Advanced spam cleanup and regex-powered spam detection for Gravity Forms entries.
- Contributors: miiira
- Donate link: Buy Me A Coffee
- Tags: gravity forms, spam, cleanup, regex, gravity
- Requires at least: 5.0
- Tested up to: 7.0
- Stable tag: 1.5
- Requires PHP: 7.4
- License: GPLv2 or later
- License URI: https://www.gnu.org/licenses/gpl-2.0.html
Spam Slayer for Gravity Forms is a lightweight cleanup utility for Gravity Forms that helps you detect, review, mark, and remove spam-like submissions already stored in your database.
Instead of blocking spam during submission, the plugin works as a post-submission analysis tool using regex-powered pattern matching.
Perfect for:
- bot attack cleanup
- fake name detection
- spam audits
- bulk spam removal
- regex-based moderation workflows
- Regex-powered spam detection
- Built-in spam detection presets
- Custom regex support
- Scan specific forms and fields
- Preview suspicious entries before deletion
- Test scan mode
- Bulk spam marking
- Bulk spam deletion
- Track which pages/posts are using Gravity Forms (shortcodes or Gutenberg blocks)
- Lightweight admin interface
- Native WordPress UI
- No telemetry or tracking
- No external API calls
- Minimal performance impact
Detect and remove thousands of spam submissions after automated attacks.
Identify entries containing suspicious random strings or malformed content.
Locate repetitive promotional phrases, URLs, or injected text.
Create custom regex workflows tailored to your own moderation strategy.
This plugin does NOT prevent spam during submission.
It is designed specifically for:
- spam detection
- spam analysis
- spam cleanup
- post-submission moderation
For prevention, combine it with:
- reCAPTCHA
- Cloudflare Turnstile
- Gravity Forms anti-spam tools
- honeypot fields
cd wp-content/plugins
git clone https://github.com/LeMiira/GForm-Spam-Slayer.git- Plugin Rename: Renamed plugin to Spam Slayer for Gravity Forms to comply with WordPress directory trademark guidelines.
- UI Enhancement: Completely overhauled the admin settings UI with a modern, card-based flexbox layout for better usability and aesthetics.
- Visual Assets: Added new high-quality plugin icons and banners to the assets directory for the WordPress directory listing.
- Improved Detection: Updated "GF Usage" page title to "Pages which uses gravity forms" and improved detection to find forms used inside Elementor widgets (e.g. bdt-gravity-forms) across both public and private pages.
- New Feature: Restructured admin interface into a custom Spam Slayer Tools top-level menu containing Spam Slayer for Gravity Forms and Usage submenu pages.
- Security Hardening & Stability: Added checks on plugin activation, admin panels, and AJAX routines to gracefully handle scenarios when Gravity Forms is not installed or active, preventing any fatal errors.
- Coding Standards Compliance: Resolved prefixing errors, added missing translator comment annotations, formatted raw error logs, and updated readme configurations to match WordPress repository requirements.
- New Feature: Added a Buy Me a Coffee donate link directly to the plugin action links on the main Plugins directory screen.
- New Feature: Added a Support card in the admin tools panel featuring links to GitHub Sponsors and Buy Me a Coffee.
- New Feature: Added a Gravity Forms Usage page under the Tools management menu to see which posts and pages are using each Gravity Form (via shortcodes or Gutenberg blocks).
- Security Fix: Fixed critical bug where undefined
wp_error_logfunction could cause fatal PHP crash when logging errors. - Security Hardening: Implemented server-side regex validation check before running
preg_matchto prevent PHP runtime warnings or crashes on invalid patterns. - Security Hardening: Removed inline Javascript script block from the admin dashboard to comply with modern security guidelines (CSP compatibility). All JS handling is now fully localized and loaded from an external file.
- Performance Optimization: Optimized Gravity Forms loop performance by caching the form object retrieval outside the loop, avoiding redundant database lookups.
- Localization: Localized all remaining hardcoded strings in the admin interface and JavaScript logic.
- Requirement Updates: Bumped minimum required PHP version to 7.4.
