdf_el_get_entrieselementor\index.php:19
authwp_ajax_pdfbuilder_gf_re_generategravityforms\index.php:24
authwp_ajax_yeekit_dismiss_notyyeekit\document.php:13

Shortcodes 6

[yeepdf_barcode] backend\shortcode.php:5
[yeepdf_barcode_new] backend\shortcode.php:6
[yeepdf_qrcode] backend\shortcode.php:7
[yeepdf_qrcode_new] backend\shortcode.php:8
[pdf_download] backend\shortcode.php:9
[pdf_download_gf] gravityforms\index.php:16
WordPress Hooks 122
actionadmin_initbackend\ajax.php:12
actionadd_meta_boxesbackend\ajax.php:13
actionbuilder_yeepdfsbackend\demo\templates_demo.php:5
actionyeepdf_builder_block_formsbackend\forms\checkbox.php:5
filteryeepdf_builder_block_htmlbackend\forms\checkbox.php:6
actionyeepdf_builder_tab_block_addonsbackend\forms\index.php:5
actionyeepdf_builder_block_formsbackend\forms\index.php:6
filteryeepdf_builder_block_htmlbackend\forms\index.php:7
actionyeepdf_builder_tab__editor_beforebackend\forms\index.php:8
actionyeepdf_builder_block_formsbackend\forms\radio.php:5
filteryeepdf_builder_block_htmlbackend\forms\radio.php:6
actionyeepdf_builder_block_formsbackend\forms\select.php:5
filteryeepdf_builder_block_htmlbackend\forms\select.php:6
actionyeepdf_builder_block_formsbackend\forms\textarea.php:5
filteryeepdf_builder_block_htmlbackend\forms\textarea.php:6
actionadmin_enqueue_scriptsbackend\index.php:8
actionadmin_headbackend\index.php:9
actioninitbackend\index.php:10
actionadd_meta_boxesbackend\index.php:11
filterget_sample_permalink_htmlbackend\index.php:12
actionsave_post_yeepdfbackend\index.php:13
filteradmin_body_classbackend\index.php:14
actionadmin_footerbackend\index.php:15
filterpost_row_actionsbackend\index.php:16
actionyeepdf_builder_tab__editor_beforebackend\index.php:17
actionyeepdf_header_settingsbackend\index.php:18
actionyeepdf_footer_settingsbackend\index.php:19
actionyeepdf_watermark_text_settingsbackend\index.php:20
actionyeepdf_watermark_img_settingsbackend\index.php:21
actionadmin_menubackend\settings.php:9
actionyeepdf_custom_sizesbackend\settings.php:11
actionadmin_initbackend\settings.php:12
actionyeepdf_after_settingsbackend\settings.php:14
filterupload_mimesbackend\settings.php:15
actionadmin_noticesbackend\settings.php:152
actionadmin_initbackend\settings.php:296
actionadmin_footerbackend\setup.php:5
filteryeepdf_builder_shortcodebackend\shortcode.php:24
filteryeepdf_builder_block_htmlbackend\templates\barcode_qrcode.php:6
actionyeepdf_builder_blockbackend\templates\barcode_qrcode.php:7
actionyeepdf_builder_tab_block_addonsbackend\templates\block_templates.php:3
actionyeepdf_builder_blockbackend\templates\breakpoint.php:3
filteryeepdf_builder_block_htmlbackend\templates\breakpoint.php:14
filteryeepdf_builder_block_htmlbackend\templates\button.php:14
actionyeepdf_builder_blockbackend\templates\divider.php:3
filteryeepdf_builder_block_htmlbackend\templates\divider.php:14
actionyeepdf_builder_tab__editorbackend\templates\editor.php:6
actionyeepdf_condition_settingsbackend\templates\editor.php:7
actionyeepdf_builder_tab_block_templatebackend\templates\image-box.php:3
filteryeepdf_builder_block_htmlbackend\templates\image-box.php:14
actionyeepdf_builder_tab_block_templatebackend\templates\image-list.php:3
filteryeepdf_builder_block_htmlbackend\templates\image-list.php:14
actionyeepdf_builder_blockbackend\templates\image.php:3
actionyeepdf_builder_block_htmlbackend\templates\image.php:14
actionyeepdf_builder_block_htmlbackend\templates\index.php:3
actionyeepdf_builder_blockbackend\templates\rotate-text.php:3
filteryeepdf_builder_block_htmlbackend\templates\rotate-text.php:14
actionyeepdf_builder_tab_block_rowbackend\templates\row.php:4
filteryeepdf_builder_block_htmlbackend\templates\row.php:68
actionyeepdf_builder_blockbackend\templates\signature.php:3
actionyeepdf_builder_block_htmlbackend\templates\signature.php:14
actionyeepdf_builder_blockbackend\templates\spacer.php:3
filteryeepdf_builder_block_htmlbackend\templates\spacer.php:14
actionyeepdf_builder_blockbackend\templates\table.php:6
filteryeepdf_builder_block_htmlbackend\templates\table.php:7
actionyeepdf_builder_tab__editor_beforebackend\templates\table.php:8
actionyeepdf_builder_tab_block_templatebackend\templates\text-list.php:3
filteryeepdf_builder_block_htmlbackend\templates\text-list.php:14
actionyeepdf_builder_blockbackend\templates\text.php:3
filteryeepdf_builder_block_htmlbackend\templates\text.php:14
actionyeepdf_builder_tab_block_templatebackend\templates\title.php:3
filteryeepdf_builder_block_htmlbackend\templates\title.php:14
filteryeepdf_shortcodeselementor\index.php:12
actionyeepdf_head_settingselementor\index.php:13
actionsave_post_yeepdfelementor\index.php:14
actionelementor_pro/forms/processelementor\index.php:15
actionelementor_pro/forms/new_recordelementor\index.php:16
actionadmin_enqueue_scriptselementor\index.php:17
filteryeepdf_builder_shortcodeelementor\index.php:20
filteryeepdf_output_htmlelementor\index.php:21
filteryeepdf_setup_idelementor\index.php:23
filteryeepdf_setup_typeelementor\index.php:24
filteryeepdf_setup_formselementor\index.php:25
filterwp_mailelementor\index.php:396
actionelementor_pro/forms/new_recordelementor\index.php:397
filterwp_mail_content_typefrontend\index.php:22
filterupload_mimesfrontend\index.php:23
actioninitfrontend\index.php:24
filterpdf_before_render_datasfrontend\index.php:25
filtertemplate_includefrontend\index.php:74
filterwp_mail_content_typegravityforms\gfcommon_style.php:1899
filterwp_mail_charsetgravityforms\gfcommon_style.php:1900
filtergravityview_field_entry_linkgravityforms\gravityview.php:5
filtergravityview_entry_default_fieldsgravityforms\gravityview.php:6
filteryeepdf_shortcodesgravityforms\index.php:8
actionyeepdf_head_settingsgravityforms\index.php:9
actionsave_post_yeepdfgravityforms\index.php:10
filtergform_form_settings_menugravityforms\index.php:11
actiongform_form_settings_page_pdf_creator_form_settingsgravityforms\index.php:12
filtergform_entry_detail_meta_boxesgravityforms\index.php:13
filtergform_replace_merge_tagsgravityforms\index.php:15
actioncustom_download_entrygravityforms\index.php:17
actiongform_entries_first_column_actionsgravityforms\index.php:18
actiongform_after_submissiongravityforms\index.php:19
filtergform_notificationgravityforms\index.php:20
filtergform_noconflict_scriptsgravityforms\index.php:21
filtergform_noconflict_stylesgravityforms\index.php:22
actionadmin_enqueue_scriptsgravityforms\index.php:23
filteryeepdf_add_libsgravityforms\index.php:25
actiongform_after_emailgravityforms\index.php:26
actionyeepdf_gf_settingsgravityforms\index.php:27
filteryeepdf_setup_idgravityforms\index.php:28
filteryeepdf_setup_typegravityforms\index.php:29
filteryeepdf_setup_formsgravityforms\index.php:30
actionadmin_menuyeekit\document.php:10
actionadmin_enqueue_scriptsyeekit\document.php:11
filterfluentform_global_addonsyeekit\document.php:12
actionadmin_noticesyeekit\document.php:14
actionelementor/element/form/section_form_options/after_section_endyeekit\document.php:15
actionadmin_inityeekit\document.php:17
actionelementor/editor/after_enqueue_stylesyeekit\document.php:19
filterhttp_responseyeekit\document.php:208
Maintenance & Trust

PDF for Gravity Forms + Drag And Drop Template Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 13, 2026
PHP min version5.6
Downloads9K

Community Trust

Rating100/100
Number of ratings2
Active installs400
Alternatives

PDF for Gravity Forms + Drag And Drop Template Builder Alternatives

PDF for WPForms + Drag and Drop Template Builder

PDF for WPForms + Drag and Drop Template Builder

pdf-for-wpforms

A
92

The plugin helps you create PDF for WPForms you can builder PDF template

1K 6 CVEs
PDF for Contact Form 7 + Drag and Drop Template Builder

PDF for Contact Form 7 + Drag and Drop Template Builder

pdf-for-contact-form-7

A
96

The plugin helps you create PDF for contact form 7 you can builder template pdf

500 2 CVEs
PDF for Forminator Forms + Drag and Drop Template Builder

PDF for Forminator Forms + Drag and Drop Template Builder

pdf-for-forminator-forms

A
100

Forminator PDF allows you to automatically generate PDF documents from your Forminator form submissions.

70 No CVEs
PDF for Ninja Forms + Drag and Drop Template Builder

PDF for Ninja Forms + Drag and Drop Template Builder

pdf-for-ninja-forms

A
100

The plugin helps you create PDF for Ninja Form you can builder template pdf

20 No CVEs
PDF for eForm + Drag And Drop Template Builder

PDF for eForm + Drag And Drop Template Builder

eforms-pdf

A
100

The plugin helps you create PDF for eForm you can builder template pdf

10 No CVEs
Developer Profile

PDF for Gravity Forms + Drag And Drop Template Builder Developer Profile

add-ons.org

55 plugins · 26K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
47 days
View full developer profile
Detection Fingerprints

How We Detect PDF for Gravity Forms + Drag And Drop Template Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pdf-for-gravity-forms/frontend/css/bootstrap.min.css/wp-content/plugins/pdf-for-gravity-forms/frontend/css/font-awesome.min.css/wp-content/plugins/pdf-for-gravity-forms/frontend/css/responsive.css/wp-content/plugins/pdf-for-gravity-forms/frontend/css/style.css/wp-content/plugins/pdf-for-gravity-forms/frontend/js/bootstrap.min.js/wp-content/plugins/pdf-for-gravity-forms/frontend/js/custom.js/wp-content/plugins/pdf-for-gravity-forms/frontend/js/pdf_generator.js/wp-content/plugins/pdf-for-gravity-forms/vendor/yeepdf/pdf-generator/lib/pdf_generator.php
Script Paths
/wp-content/plugins/pdf-for-gravity-forms/frontend/js/bootstrap.min.js/wp-content/plugins/pdf-for-gravity-forms/frontend/js/custom.js/wp-content/plugins/pdf-for-gravity-forms/frontend/js/pdf_generator.js
Version Parameters
pdf-for-gravity-forms/style.css?ver=pdf-for-gravity-forms/frontend/css/bootstrap.min.css?ver=pdf-for-gravity-forms/frontend/css/font-awesome.min.css?ver=pdf-for-gravity-forms/frontend/css/responsive.css?ver=pdf-for-gravity-forms/frontend/css/style.css?ver=pdf-for-gravity-forms/frontend/js/bootstrap.min.js?ver=pdf-for-gravity-forms/frontend/js/custom.js?ver=pdf-for-gravity-forms/frontend/js/pdf_generator.js?ver=

HTML / DOM Fingerprints

CSS Classes
yeepdf_settings_backend_mainpro_disableyeepdf_builder_tab__editoryeepdf_custom_sizesyeepdf_template_listyeepdf_header_settingsyeepdf_footer_settingsyeepdf_watermark_text_settings+2 more
HTML Comments
<!-- Exit if accessed directly --><!-- Exit if accessed directly -->
Data Attributes
yeepdf_builder_tab__editoryeepdf_custom_sizesyeepdf_template_listyeepdf_header_settingsyeepdf_footer_settingsyeepdf_watermark_text_settings+2 more
JS Globals
yeepdf_settings_backend_mainYeepdf_Settings_Builder_PDF_BackendYeepdf_Creator_Gravity_Forms_BuilderYeepdf_Creator_Builder
FAQ

Frequently Asked Questions about PDF for Gravity Forms + Drag And Drop Template Builder