WP-Safety

گرویتی فرم فارسی Security & Risk Analysis

wordpress.org/plugins/persian-gravity-forms

بسته کامل فارسی ساز گرویتی فرم

30K active installs v3.0.1 PHP 7.4+ WP 6.5+ Updated Dec 9, 2025
gravityforms%da%af%d8%b1%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85%da%af%d8%b1%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85%d8%b2%da%af%d8%b1%d8%a7%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85%da%af%d8%b1%d8%a7%d9%88%db%8c%d8%aa%db%8c-%d9%81%d8%b1%d9%85%d8%b2
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is گرویتی فرم فارسی Safe to Use in 2026?

Generally Safe

Score 100/100

گرویتی فرم فارسی has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The 'persian-gravity-forms' v3.0.1 plugin exhibits a generally strong security posture, with no known vulnerabilities or critical taint flows identified in this analysis. The presence of nonces on all AJAX handlers and the high percentage of prepared statements for SQL queries are positive indicators of secure coding practices. Furthermore, the extensive output escaping suggests an effort to mitigate cross-site scripting (XSS) risks. The lack of external HTTP requests and the absence of bundled libraries also reduce potential attack vectors.

However, there are areas for improvement. The taint analysis revealed three flows with unsanitized paths, and one of these was categorized as high severity. While not classified as a critical vulnerability, this warrants attention as unsanitized paths can lead to various injection-type attacks if they are exposed to user input. The limited number of capability checks (3) and nonce checks (9) across the identified entry points, particularly with 5 AJAX handlers, could suggest potential gaps if input validation isn't thoroughly implemented within those handlers themselves, even if the handlers are technically protected by authentication.

The complete absence of recorded vulnerabilities, both historical and current, is a significant strength. This suggests a stable and well-maintained codebase. In conclusion, while the plugin has commendable security features and a clean vulnerability history, the presence of high-severity taint flows with unsanitized paths indicates a specific area of concern that should be addressed to further harden the plugin's security.

Key Concerns

  • High severity taint flow with unsanitized path
  • 3 flows with unsanitized paths
  • Relatively low number of capability checks
Vulnerabilities
None known

گرویتی فرم فارسی Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

گرویتی فرم فارسی Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
19 prepared
Unescaped Output
38
220 escaped
Nonce Checks
9
Capability Checks
3
File Operations
1
External Requests
0
Bundled Libraries
0

SQL Query Safety

68% prepared28 total queries

Output Escaping

85% escaped258 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

6 flows3 with unsanitized paths
dismiss_notice (includes\class-notice.php:140)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

گرویتی فرم فارسی Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 5

authwp_ajax_persian_gf_dismiss_noticeincludes\class-notice.php:14
noprivwp_ajax_sms_merge_tage_var_ajaxincludes\sms\class-entry.php:28
authwp_ajax_sms_merge_tage_var_ajaxincludes\sms\class-entry.php:29
authwp_ajax_rg_update_sms_notification_activeincludes\sms\class-sms.php:43
authwp_ajax_gf_resend_notificationsincludes\sms\class-sms.php:46
WordPress Hooks 130
actiongform_editor_jsincludes\class-address.php:13
actiongform_field_standard_settingsincludes\class-address.php:14
filtergform_address_typesincludes\class-address.php:15
filtergform_predefined_choicesincludes\class-address.php:16
filtergform_field_contentincludes\class-address.php:17
actiongform_register_init_scriptsincludes\class-address.php:18
actiongform_enqueue_scriptsincludes\class-address.php:19
filtergform_print_stylesincludes\class-admin.php:10
actionadmin_enqueue_scriptsincludes\class-admin.php:11
filtergform_noconflict_stylesincludes\class-admin.php:12
actionwp_dashboard_setupincludes\class-admin.php:13
actionadmin_footerincludes\class-admin.php:14
actionadmin_headincludes\class-admin.php:15
filtergform_currenciesincludes\class-currencies.php:13
filterload_textdomain_mofileincludes\class-init.php:12
actiongform_loadedincludes\class-init.php:13
filtergform_tooltipsincludes\class-init.php:14
filtergform_add_field_buttonsincludes\class-init.php:15
actiongform_enqueue_scriptsincludes\class-init.php:16
filtergform_tooltipsincludes\class-jalali-date.php:13
actiongform_editor_jsincludes\class-jalali-date.php:14
actiongform_field_standard_settingsincludes\class-jalali-date.php:15
actiongform_field_standard_settingsincludes\class-jalali-date.php:16
actiongform_enqueue_scriptsincludes\class-jalali-date.php:17
filtergform_field_validationincludes\class-jalali-date.php:19
filtergform_predefined_choicesincludes\class-jalali-date.php:20
filtergform_date_min_yearincludes\class-jalali-date.php:22
filtergform_date_max_yearincludes\class-jalali-date.php:23
actioninitincludes\class-live-preview.php:30
actionwpincludes\class-live-preview.php:31
actionadmin_footerincludes\class-live-preview.php:32
filtergform_form_actionsincludes\class-live-preview.php:33
filtertemplate_includeincludes\class-live-preview.php:82
filterthe_contentincludes\class-live-preview.php:83
filtergform_admin_pre_renderincludes\class-merge-tag.php:23
filtergform_pre_replace_merge_tagsincludes\class-merge-tag.php:24
filtergform_replace_merge_tagsincludes\class-merge-tag.php:25
filtergform_pre_renderincludes\class-merge-tag.php:30
filtergform_pre_validationincludes\class-merge-tag.php:31
filterthe_contentincludes\class-merge-tag.php:44
filtergform_confirmationincludes\class-merge-tag.php:46
filtergform_pre_renderincludes\class-merge-tag.php:51
filtergform_merge_tag_filterincludes\class-merge-tag.php:778
filtergform_pre_renderincludes\class-multi-page-navi.php:13
filtergform_add_field_buttonsincludes\class-national-id.php:16
filtergform_field_type_titleincludes\class-national-id.php:17
filtergform_editor_js_set_default_valuesincludes\class-national-id.php:18
actiongform_editor_jsincludes\class-national-id.php:19
actiongform_field_standard_settingsincludes\class-national-id.php:20
filtergform_tooltipsincludes\class-national-id.php:21
filtergform_admin_pre_renderincludes\class-national-id.php:22
actiongform_field_inputincludes\class-national-id.php:26
actiongform_field_css_classincludes\class-national-id.php:27
actiongform_pre_submissionincludes\class-national-id.php:28
filtergform_field_validationincludes\class-national-id.php:29
actiongform_register_init_scriptsincludes\class-national-id.php:30
actionadmin_noticesincludes\class-notice.php:13
filtergform_is_duplicateincludes\class-payments.php:11
filtergform_payment_statusincludes\class-payments.php:13
actiongform_entries_first_columnincludes\class-payments.php:14
filteradmin_print_footer_scriptsincludes\class-payments.php:15
filtergform_entry_metaincludes\class-payments.php:17
filtergform_is_value_matchincludes\class-payments.php:18
actiongf_gateway_jsincludes\class-payments.php:19
filtergform_is_value_matchincludes\class-payments.php:305
filtergform_enable_field_label_visibility_settingsincludes\class-snippets.php:10
actiongform_post_status_optionsincludes\class-snippets.php:14
filtergform_notification_eventsincludes\class-snippets.php:18
filtergform_before_resend_notificationsincludes\class-snippets.php:19
filtergform_notification_eventsincludes\class-snippets.php:23
actiongform_post_payment_actionincludes\class-snippets.php:24
filtergform_notificationincludes\class-snippets.php:107
filtergform_pre_send_emailincludes\class-snippets.php:116
filtergettextincludes\class-transaction-id.php:17
filterngettextincludes\class-transaction-id.php:18
actiongform_entry_createdincludes\class-transaction-id.php:19
actiongform_entry_infoincludes\sms\class-entry.php:25
actiongform_after_update_entryincludes\sms\class-entry.php:26
filtergform_entry_detail_meta_boxesincludes\sms\class-entry.php:27
filtergform_confirmationincludes\sms\class-sender.php:19
actiongform_paypal_fulfillmentincludes\sms\class-sender.php:21
filtergform_replace_merge_tagsincludes\sms\class-sender.php:22
actiongform_post_payment_actionincludes\sms\class-sender.php:25
actiongform_post_payment_statusincludes\sms\class-sender.php:26
filtergform_addon_navigationincludes\sms\class-sms.php:35
actionadmin_menuincludes\sms\class-sms.php:36
actionadmin_footerincludes\sms\class-sms.php:37
actionadmin_enqueue_scriptsincludes\sms\class-sms.php:38
actiongform_form_settings_page_sms_notificationincludes\sms\class-sms.php:41
filtergform_form_settings_menuincludes\sms\class-sms.php:42
filtergform_form_post_get_metaincludes\sms\class-sms.php:44
filtergform_add_field_buttonsincludes\sms\class-verification-field.php:10
filtergform_field_type_titleincludes\sms\class-verification-field.php:11
actiongform_editor_js_set_default_valuesincludes\sms\class-verification-field.php:12
actiongform_editor_jsincludes\sms\class-verification-field.php:13
actiongform_field_standard_settingsincludes\sms\class-verification-field.php:14
filtergform_tooltipsincludes\sms\class-verification-field.php:15
filtergform_field_validationincludes\sms\class-verification-field.php:18
filtergform_entry_post_saveincludes\sms\class-verification-field.php:19
actiongform_field_inputincludes\sms\class-verification-field.php:20
actiongform_field_css_classincludes\sms\class-verification-field.php:21
filtergform_field_contentincludes\sms\class-verification-field.php:22
filtergform_merge_tag_filterincludes\sms\class-verification-field.php:23
filtergform_submit_buttonincludes\sms\class-verification-field.php:128
filtergform_next_buttonincludes\sms\class-verification-field.php:130
filtersms_verify_resendincludes\sms\class-verification-field.php:251
filtergform_validation_messageincludes\sms\class-verification-field.php:302
filtersms_verify_display_noneincludes\sms\class-verification-field.php:303
filtersms_verify_fieldincludes\sms\class-verification-field.php:307
filtersms_verify_self_validationincludes\sms\class-verification-field.php:313
filtergform_button_verifyincludes\sms\class-verification-field.php:316
filtergform_add_field_buttonsincludes\sms\class-wp-sms-integrate-field.php:12
filtergform_admin_pre_renderincludes\sms\class-wp-sms-integrate-field.php:15
filtergform_field_type_titleincludes\sms\class-wp-sms-integrate-field.php:21
actiongform_editor_js_set_default_valuesincludes\sms\class-wp-sms-integrate-field.php:22
actiongform_editor_jsincludes\sms\class-wp-sms-integrate-field.php:23
actiongform_field_standard_settingsincludes\sms\class-wp-sms-integrate-field.php:24
filtergform_field_contentincludes\sms\class-wp-sms-integrate-field.php:25
filtergform_entries_field_valueincludes\sms\class-wp-sms-integrate-field.php:26
filtergform_tooltipsincludes\sms\class-wp-sms-integrate-field.php:27
filtergform_field_validationincludes\sms\class-wp-sms-integrate-field.php:30
filtergform_entry_post_saveincludes\sms\class-wp-sms-integrate-field.php:31
filtergform_merge_tag_filterincludes\sms\class-wp-sms-integrate-field.php:32
actiongform_field_inputincludes\sms\class-wp-sms-integrate-field.php:33
actiongform_field_css_classincludes\sms\class-wp-sms-integrate-field.php:34
filterwp_sms_display_noneincludes\sms\class-wp-sms-integrate-field.php:755
actionadmin_noticesincludes\sms\gateways\class-MeliPayamak.php:82
actionadmin_noticesindex.php:45
actionadmin_initutils\class-install.php:23
actionadmin_initutils\class-version.php:35
Maintenance & Trust

گرویتی فرم فارسی Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedDec 9, 2025
PHP min version7.4
Downloads393K

Community Trust

Rating90/100
Number of ratings39
Active installs30K
Alternatives

گرویتی فرم فارسی Alternatives

Vandar.io Gravityform

Vandar.io Gravityform

vandar-gravityform

A
85

پرداخت اینترنتی وجه به وسیله درگاه پرداخت واسط وندار

10 No CVEs
GravityExport Lite for Gravity Forms

GravityExport Lite for Gravity Forms

gf-entries-in-excel

A
100

Export all Gravity Forms entries to Excel (.xlsx) or CSV via a download button or a secret shareable URL.

10K No CVEs
Multiple Columns for Gravity Forms

Multiple Columns for Gravity Forms

gf-form-multicolumn

A
85

Introduces new form elements into Gravity Forms which allow for simple column creation.

10K No CVEs
Surbma | Divi & Gravity Forms

Surbma | Divi & Gravity Forms

surbma-divi-gravity-forms

A
85

Responsive Divi form styles for Gravity Forms.

9K No CVEs
Smart phone field for Gravity Forms

Smart phone field for Gravity Forms

smart-phone-field-for-gravity-forms

A
100

A simple and nice plugin to get auto country flag from user ip address on gravity form phone field.

5K No CVEs
Developer Profile

گرویتی فرم فارسی Developer Profile

Hannan

2 plugins · 30K total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect گرویتی فرم فارسی

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/persian-gravity-forms/assets/css/admin.css/wp-content/plugins/persian-gravity-forms/assets/css/gf-persian.css/wp-content/plugins/persian-gravity-forms/assets/js/admin.js/wp-content/plugins/persian-gravity-forms/assets/js/gf-persian.js/wp-content/plugins/persian-gravity-forms/assets/js/datepicker.js
Script Paths
/wp-content/plugins/persian-gravity-forms/assets/js/admin.js/wp-content/plugins/persian-gravity-forms/assets/js/gf-persian.js/wp-content/plugins/persian-gravity-forms/assets/js/datepicker.js
Version Parameters
persian-gravity-forms/assets/css/admin.css?ver=persian-gravity-forms/assets/css/gf-persian.css?ver=persian-gravity-forms/assets/js/admin.js?ver=persian-gravity-forms/assets/js/gf-persian.js?ver=persian-gravity-forms/assets/js/datepicker.js?ver=

HTML / DOM Fingerprints

CSS Classes
gf_persian_date_pickergfield_iran_citiesgf_persian_address_field
Data Attributes
data-gpersian-datepickerdata-iran-cities
JS Globals
GF_PERSIAN_VERSIONgf_persian_datepicker_lang
FAQ

Frequently Asked Questions about گرویتی فرم فارسی