Does Forms with chart from VAB have any unpatched vulnerabilities?

No. All known vulnerabilities in Forms with chart from VAB have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Forms with chart from VAB compatible with WordPress 6.8.5?

According to WordPress.org data, Forms with chart from VAB 1.2.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Forms with chart from VAB compatible with PHP 5.6.20+?

Forms with chart from VAB requires PHP 5.6.20 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Forms with chart from VAB updated?

Forms with chart from VAB was last updated on Apr 8, 2025. Frequent updates are generally a positive security signal.

What is Forms with chart from VAB's security score?

Forms with chart from VAB has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Forms with chart from VAB Security & Risk Analysis

wordpress.org/plugins/vab-forms-with-chart

Simple Plugin for creating forms, inquirer and questionnaires with the ability to display the results in the form of charts.

50 active installs v1.2.3 PHP 5.6.20+ WP 5.5.1+ Updated Apr 8, 2025

contact-formfeedbackformforms-with-chartforms-with-csv

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Forms with chart from VAB Safe to Use in 2026?

Generally Safe

Score 100/100

Forms with chart from VAB has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12mo ago

Risk Assessment

The vab-forms-with-chart plugin version 1.2.3 exhibits a generally strong security posture, with no known historical vulnerabilities or critical code signals suggesting immediate major threats. The plugin demonstrates good practices by utilizing prepared statements for all SQL queries and performing a high percentage of output escaping. Furthermore, the lack of AJAX handlers, REST API routes, and cron events without proper authentication or permission checks significantly limits its attack surface. Nonce and capability checks are present, although not as extensively as might be ideal for a larger plugin.

However, the presence of two flows with unsanitized paths in the taint analysis warrants attention. While these did not escalate to critical or high severity, they represent potential entry points for attackers to manipulate file operations or exploit path traversal vulnerabilities if not handled with extreme care. The plugin's vulnerability history being clear is a positive indicator of responsible development, but the taint analysis findings suggest that thorough code review and security hardening should still be a priority to address these identified path issues.

Key Concerns

Flows with unsanitized paths found
Less than ideal nonce checks
Less than ideal capability checks
Some output not properly escaped

Vulnerabilities

None known

Forms with chart from VAB Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Forms with chart from VAB Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

344 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

87% escaped395 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

VABFWC_download_file (includes\controller.php:199)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Forms with chart from VAB Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[VABFWC] includes\SHORTCODE.php:11

[VABFWC_Graphic] includes\SHORTCODE.php:941

WordPress Hooks 21

actioninitadmin\admin.php:6

actionadd_meta_boxesadmin\admin.php:39

actionadd_meta_boxesadmin\admin.php:332

actionedit_postadmin\admin.php:604

filtermanage_vab_fwc_posts_columnsadmin\admin.php:755

filtermanage_vab_fwc_posts_custom_columnadmin\admin.php:770

actionadmin_initadmin\admin.php:779

actiondelete_postadmin\admin.php:782

actionadmin_menuadmin\admin.php:794

actionwp_enqueue_scriptsincludes\controller.php:2

actionget_footerincludes\controller.php:21

filterscript_loader_tagincludes\controller.php:47

filterstyle_loader_tagincludes\controller.php:61

actioncurrent_screenincludes\controller.php:62

actionadmin_enqueue_scriptsincludes\controller.php:67

actionadmin_enqueue_scriptsincludes\controller.php:84

actionadmin_footerincludes\controller.php:124

filterblock_categoriesincludes\controller.php:147

filterblock_categories_allincludes\controller.php:149

actionsend_headersincludes\controller.php:197

actionplugins_loadedincludes\plugin_translation.php:2

Maintenance & Trust

Forms with chart from VAB Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 8, 2025

PHP min version5.6.20

Downloads5K

Community Trust

Rating100/100

Number of ratings2

Active installs50

Alternatives

Forms with chart from VAB Alternatives

Contact Form & SMTP Plugin for WordPress by PirateForms

pirate-forms

A simple and effective WordPress contact form & SMTP plugin. Compatible with best themes out there, is both a secure and responsive contact form p …

30K 4 CVEs

Contact Form Clean and Simple

clean-and-simple-contact-form-by-meg-nicholas

A clean and simple contact form with flexible CSS framework support.

8K 2 CVEs

More Mails for CF7

more-mails-for-cf7

100

Extends the ubiquitous Contact Form 7 plugin to allow three or more messages.

500 No CVEs

Contact Form 7 Countries

cf7-countries

Country drop-down menu for Contact Form 7.

400 No CVEs

Contact Form X

contact-form-x

100

Displays a user-friendly contact form that your visitors will love. Lightweight, fast, secure, and accessible (ADA/WCAG compliant).

400 1 CVE

Developer Profile

Forms with chart from VAB Developer Profile

Vladimir Anatol`evich Brumer

1 plugin · 50 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Forms with chart from VAB

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vab-forms-with-chart/includes/js/vabfwc-scripts.js/wp-content/plugins/vab-forms-with-chart/includes/css/vabfwc-styles.css/wp-content/plugins/vab-forms-with-chart/includes/css/vabfwc-admin-styles.css/wp-content/plugins/vab-forms-with-chart/includes/css/all-vabfwc-admin-styles.css/wp-content/plugins/vab-forms-with-chart/includes/js/admin/vabfwc-add-gutenberg.js

Script Paths

/wp-content/plugins/vab-forms-with-chart/includes/js/vabfwc-scripts.js/wp-content/plugins/vab-forms-with-chart/includes/js/admin/vabfwc-add-gutenberg.js

Version Parameters

vab-forms-with-chart/includes/js/vabfwc-scripts.js?ver=vab-forms-with-chart/includes/css/vabfwc-styles.css?ver=vab-forms-with-chart/includes/css/vabfwc-admin-styles.css?ver=vab-forms-with-chart/includes/css/all-vabfwc-admin-styles.css?ver=vab-forms-with-chart/includes/js/admin/vabfwc-add-gutenberg.js?ver=

HTML / DOM Fingerprints

CSS Classes

vabfwc_category

Data Attributes

data-id

JS Globals

VABFWC_SenD_Invabfwc_local

Shortcode Output

<input id="form<label for="form<span>

FAQ