PluginScore

FlowForms – Conversational Form Builder

Build beautiful, conversational step-by-step forms, surveys & quizzes — self-hosted and free.

v1.1.2Priyanshu ChaudharyUpdated Added 400 installs80% rating0% support resolved
contact formconversational formform buildersurveytypeform
75
Score
0
Errors
17
Warnings
+0
Change

Category Scores

Security55
Repo100
Performance100
Maintainability97

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

17 findings

Security

14

4 issue groups

Maintainability

3

3 issue groups

WARNINGSecurityReplacements Wrong NumberIncorrect number of replacements passed to $wpdb->prepare(). Found 1 replacement parameters, expected 2.4
Category
Security
Occurrences
4
Severity
warning

Sample message

Incorrect number of replacements passed to $wpdb->prepare(). Found 1 replacement parameters, expected 2.

WordPress.DB.PreparedSQLPlaceholders.ReplacementsWrongNumber
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.4
Category
Security
Occurrences
4
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $format used in $wpdb->query()\n$format assigned unsafely at line 416.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Unescaped parameter $format used in $wpdb->query()\n$format assigned unsafely at line 416.

PluginCheck.Security.DirectDB.UnescapedDBParameter
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable {$format} at "UPDATE %i SET %i = {$format} WHERE id IN ({$placeholders})"3
Category
Security
Occurrences
3
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable {$format} at "UPDATE %i SET %i = {$format} WHERE id IN ({$placeholders})"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
WARNINGMaintainabilitymismatched plugin namePlugin name "FlowForms – Conversational Form Builder" is different from the name declared in plugin header "FlowForms".1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "FlowForms – Conversational Form Builder" is different from the name declared in plugin header "FlowForms".

mismatched_plugin_nameReference

External Connections

Potential connections found in static code analysis.

10 domains

Outbound calls

20

External assets

0

Incoming endpoints

1

Notable Domains

wpflowforms.com4 · outbound
fonts.googleapis.com2 · outbound
tailwindcss.com2 · outbound
facebook.com1 · outbound
linkedin.com1 · outbound
priyanshuc.dev1 · outbound

Platform / Reference Domains

w3.org6 · platform/reference
opensource.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints1
wp_ajax_flowforms_toggle_starauthenticated

wp_ajax

Score History

First score snapshot

v1.1.2

75

Latest

Findings
17
Errors
0
Warnings
17
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

36 nodes

Related

Contact Form 769 scoreAkismet Anti-spam: Spam Protection35 scoreElementor Website Builder – more than just a page builder35 scoreYoast SEO – Advanced SEO with real-time guidance and built-in AI24 scoreWooCommerce22 scoreAll-in-One WP Migration and Backup34 scoreLoco Translate26 scoreSmush – Image Optimization, Compression, Lazy Load, WebP & CDN25 scoreKadence Security – Password, Two Factor Authentication, and Brute Force Protection23 scoreWPForms – AI Form Builder for WordPress – Contact Forms, Payment Forms, Survey Form, Quiz & More32 scoreFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder22 scoreForminator Forms – Contact Form, Payment Form & Custom Form Builder24 scoreMetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor30 scoreWS Form LITE – Drag & Drop Contact Form Builder100 score

Related Plugins

Add Password Field for Contact Form 7

3k+ active installs

100
Contact Form Query

1k+ active installs

100
NEX-Forms ADD ON – Super Select

1k+ active installs

100
Style Contact Form 7

1k+ active installs

100
WS Form LITE – Drag & Drop Contact Form Builder

10k+ active installs

100
ACF Field For CF7

10k+ active installs

99