WP-Safety

Asynchronous Emails Security & Risk Analysis

wordpress.org/plugins/asynchronous-emails

This WordPress plugin allows you to send emails asynchronously using cron jobs, instead of the default way of sending emails immediately upon sending.

10 active installs v1.0.0 PHP 7.4+ WP 5.9+ Updated Unknown
asyncasync-emailsemailsmailsscheduling
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Asynchronous Emails Safe to Use in 2026?

Generally Safe

Score 100/100

Asynchronous Emails has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "asynchronous-emails" plugin v1.0.0 presents a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices regarding output escaping, utilizing prepared statements for almost all SQL queries, and has no recorded vulnerability history. This indicates a developer who understands fundamental security principles. However, significant concerns arise from the attack surface analysis, specifically the presence of five AJAX handlers, all of which lack authentication checks. This creates a substantial direct entry point for attackers. Furthermore, the taint analysis reveals three high-severity flows with unsanitized paths, suggesting potential vulnerabilities where user-supplied data could be manipulated to achieve unintended actions. While the plugin has no known CVEs, the combination of a large, unprotected AJAX attack surface and critical taint flows points to a real risk of exploitation that needs immediate attention.

Key Concerns

  • 5 AJAX handlers without auth checks
  • 3 high severity taint flows (unsanitized paths)
Vulnerabilities
None known

Asynchronous Emails Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Asynchronous Emails Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
13 prepared
Unescaped Output
0
21 escaped
Nonce Checks
1
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
0

SQL Query Safety

93% prepared14 total queries

Output Escaping

100% escaped21 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
delete_task_record (includes\ajax.php:61)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
5 unprotected

Asynchronous Emails Attack Surface

Entry Points5
Unprotected5

AJAX Handlers 5

authwp_ajax_asynchronous_emails_ajax_listincludes\ajax.php:22
authwp_ajax_asynchronous_emails_ajax_delete_task_recordincludes\ajax.php:23
authwp_ajax_asynchronous_emails_ajax_resend_task_recordincludes\ajax.php:24
authwp_ajax_asynchronous_emails_ajax_get_settingsincludes\ajax.php:25
authwp_ajax_asynchronous_emails_ajax_update_settingsincludes\ajax.php:26
WordPress Hooks 7
actionadmin_menuincludes\adminarea.php:21
actionadmin_enqueue_scriptsincludes\adminarea.php:22
filtercron_schedulessrc\abstract-scheduling-manager.php:74
actionplugins_loadedsrc\application.php:39
actionplugins_loadedsrc\application.php:42
actionwp_mail_failedsrc\application.php:113
filterasynchronous_emails_job_hookssrc\task-executor.php:68

Scheduled Events 1

send_email_job
Maintenance & Trust

Asynchronous Emails Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedUnknown
PHP min version7.4
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Asynchronous Emails Alternatives

LH Email Queue and Log

LH Email Queue and Log

lh-email-queue-and-log

A
85

LH Email enables you to queu your emails so they are sent asynchronously.

0 No CVEs
MailPoet – Newsletters, Email Marketing, and Automation

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

A
98

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs
YayMail – WooCommerce Email Customizer

YayMail – WooCommerce Email Customizer

yaymail

A
91

Customize WooCommerce email templates with an advanced drag-and-drop email builder. Works great with 80+ WooCommerce Email Customizer Addons.

50K 4 CVEs
Disable Emails

Disable Emails

disable-emails

A
100

Stop WordPress from sending any emails. ANY!

30K No CVEs
Preview E-mails for WooCommerce

Preview E-mails for WooCommerce

woo-preview-emails

A
99

An Extension for WooCommerce that allows you to Preview Email Templates.

30K 2 CVEs
Developer Profile

Asynchronous Emails Developer Profile

Mohamed Endisha

6 plugins · 1K total installs

94
trust score
Avg Security Score
92/100
Avg Patch Time
1 days
View full developer profile
Detection Fingerprints

How We Detect Asynchronous Emails

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/asynchronous-emails/resources/assets/js/app.js/wp-content/plugins/asynchronous-emails/resources/assets/css/app.css
Script Paths
/wp-content/plugins/asynchronous-emails/resources/assets/js/app.js
Version Parameters
asynchronous-emails/resources/assets/js/app.js?ver=asynchronous-emails/resources/assets/css/app.css?ver=

HTML / DOM Fingerprints

CSS Classes
wrapbounce-enter-activebounce-leave-active
Data Attributes
v-cloak
JS Globals
window.axioswindow.Vuewindow.VueRouter
FAQ

Frequently Asked Questions about Asynchronous Emails