Forms are one of the biggest security risks on WordPress sites. Visitors can unintentionally submit sensitive information, send dodgy links, or even input commands to potentially hack your site.
There are a lot of form builder plugins for WordPress, so you’re probably wondering if one form builders is more secure than the rest. Most WordPress form builders have a page or article boasting about their security. Sadly, I think most articles miss the main point of form security – protecting the data submitted. Forms are often used to capture and store personal data, so this is one of the main things we want to protect on a WordPress site.
Protecting forms against SPAM and dangerous user inputs are also important, but I believe that protecting the data submitted by website visitors is the main goal.
Why are forms on WordPress potentially such a security risk?
The majority of form builders store the submissions unencrypted in the database. This means thatany of the following easily read the submissions:
- Website admins (or anyone with access to the website)
- Your hosting company (assuming you’re using managed hosting)
- Plugins which interact with the database
- The public, in the unlikely (but possible) event that your database contents get leaked on your website
If the data was stored in an encrypted format, the risk would be greatly reduced.