Secure Encrypted Form Security & Risk Analysis
wordpress.org/plugins/secure-encrypted-formThis plugin adds a secure form in your website that uses OpenPGP encryption to secure sensitive communications.
Is Secure Encrypted Form Safe to Use in 2026?
Generally Safe
Score 85/100Secure Encrypted Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'secure-encrypted-form' plugin v1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by not including any bundled libraries and exclusively using prepared statements for its SQL queries, indicating a commitment to preventing SQL injection vulnerabilities. Furthermore, the absence of any recorded vulnerabilities (CVEs) in its history is a strong indicator of a relatively stable and secure codebase. However, significant concerns arise from the analysis of its attack surface and code signals. The plugin exposes a substantial attack surface with 5 entry points, 4 of which lack any authentication checks. This is particularly worrying given the presence of 4 unprotected AJAX handlers, a common vector for attacks. While no critical taint flows were detected, the presence of 2 flows with unsanitized paths suggests a potential for more subtle vulnerabilities that could be exploited if an attacker can control the input leading to these paths. The low percentage of properly escaped output (61%) is also a concern, potentially opening the door to cross-site scripting (XSS) attacks.
Key Concerns
- Unprotected AJAX handlers
- Flows with unsanitized paths
- Low percentage of properly escaped output
- No capability checks on entry points
Secure Encrypted Form Security Vulnerabilities
Secure Encrypted Form Release Timeline
Secure Encrypted Form Code Analysis
Output Escaping
Data Flow Analysis
Secure Encrypted Form Attack Surface
AJAX Handlers 4
Shortcodes 1
WordPress Hooks 11
Maintenance & Trust
Secure Encrypted Form Maintenance & Trust
Maintenance Signals
Community Trust
Secure Encrypted Form Alternatives
Contact Form 7
contact-form-7
Just another contact form plugin. Simple but flexible.
Akismet Anti-spam: Spam Protection
akismet
The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.
WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More
wpforms-lite
The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder
fluentform
Get a fast contact form plugin. Create advanced forms using drag and drop form builder with all smart features.
Database Addon for Contact Form 7 – CFDB7
contact-form-cfdb7
Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.
Secure Encrypted Form Developer Profile
1 plugin · 50 total installs
How We Detect Secure Encrypted Form
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/secure-encrypted-form/lib/js/openpgp.min.js/wp-content/plugins/secure-encrypted-form/admin/css/secure-encrypted-form-admin.css/wp-content/plugins/secure-encrypted-form/admin/js/secure-encrypted-form-admin.js/wp-content/plugins/secure-encrypted-form/admin/js/secure-encrypted-form-admin.jssecure-encrypted-form/css/secure-encrypted-form-admin.css?ver=secure-encrypted-form/js/secure-encrypted-form-admin.js?ver=HTML / DOM Fingerprints
<!-- Plugin Name: Secure Encrypted Form --><!-- This function is provided for demonstration purposes only. --><!-- An instance of this class should be passed to the run() function --><!-- defined in Secure_Encrypted_Form_Loader as all of the hooks are defined -->+4 morewindow.openpgpwindow.openpgp.configwindow.openpgp.cryptowindow.openpgp.enumswindow.openpgp.keywindow.openpgp.packet+17 more