Does Aweber Subscriber Form have any unpatched vulnerabilities?

No. All known vulnerabilities in Aweber Subscriber Form have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Aweber Subscriber Form compatible with WordPress 4.2.39?

According to WordPress.org data, Aweber Subscriber Form 1.0.0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Aweber Subscriber Form updated?

Aweber Subscriber Form was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Aweber Subscriber Form's security score?

Aweber Subscriber Form has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Aweber Subscriber Form Security & Risk Analysis

wordpress.org/plugins/aweber-subscriber-form

This plugin allows you to add a aweber Email Subscription form widget on your sidebars of wordpress websites and blogs.

10 active installs v1.0.0 PHP + WP 3.5.1+ Updated Unknown

apiaweberemailemail-marketingform

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Aweber Subscriber Form Safe to Use in 2026?

Generally Safe

Score 100/100

Aweber Subscriber Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "aweber-subscriber-form" plugin version 1.0.0 presents a mixed security profile. On the positive side, it demonstrates excellent practices by utilizing prepared statements for all SQL queries and has no recorded vulnerabilities or CVEs, suggesting a history of stability. The plugin also lacks file operations and external HTTP requests, further reducing potential attack vectors. However, the static analysis reveals critical concerns. The presence of the `create_function` dangerous function is a significant security risk, as it can be exploited for code injection. Furthermore, the output escaping is alarmingly low at only 31%, indicating a high probability of cross-site scripting (XSS) vulnerabilities. The complete absence of nonce checks and capability checks across all entry points (which are currently zero, but if added, would be unprotected) also leaves any potential future additions vulnerable to CSRF and privilege escalation attacks.

Key Concerns

Use of dangerous function: create_function
Low output escaping percentage
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Aweber Subscriber Form Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Aweber Subscriber Form Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("AweberSubscriberForm");'));index.php:16

Output Escaping

31% escaped13 total outputs

Attack Surface

Aweber Subscriber Form Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_initindex.php:16

Maintenance & Trust

Aweber Subscriber Form Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Aweber Subscriber Form Alternatives

Connect Contact Form 7 and AWeber

integrate-contact-form-7-and-aweber

Integrate AWeber mailing lists with Contact Form 7. Automatically add form subscribers to your AWeber lists.

300 2 CVEs

Enudge

enudge

Easily integrate your WordPress forms and chosen forms plugin with the Enudge Email and SMS marketing platform API.

50 No CVEs

Newsletter – Send awesome emails from WordPress

newsletter

An email marketing tool for your blog: subscription forms to create your lists with unlimited subscribers and newsletters.

200K 20 CVEs

Brevo – Email, SMS, Web Push, Chat, and more.

mailin

Turn your WordPress site into a marketing powerhouse. Grow your audience, boost engagement, and drive more sales with Brevo.

100K 9 CVEs

Newsletters, Email Marketing, SMS and Popups by Omnisend

omnisend

100

Newsletters, Email Marketing, Email Automation, Forms, Pop Up, SMS by Omnisend

100K No CVEs

Developer Profile

Aweber Subscriber Form Developer Profile

Prem Tiwari

10 plugins · 12K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

238 days

View full developer profile

Detection Fingerprints

How We Detect Aweber Subscriber Form

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/aweber-subscriber-form/awe-style.css

Version Parameters

aweber-subscriber-form/awe-style.css?ver=

HTML / DOM Fingerprints

CSS Classes

aweber-widgetwidget-containerwidgettitlenameemail

Data Attributes

listnamemeta_adtrackingmeta_messagemeta_requiredmeta_forward_vars

Shortcode Output

<form action="http://www.aweber.com/scripts/addlead.pl" method="post">

FAQ