WP-Safety

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Security & Risk Analysis

wordpress.org/plugins/sprout-invoices-formidable-forms

Dynamic invoicing (and estimates/quotes) from Formidable Form submissions.

200 active installs v1.3 PHP + WP 4.8+ Updated Dec 1, 2025
billingestimatesformidable-formsinvoiceinvoicing
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Safe to Use in 2026?

Generally Safe

Score 100/100

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

Based on the provided static analysis and vulnerability history, the "sprout-invoices-formidable-forms" v1.3 plugin exhibits a very strong security posture. The absence of any identified dangerous functions, raw SQL queries, unsanitized taint flows, or file operations suggests a well-developed and secure codebase. The 100% proper output escaping and use of prepared statements are excellent practices that significantly mitigate common web vulnerabilities.

Furthermore, the plugin has no recorded vulnerabilities (CVEs) and no identified issues in its vulnerability history. This indicates a history of security diligence from the developers. The zero attack surface points, with no unprotected AJAX handlers, REST API routes, shortcodes, or cron events, further bolster its security by minimizing potential entry points for attackers.

While the lack of nonces and capability checks on the analyzed entry points is a point to note, the fact that there are zero entry points without these checks means they are not currently a vector for exploitation. Overall, this plugin appears to be a highly secure and well-maintained option, with no immediate security concerns identified in the provided data.

Vulnerabilities
None known

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
38 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped38 total outputs
Attack Surface

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 15
filtersi_settings_optionsinc\Formidable.php:15
actionsi_settings_savedinc\Formidable.php:17
filtersi_settingsinc\Formidable.php:19
actionfrm_after_create_entryinc\Formidable.php:23
filterfrm_available_fieldsinc\Formidable.php:26
filterfrm_form_fieldsinc\Formidable.php:27
actionsprout_invoices_loadedsprout-invoice-formidable-integration.php:23
filtersi_settings_optionstrunk\inc\Formidable.php:15
actionsi_settings_savedtrunk\inc\Formidable.php:17
filtersi_settingstrunk\inc\Formidable.php:19
filterplugin_action_linkstrunk\inc\Formidable.php:22
actionfrm_after_create_entrytrunk\inc\Formidable.php:26
filterfrm_available_fieldstrunk\inc\Formidable.php:29
filterfrm_form_fieldstrunk\inc\Formidable.php:30
actionsprout_invoices_loadedtrunk\sprout-invoice-formidable-integration.php:23
Maintenance & Trust

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 1, 2025
PHP min version
Downloads11K

Community Trust

Rating60/100
Number of ratings2
Active installs200
Alternatives

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Alternatives

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

sprout-invoices

A
89

The best invoicing plugin for WordPress. See how you can get paid faster without those hidden service fees.

1K 8 CVEs
WP Forms + Sprout Invoices – Easy Invoice & Quote Submissions

WP Forms + Sprout Invoices – Easy Invoice & Quote Submissions

sprout-invoices-wp-forms

A
100

Dynamic invoicing (and estimates/quotes) from WP Form submissions.

400 No CVEs
Gravity Forms + Sprout Invoices – Easy Invoice & Estimate Submissions

Gravity Forms + Sprout Invoices – Easy Invoice & Estimate Submissions

sprout-invoices-gravity-forms

A
100

Dynamic invoicing (and estimates/quotes) from Gravity Form submissions.

90 No CVEs
Ninja Forms + Sprout Invoices – Easy Invoice & Estimate Submissions

Ninja Forms + Sprout Invoices – Easy Invoice & Estimate Submissions

sprout-invoices-ninja-forms

A
100

Dynamic invoicing (and estimates/quotes) from Ninja Form submissions.

70 No CVEs
Quotes Addon for GetPaid

Quotes Addon for GetPaid

invoicing-quotes

A
100

Quotes add-on for the WordPress payments plugin GetPaid. Allows you to create quotes, send them to clients and convert them to Invoices when accepted …

700 No CVEs
Developer Profile

Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions Developer Profile

BoldGrid

15 plugins · 1.1M total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
841 days
View full developer profile
Detection Fingerprints

How We Detect Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sprout-invoices-formidable-forms/inc/formidable_submission.php/wp-content/plugins/sprout-invoices-formidable-forms/inc/formidable.php

HTML / DOM Fingerprints

Data Attributes
si_formidable_invoice_submissions_idsi_formidable_record_generationsi_invoice_sub_mapping_vm.si_invoice_sub_mapping_
JS Globals
vm.si_invoice_sub_mapping_
FAQ

Frequently Asked Questions about Formidable Forms + Sprout Invoices – Easy Invoice & Estimate Submissions