WP-Safety

Aetta Email Capture Security & Risk Analysis

wordpress.org/plugins/aetta-email-capture

Creates a form to capture emails. Simple, fast and lightweight email capture. No bloat.

0 active installs v1.0.1 PHP 7.4+ WP 6.0+ Updated Jan 14, 2026
email-capturelead-capturelightweightnewsletteropt-in
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Aetta Email Capture Safe to Use in 2026?

Generally Safe

Score 100/100

Aetta Email Capture has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "aetta-email-capture" plugin v1.0.1 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known CVEs, including critical or high severity vulnerabilities, is a significant positive indicator. The code analysis reveals no dangerous functions, external HTTP requests, or raw SQL queries. Furthermore, all SQL queries utilize prepared statements, and nonce and capability checks are present for identified entry points. This indicates a good understanding of core WordPress security practices within the plugin's development.

However, a notable concern arises from the output escaping analysis. With 62% of outputs properly escaped, a significant portion (38%) remains unescaped. This presents a potential risk for cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed to the user. The presence of a file operation without further context also warrants cautious attention, as it could be an avenue for misuse if not handled with strict validation. The lack of taint analysis results is neutral, as it could mean no complex data flows were analyzed or that no issues were found within those analyzed.

In conclusion, while the plugin benefits from a clean vulnerability history and a good foundation of security practices like prepared statements and authentication checks, the substantial rate of unescaped output is a clear weakness that requires immediate attention. Addressing this output sanitization issue is paramount to mitigating potential XSS risks and strengthening the overall security of the plugin.

Key Concerns

  • Large percentage of unescaped output
Vulnerabilities
None known

Aetta Email Capture Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Aetta Email Capture Release Timeline

v1.0.1Current
Code Analysis
Analyzed Mar 17, 2026

Aetta Email Capture Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
39
63 escaped
Nonce Checks
3
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

62% escaped102 total outputs
Attack Surface

Aetta Email Capture Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[aetta_email_capture] includes\class-aettaec-form.php:8
WordPress Hooks 12
actionplugins_loadedaetta-email-capture.php:30
actionadd_meta_boxesincludes\class-aettaec-admin.php:8
actionadmin_menuincludes\class-aettaec-admin.php:11
actionadmin_initincludes\class-aettaec-admin.php:12
actionadmin_initincludes\class-aettaec-admin.php:13
actionadmin_post_aettaec_export_csvincludes\class-aettaec-admin.php:14
filterwp_privacy_personal_data_exportersincludes\class-aettaec-admin.php:15
filterwp_privacy_personal_data_erasersincludes\class-aettaec-admin.php:16
actioninitincludes\class-aettaec-cpt.php:10
actionaettaec_daily_purge_eventincludes\class-aettaec-cpt.php:11
actionadmin_post_aettaec_submitincludes\class-aettaec-form.php:9
actionadmin_post_nopriv_aettaec_submitincludes\class-aettaec-form.php:10

Scheduled Events 1

aettaec_daily_purge_event
Maintenance & Trust

Aetta Email Capture Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 14, 2026
PHP min version7.4
Downloads159

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Aetta Email Capture Alternatives

Download Magnet

Download Magnet

download-magnet

A
100

This plugin provides an easy-to-use way of capturing email addresses when the end user wishes to download a file.

100 No CVEs
Email Blaster Newsletter Signup Form

Email Blaster Newsletter Signup Form

email-blaster-newsletter-signup-form

A
85

Email subscribe forms for your website. Send HTML email marketing (newsletters). GDPR compliant, UK based email marketing and email automation.

100 No CVEs
Contact Form 7 – Campaign Monitor Addon

Contact Form 7 – Campaign Monitor Addon

contact-form-7-campaignmonitor-addon

A
85

Add the capability to create newsletter opt-in forms with Contact Form 7. Automatically submit subscribers to predetermined lists in Campaign Monitor.

90 No CVEs
Easy Popups – Beautiful, Responsive Popups for Lead Capture & Announcements

Easy Popups – Beautiful, Responsive Popups for Lead Capture & Announcements

easy-popups

A
99

Create beautiful, responsive popups in minutes. Add forms, videos, smart triggers, and precise display rules — all inside WordPress.

40 1 CVE
Instant Popup Builder – Powerful Popup Maker for Opt-ins, Email Newsletters & Lead Generation

Instant Popup Builder – Powerful Popup Maker for Opt-ins, Email Newsletters & Lead Generation

instant-popup-builder

A
99

A fast, lightweight WordPress popup Builder plugin for creating opt-ins, announcements, and lead-generation popups in minutes.

30 1 CVE
Developer Profile

Aetta Email Capture Developer Profile

aetta

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Aetta Email Capture

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/aetta-email-capture/assets/css/form.css
Version Parameters
aetta-email-capture/assets/css/form.css?ver=

HTML / DOM Fingerprints

CSS Classes
aettaec-msgaettaec-successaettaec-erroraettaec-formaettaec-consent
Data Attributes
data-aettaec-border-colordata-aettaec-border-widthdata-aettaec-radiusdata-aettaec-input-heightdata-aettaec-button-bgdata-aettaec-button-text+2 more
JS Globals
window.location.href
Shortcode Output
[aetta_email_capture]
FAQ

Frequently Asked Questions about Aetta Email Capture