WP-Safety

Rigel Forms – Custom Form Builder & Contact Forms Security & Risk Analysis

wordpress.org/plugins/rigel-forms

A lightweight, developer-first form builder featuring a premium template library, submission tracking, and advanced visual customization.

0 active installs v1.0.0 PHP 7.4+ WP 6.0+ Updated Apr 12, 2026
contact-formemailform-builderrecaptchatemplates
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Rigel Forms – Custom Form Builder & Contact Forms Safe to Use in 2026?

Generally Safe

Score 100/100

Rigel Forms – Custom Form Builder & Contact Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "rigel-forms" v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, all SQL queries using prepared statements, and a high percentage of properly escaped output are significant strengths. The plugin also demonstrates good practices by including nonce and capability checks for its entry points, and it does not bundle any external libraries which can often be a source of vulnerabilities. The vulnerability history is also clean, indicating a potentially well-maintained and secure codebase.

However, there are a few areas that warrant attention. The taint analysis reveals two flows with unsanitized paths, which, while not flagged as critical or high severity in this analysis, could potentially lead to issues if these paths are exposed to user input. Additionally, the plugin makes two external HTTP requests; the security of these requests depends heavily on the implementation and whether they are subject to validation or sanitization before use, which is not detailed in this report. The small number of entry points and their apparent protection is positive, but the presence of unsanitized paths remains a concern.

In conclusion, "rigel-forms" v1.0.0 is likely a secure plugin with good development practices. The lack of known vulnerabilities and strong adherence to security principles in SQL handling and output escaping are commendable. The primary areas for potential improvement or further investigation lie in understanding the nature and impact of the two unsanitized paths identified in the taint analysis and ensuring the security of its external HTTP requests. Despite these minor concerns, the overall security seems robust.

Key Concerns

  • Flows with unsanitized paths found
Vulnerabilities
None known

Rigel Forms – Custom Form Builder & Contact Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Rigel Forms – Custom Form Builder & Contact Forms Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Rigel Forms – Custom Form Builder & Contact Forms Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
12
259 escaped
Nonce Checks
3
Capability Checks
1
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

96% escaped271 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
rigel_render_form_iframe_embed (includes/class-form-shortcode.php:263)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Rigel Forms – Custom Form Builder & Contact Forms Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_rigel_process_formincludes/class-form-mailer.php:6
noprivwp_ajax_rigel_process_formincludes/class-form-mailer.php:7

Shortcodes 1

[rigel_forms] includes/class-form-shortcode.php:5
WordPress Hooks 21
filtersafe_style_cssincludes/class-form-cpt.php:8
actioninitincludes/class-form-cpt.php:19
filtermanage_rigel_form_posts_columnsincludes/class-form-cpt.php:50
actionmanage_rigel_form_posts_custom_columnincludes/class-form-cpt.php:64
actionadd_meta_boxesincludes/class-form-cpt.php:104
actionsave_postincludes/class-form-cpt.php:312
actioninitincludes/class-form-cpt.php:365
filtermanage_rigel_enquiry_posts_columnsincludes/class-form-cpt.php:390
actionmanage_rigel_enquiry_posts_custom_columnincludes/class-form-cpt.php:401
filterpost_row_actionsincludes/class-form-cpt.php:428
actionadmin_menuincludes/class-form-cpt.php:448
actionedit_form_after_titleincludes/class-form-cpt.php:454
filterpost_updated_messagesincludes/class-form-cpt.php:490
filterbulk_post_updated_messagesincludes/class-form-cpt.php:518
actionadmin_footerincludes/class-form-cpt.php:539
filterwp_mail_content_typeincludes/class-form-mailer.php:184
actioninitincludes/class-form-shortcode.php:207
actiontemplate_redirectincludes/class-form-shortcode.php:261
actionadmin_menurigel-forms.php:20
actionadmin_enqueue_scriptsrigel-forms.php:66
actionwp_enqueue_scriptsrigel-forms.php:83
Maintenance & Trust

Rigel Forms – Custom Form Builder & Contact Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 12, 2026
PHP min version7.4
Downloads86

Community Trust

Rating100/100
Number of ratings2
Active installs0
Alternatives

Rigel Forms – Custom Form Builder & Contact Forms Alternatives

SMTP Form Master

SMTP Form Master

smtp-form-master

A
100

Contact forms with SMTP, email templates, and reCAPTCHA v3 spam protection.

0 No CVEs
WPZOOM Forms – Drag & Drop Contact Form Builder for WordPress

WPZOOM Forms – Drag & Drop Contact Form Builder for WordPress

wpzoom-forms

A
100

Drag & drop contact form builder for WordPress. Create contact forms, custom forms, email forms with spam protection. Works with Elementor, shortcodes

10K No CVEs
reCaptcha Add-On for FormCraft

reCaptcha Add-On for FormCraft

formcraft-recaptcha

A
85

Add reCaptcha to your FormCraft forms.

7K No CVEs
Contact Form Widget

Contact Form Widget

new-contact-form-widget

C
67

Create contact forms with query table management. Simple setup, secure submissions, and easy customization for your site.

1K 1 unpatched
Quick Contact Form

Quick Contact Form

quick-contact-form

A
92

An easy to set up, plug and play contact form with a huge range of options and styles. A beginner friendly WordPress contact form plugin.

1K 7 CVEs
Developer Profile

Rigel Forms – Custom Form Builder & Contact Forms Developer Profile

Walstar Technologies

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Rigel Forms – Custom Form Builder & Contact Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rigel-forms/assets/css/admin.css/wp-content/plugins/rigel-forms/assets/css/frontend.css/wp-content/plugins/rigel-forms/assets/js/admin.js/wp-content/plugins/rigel-forms/assets/js/frontend.js
Script Paths
/wp-content/plugins/rigel-forms/assets/js/admin.js/wp-content/plugins/rigel-forms/assets/js/frontend.js
Version Parameters
rigel-forms/assets/css/admin.css?ver=rigel-forms/assets/css/frontend.css?ver=rigel-forms/assets/js/admin.js?ver=rigel-forms/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
rigel-integrations-wrapperrigel-integrations-gridrigel-integration-cardrigel-integration-headerrigel-integration-iconrigel-integration-header-textrigel-status-badgerigel-status-active+3 more
Data Attributes
name="rigel_recaptcha_site_key"name="rigel_recaptcha_secret"name="rigel_brevo_api_key"name="rigel_save_integrations"data-form-id
JS Globals
RigelFormsSettings
Shortcode Output
<p style="color:red;">Error: Form ID is missing or invalid.</p><p style="color:red;">Error: This form has no fields configured.</p>
FAQ

Frequently Asked Questions about Rigel Forms – Custom Form Builder & Contact Forms