# flask-wtf > Form rendering, validation, and CSRF protection for Flask with WTForms. - **URL**: https://www.freshcrate.ai/projects/flask-wtf - **Author**: WTForms - **Category**: Frameworks - **Latest version**: `v1.3.0` (2026-04-23) - **License**: non-standard - **Source**: https://github.com/pallets-eco/flask-wtf/issues/ - **Homepage**: https://pypi.org/project/Flask-WTF/ - **Language**: Python - **GitHub**: 1,507 stars, 312 forks - **Registry**: pypi (`flask-wtf`) - **Tags**: `pypi` ## Description Flask-WTF ========= Simple integration of Flask and WTForms, including CSRF, file upload, and reCAPTCHA. Links ----- - Documentation: https://flask-wtf.readthedocs.io/ - Changes: https://flask-wtf.readthedocs.io/changes/ - PyPI Releases: https://pypi.org/project/Flask-WTF/ - Source Code: https://github.com/pallets-eco/flask-wtf/ - Issue Tracker: https://github.com/pallets-eco/flask-wtf/issues/ - Chat: https://discord.gg/pallets ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `v1.3.0` | 2026-04-23 | High | ## What's Changed * pre-commit autoupdate by @azmeuk in https://github.com/pallets-eco/flask-wtf/pull/607 * remove slsa provenance by @davidism in https://github.com/pallets-eco/flask-wtf/pull/638 * Support for Python 3.14 by @azmeuk in https://github.com/pallets-eco/flask-wtf/pull/648 * Try not to read uploaded files into memory by @Zverik in https://github.com/pallets-eco/flask-wtf/pull/635 * Migrate the project to uv by @azmeuk in https://github.com/pallets-eco/flask-wtf/pull/649 * ReCa | | `1.2.2` | 2026-04-21 | Low | Imported from PyPI (1.2.2) | | `v1.2.2` | 2024-10-24 | Low | - Move the project to the pallets-eco organization. #602 - Stop support for Python 3.8. Start support for Python 3.13. #603 | | `v1.2.1` | 2023-10-02 | Low | - Fix a bug introduced with #556 where file validators were editing the file fields content. #578 | | `v1.2.0` | 2023-10-01 | Low | - Add field ``MultipleFileField``. ``FileRequired``, ``FileAllowed``, ``FileSize`` now can be used to validate multiple files #556 #338 | | `v1.1.2` | 2023-09-29 | Low | - Fixed Flask 2.3 deprecations of ``werkzeug.urls.url_encode`` and ``flask.Markup`` #565 #561 - Stop support for python 3.7 #574 - Use `pyproject.toml` instead of `setup.cfg` #576 - Fixed nested blueprint CSRF exemption #572 | | `v1.1.1` | 2023-01-17 | Low | Released 2023-01-17 - Fixed `validate` `extra_validators` parameter. #548 | | `v1.1.0` | 2023-01-17 | Low | Released 2023-01-15 - Drop support for Python 3.6. - ``validate_on_submit`` takes a ``extra_validators`` parameters #479 - Stop supporting Flask-Babelex #540 - Support for python 3.11 #542 - Remove unused call to `JSONEncoder` #536 | | `v1.0.1` | 2022-03-31 | Low | This release fixes compatibility with Werkzeug 2.1. * Changes: https://flask-wtf.readthedocs.io/en/1.0.x/changes/#version-1-0-1 | | `v1.0.0` | 2021-11-07 | Low | Released 2021-11-07 - Deprecated items removal #484 - Support for alternatives captcha services #425 #342 #387 #384 | ## Citation - HTML: https://www.freshcrate.ai/projects/flask-wtf - Markdown: https://www.freshcrate.ai/projects/flask-wtf.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/flask-wtf/deps _Generated by freshcrate.ai. Indexes pypi releases for AI-agent ecosystem packages._