Does FormsDB – Save Elementor Forms to Google Sheets & Post Type have any unpatched vulnerabilities?

No. All known vulnerabilities in FormsDB – Save Elementor Forms to Google Sheets & Post Type have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is FormsDB – Save Elementor Forms to Google Sheets & Post Type compatible with WordPress 6.9.4?

According to WordPress.org data, FormsDB – Save Elementor Forms to Google Sheets & Post Type 2.1.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is FormsDB – Save Elementor Forms to Google Sheets & Post Type compatible with PHP 7.4+?

FormsDB – Save Elementor Forms to Google Sheets & Post Type requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

FormsDB – Save Elementor Forms to Google Sheets & Post Type Security & Risk Analysis

wordpress.org/plugins/sb-elementor-contact-form-db

Connect Elementor forms with Google Sheets to sync form entries, or save form submissions in any post type using Elementor Pro or Hello Plus forms.

20K active installs v2.1.7 PHP 7.4+ WP 5.0+ Updated Feb 17, 2026

contact-form-dbelementor-formsform-entriesform-submissionsgoogle-sheets

A · Safe

CVEs total3

Unpatched0

Last CVEJul 19, 2022

Plugin page Download

Safety Verdict

Is FormsDB – Save Elementor Forms to Google Sheets & Post Type Safe to Use in 2026?

Generally Safe

Score 98/100

FormsDB – Save Elementor Forms to Google Sheets & Post Type has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jul 19, 2022Updated 1mo ago

Risk Assessment

The sb-elementor-contact-form-db plugin v2.1.7 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of dangerous functions and file operations further contributes to its security. However, the presence of one AJAX handler without authentication checks presents a significant concern, potentially allowing unauthorized users to interact with plugin functionalities.

The vulnerability history reveals a concerning pattern, with three known CVEs, including one high-severity vulnerability. The types of past vulnerabilities, such as Cross-Site Scripting and Exposure of Sensitive Information, suggest potential weaknesses in input validation and output encoding that, despite current improvements, might indicate underlying architectural issues. The fact that none of the past vulnerabilities are currently unpatched is a positive sign, implying the developers have addressed previous issues.

Overall, while the plugin has made strides in security, the unauthenticated AJAX endpoint and the historical prevalence of critical vulnerability types warrant careful consideration. The attack surface is relatively small, but the unprotected entry point is a weakness that could be exploited. Continued vigilance and thorough testing of new versions are recommended.

Key Concerns

AJAX handler without authentication check
History of high severity vulnerability
History of medium severity vulnerabilities
Total known CVEs (3)
Flows with unsanitized paths

Vulnerabilities

FormsDB – Save Elementor Forms to Google Sheets & Post Type Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

2 CVEs in 2022

2022

Patched Has unpatched

Severity Breakdown

High

Medium

3 total CVEs

CVE-2022-2116medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Contact Form DB - Elementor <= 1.7 - Reflected Cross-Site Scripting

Jul 19, 2022 Patched in 1.8.0 (553d)

WF-f708e910-7745-4ff5-9f9f-5552dbaf1113-sb-elementor-contact-form-dbmedium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Elementor Contact Form DB <= 1.5 - Sensitive Information Disclosure

Jun 1, 2022 Patched in 1.6 (601d)

CVE-2021-3133high · 8.8Cross-Site Request Forgery (CSRF)

Elementor Contact Form DB <= 1.5 - Cross-Site Request Forgery

Jan 14, 2021 Patched in 1.6 (1104d)

Code Analysis

Analyzed Mar 16, 2026

FormsDB – Save Elementor Forms to Google Sheets & Post Type Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

433 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2Guzzle

SQL Query Safety

100% prepared17 total queries

Output Escaping

96% escaped451 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

14 flows5 with unsanitized paths

render_content (admin\views\old-submission.php:53)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

FormsDB – Save Elementor Forms to Google Sheets & Post Type Attack Surface

Entry Points9

Unprotected1

AJAX Handlers 9

authwp_ajax_fdbgp_plugin_installadmin\class-fdbgp-admin.php:93

authwp_ajax_fdbgp_plugin_activateadmin\class-fdbgp-admin.php:94

authwp_ajax_cpfm_handle_opt_in_fdbgpadmin\feedback\cpfm-common-notice.php:14

authwp_ajax_fdbgp_install_pluginadmin\marketing\fdbgp-marketing-common.php:109

authwp_ajax_fdbgp_mkt_dismiss_noticeadmin\marketing\fdbgp-marketing-common.php:111

authwp_ajax_fdbgp_get_sheetsincludes\lib-helpers\trait-fdbgp-ajax-handlers.php:20

authwp_ajax_fdbgp_create_spreadsheetincludes\lib-helpers\trait-fdbgp-ajax-handlers.php:21

authwp_ajax_fdbgp_update_sheet_headersincludes\lib-helpers\trait-fdbgp-ajax-handlers.php:22

authwp_ajax_fdbgp_check_sheet_headersincludes\lib-helpers\trait-fdbgp-ajax-handlers.php:23

WordPress Hooks 64

actionadmin_menuadmin\class-fdbgp-admin.php:41

actionadmin_enqueue_scriptsadmin\class-fdbgp-admin.php:42

actionadmin_action_fdbgp_create_elementor_pageadmin\class-fdbgp-admin.php:43

actioncpfm_register_noticeadmin\class-fdbgp-admin.php:45

actioncpfm_after_opt_in_fdbgpadmin\class-fdbgp-admin.php:70

actioninitadmin\entries\fdbgp-entries-posts.php:37

actionadd_meta_boxesadmin\entries\fdbgp-entries-posts.php:38

actionadmin_enqueue_scriptsadmin\entries\fdbgp-entries-posts.php:39

actionfdbgp_render_menu_pagesadmin\entries\fdbgp-entries-posts.php:40

actionadmin_headadmin\entries\fdbgp-entries-posts.php:41

filterfdbgp_dashboard_tabsadmin\entries\fdbgp-entries-posts.php:42

actionadmin_initadmin\entries\fdbgp-post-bulk-actions.php:92

actionremovable_query_argsadmin\entries\fdbgp-post-bulk-actions.php:93

actioncfkef_admin_noticesadmin\entries\fdbgp-post-bulk-actions.php:406

actioncfkef_admin_noticesadmin\entries\fdbgp-post-bulk-actions.php:447

actionadmin_enqueue_scriptsadmin\feedback\admin-feedback-form.php:24

actionadmin_headadmin\feedback\admin-feedback-form.php:25

actionadmin_noticesadmin\feedback\admin-feedback-form.php:27

actionadmin_initadmin\feedback\cpfm-common-notice.php:12

actionadmin_enqueue_scriptsadmin\feedback\cpfm-common-notice.php:13

actionadmin_footeradmin\feedback\cpfm-common-notice.php:15

filtercron_schedulesadmin\feedback\cron\fdbgp-class-cron.php:14

actionfdbgp_extra_data_updateadmin\feedback\cron\fdbgp-class-cron.php:15

actionelementor/initadmin\marketing\fdbgp-marketing-common.php:48

actionelementor/element/loop-grid/section_query/before_section_endadmin\marketing\fdbgp-marketing-common.php:51

actionelementor/element/form/section_form_fields/before_section_endadmin\marketing\fdbgp-marketing-common.php:66

actionelementor/element/taxonomy-filter/section_taxonomy_filter/before_section_endadmin\marketing\fdbgp-marketing-common.php:69

actionelementor/initadmin\marketing\fdbgp-marketing-common.php:77

actionelementor/element/ehp-form/section_form_fields/before_section_endadmin\marketing\fdbgp-marketing-common.php:93

actionadmin_noticesadmin\marketing\fdbgp-marketing-common.php:106

actionelementor/editor/after_enqueue_scriptsadmin\marketing\fdbgp-marketing-common.php:280

actionelementor/editor/after_enqueue_stylesadmin\marketing\fdbgp-marketing-common.php:281

actionelementor/admin-top-bar/is-activeadmin\register-menu-dashboard\fdbgp-dashboard.php:50

actionadmin_print_scriptsadmin\register-menu-dashboard\fdbgp-dashboard.php:51

actionadmin_menuadmin\register-menu-dashboard\fdbgp-dashboard.php:66

actionadmin_noticesadmin\register-menu-dashboard\fdbgp-dashboard.php:159

actionelementor/editor/after_saveincludes\class-fdbgp-cache-manager.php:21

actionsave_postincludes\class-fdbgp-cache-manager.php:24

actiontrashed_postincludes\class-fdbgp-cache-manager.php:25

actionfdbgp_flush_cacheincludes\class-fdbgp-cache-manager.php:28

actioninitincludes\class-fdbgp-old-submission.php:32

actionadmin_initincludes\class-fdbgp-old-submission.php:33

actionadmin_initincludes\class-fdbgp-old-submission.php:34

actionelementor_pro/forms/new_recordincludes\class-fdbgp-old-submission.php:35

actioncfkef/form/entriesincludes\collect-entries\class-cfkef-save-entries.php:15

actionelementor_pro/forms/actions/registerincludes\widgets\class-widgets-loader.php:42

actionelementor/element/cool-form/section_form_fields/before_section_endincludes\widgets\coolform-modules\coolform-fdbgp-form-register-post.php:24

actionelementor/controls/registerincludes\widgets\coolform-modules\coolform-fdbgp-form-sheets-action.php:21

actionelementor/editor/after_enqueue_scriptsincludes\widgets\coolform-modules\coolform-fdbgp-form-sheets-action.php:67

actioncool_form/forms/actions/registerincludes\widgets\coolform-widget-loader.php:35

actionelementor/element/ehp-form/section_integration/after_section_startincludes\widgets\helloplus-modules\action\save-form-data.php:12

actionelementor/element/ehp-form/section_form_fields/before_section_endincludes\widgets\helloplus-modules\helloplus-fdbgp-form-register-post.php:24

actionelementor/controls/registerincludes\widgets\helloplus-modules\helloplus-fdbgp-form-sheets-action.php:21

actionelementor/editor/after_enqueue_scriptsincludes\widgets\helloplus-modules\helloplus-fdbgp-form-sheets-action.php:65

actionplugins_loadedincludes\widgets\helloplus-widget-loader.php:35

actionelementor/element/ehp-form/section_integration/after_section_endincludes\widgets\helloplus-widget-loader.php:45

actionelementor/element/ehp-form/section_integration/after_section_endincludes\widgets\helloplus-widget-loader.php:48

actionelementor/controls/registerincludes\widgets\modules\class-fdbgp-form-sheets-action.php:22

actionelementor/editor/after_enqueue_scriptsincludes\widgets\modules\class-fdbgp-form-sheets-action.php:64

actionplugins_loadedsb_elementor_contact_form_db.php:67

actionadmin_initsb_elementor_contact_form_db.php:68

filterplugin_row_metasb_elementor_contact_form_db.php:69

actionactivated_pluginsb_elementor_contact_form_db.php:70

actioninitsb_elementor_contact_form_db.php:74

Scheduled Events 8

fdbgp_extra_data_update

cfef_extra_data_update

cfefp_extra_data_update

ccfef_extra_data_update

fme_extra_data_update

mfe_extra_data_update

fdbgp_extra_data_update

Maintenance & Trust

FormsDB – Save Elementor Forms to Google Sheets & Post Type Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 17, 2026

PHP min version7.4

Downloads427K

Community Trust

Rating92/100

Number of ratings19

Active installs20K

Alternatives

FormsDB – Save Elementor Forms to Google Sheets & Post Type Alternatives

Database for Contact Form 7, WPforms, Elementor forms

contact-form-entries

Saves Contact Form 7, WPforms,Elementor Forms, CRM Perks Forms and many other contact form submissions to database.

70K 13 CVEs

GSheetConnector for Elementor Forms – Sync Elementor Forms to Google Sheets

gsheetconnector-for-elementor-forms

100

Sync Elementor Forms and MetForm to Google Sheets in real-time with secure Google Sheets integration and automatic form submission sync.

9K 1 CVE

WPSyncSheets For WPForms – Google Sheets Connector for WPForms & Real‑Time Data Export

wpsyncsheets-wpforms

Connect WPForms to Google Sheets and automatically sync form entries in real-time. Eliminate manual data entry and simplify your workflow.

300 1 CVE

Contact Form 7 Database Manager Addon – CF7DBM

form-data-manager

Save contact form 7 submissions to the WP database with this CF7 addon. Never lose important messages, leads, and requests again.

200 No CVEs

Contact Form Extender for Divi – Submissions DB & Extra Fields

contact-form-extender-for-divi-builder

100

Extend Divi Contact Form module with file upload field, country code dropdown and save Divi form submissions in the database.

60 No CVEs

Developer Profile

FormsDB – Save Elementor Forms to Google Sheets & Post Type Developer Profile

Cool Plugins

19 plugins · 109K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

490 days

View full developer profile

Detection Fingerprints

How We Detect FormsDB – Save Elementor Forms to Google Sheets & Post Type

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sb-elementor-contact-form-db/assets/css/admin-style.css/wp-content/plugins/sb-elementor-contact-form-db/assets/css/common-style.css/wp-content/plugins/sb-elementor-contact-form-db/assets/js/admin-scripts.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/cpfm-common-scripts.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/jquery.validate.min.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/sweetalert.min.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/validation.js

Script Paths

/wp-content/plugins/sb-elementor-contact-form-db/assets/js/admin-scripts.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/cpfm-common-scripts.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/jquery.validate.min.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/sweetalert.min.js/wp-content/plugins/sb-elementor-contact-form-db/assets/js/validation.js

Version Parameters

sb-elementor-contact-form-db/assets/css/admin-style.css?ver=sb-elementor-contact-form-db/assets/css/common-style.css?ver=sb-elementor-contact-form-db/assets/js/admin-scripts.js?ver=sb-elementor-contact-form-db/assets/js/cpfm-common-scripts.js?ver=sb-elementor-contact-form-db/assets/js/jquery.validate.min.js?ver=sb-elementor-contact-form-db/assets/js/sweetalert.min.js?ver=sb-elementor-contact-form-db/assets/js/validation.js?ver=

HTML / DOM Fingerprints

CSS Classes

cpfm-feedback-form-wrappercpfm-feedback-formcpfm-form-fieldcpfm-textareacpfm-submit-button

HTML Comments

+3 more

Data Attributes

data-fdbgp-iddata-fdbgp-settings

JS Globals

FDBGP_PLUGIN_VERSIONfdbgp_google_settingsformdb_initial_versionformdb_initial_version_migration

FAQ