Secure Encrypted Form Security & Risk Analysis
wordpress.org/plugins/secure-encrypted-formThis plugin adds a secure form in your website that uses OpenPGP encryption to secure sensitive communications.
Is Secure Encrypted Form Safe to Use in 2026?
Generally Safe
Score 85/100Secure Encrypted Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'secure-encrypted-form' plugin v1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by not including any bundled libraries and exclusively using prepared statements for its SQL queries, indicating a commitment to preventing SQL injection vulnerabilities. Furthermore, the absence of any recorded vulnerabilities (CVEs) in its history is a strong indicator of a relatively stable and secure codebase. However, significant concerns arise from the analysis of its attack surface and code signals. The plugin exposes a substantial attack surface with 5 entry points, 4 of which lack any authentication checks. This is particularly worrying given the presence of 4 unprotected AJAX handlers, a common vector for attacks. While no critical taint flows were detected, the presence of 2 flows with unsanitized paths suggests a potential for more subtle vulnerabilities that could be exploited if an attacker can control the input leading to these paths. The low percentage of properly escaped output (61%) is also a concern, potentially opening the door to cross-site scripting (XSS) attacks.
Key Concerns
- Unprotected AJAX handlers
- Flows with unsanitized paths
- Low percentage of properly escaped output
- No capability checks on entry points
Secure Encrypted Form Security Vulnerabilities
Secure Encrypted Form Code Analysis
Output Escaping
Data Flow Analysis
Secure Encrypted Form Attack Surface
AJAX Handlers 4
Shortcodes 1
WordPress Hooks 11
Maintenance & Trust
Secure Encrypted Form Maintenance & Trust
Maintenance Signals
Community Trust
Secure Encrypted Form Alternatives
Contact Form 7
contact-form-7
Just another contact form plugin. Simple but flexible.
Akismet Anti-spam: Spam Protection
akismet
The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.
WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More
wpforms-lite
The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.
Database Addon for Contact Form 7 – CFDB7
contact-form-cfdb7
Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder
fluentform
Get a fast contact form plugin. Create advanced forms using drag and drop form builder with all smart features.
Secure Encrypted Form Developer Profile
1 plugin · 50 total installs
How We Detect Secure Encrypted Form
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/secure-encrypted-form/lib/js/openpgp.min.js/wp-content/plugins/secure-encrypted-form/admin/css/secure-encrypted-form-admin.css/wp-content/plugins/secure-encrypted-form/admin/js/secure-encrypted-form-admin.js/wp-content/plugins/secure-encrypted-form/admin/js/secure-encrypted-form-admin.jssecure-encrypted-form/css/secure-encrypted-form-admin.css?ver=secure-encrypted-form/js/secure-encrypted-form-admin.js?ver=HTML / DOM Fingerprints
<!-- Plugin Name: Secure Encrypted Form --><!-- This function is provided for demonstration purposes only. --><!-- An instance of this class should be passed to the run() function --><!-- defined in Secure_Encrypted_Form_Loader as all of the hooks are defined -->+4 morewindow.openpgpwindow.openpgp.configwindow.openpgp.cryptowindow.openpgp.enumswindow.openpgp.keywindow.openpgp.packet+17 more