WP-Safety

Aweber Super Simple Security & Risk Analysis

wordpress.org/plugins/aweber-super-simple

AWeber Super Simple allows you to subscribe users to an AWeber autoresponder when they register on your blog. NOTE: ALPHA VERSION. Be careful.

10 active installs v0.1.2 PHP + WP 2.7.1+ Updated Jun 30, 2009
autoresponderawebersubscription
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Aweber Super Simple Safe to Use in 2026?

Generally Safe

Score 85/100

Aweber Super Simple has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago
Risk Assessment

The "aweber-super-simple" plugin v0.1.2 exhibits a generally good security posture with no documented vulnerabilities or critical taint flows. The attack surface is minimal, with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no unprotected entry points were found. This indicates a potentially well-designed plugin in terms of access control and limiting external interaction points.

However, significant concerns arise from the static code analysis. The complete absence of nonce checks and capability checks, coupled with 100% of SQL queries being unparameterized, presents a substantial risk. While the attack surface is small, any functionality that does exist could be vulnerable to CSRF attacks and privilege escalation if data is being manipulated. The low rate of output escaping (6%) also suggests a potential for XSS vulnerabilities, especially if dynamic data is displayed to users without proper sanitization.

In conclusion, the plugin's strength lies in its limited attack surface and lack of historical vulnerabilities. However, the identified code signals regarding SQL queries, nonce checks, capability checks, and output escaping point to critical weaknesses that could be exploited. These are fundamental security practices that are currently missing, making the plugin potentially vulnerable despite its clean history. Addressing these code-level issues is paramount for improving its security.

Key Concerns

  • SQL queries not using prepared statements
  • No nonce checks
  • No capability checks
  • Low percentage of properly escaped output
Vulnerabilities
None known

Aweber Super Simple Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Aweber Super Simple Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

Aweber Super Simple Code Analysis

Dangerous Functions
0
Raw SQL Queries
7
0 prepared
Unescaped Output
17
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
1
Bundled Libraries
0

SQL Query Safety

0% prepared7 total queries

Output Escaping

6% escaped18 total outputs
Attack Surface

Aweber Super Simple Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
actionactivate_aweber-super-simple/aweber-super-simple.phpaweber.class.php:62
actiondeactivate_aweber-super-simple/aweber-super-simple.phpaweber.class.php:63
actionadmin_menuaweber.class.php:66
actionuser_registeraweber.class.php:67
actionregister_formaweber.class.php:68
Maintenance & Trust

Aweber Super Simple Maintenance & Trust

Maintenance Signals

WordPress version tested2.8
Last updatedJun 30, 2009
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Aweber Super Simple Alternatives

SendPulse Email Marketing Newsletter

SendPulse Email Marketing Newsletter

sendpulse-email-marketing-newsletter

A
96

Add a customizable email subscription form to your site, send newsletters, and automate email campaigns with autoresponders using SendPulse.

1K 3 CVEs
Hostinger Reach – AI-Powered Email Marketing for WordPress

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

A
99

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M 1 CVE
Newsletter – Send awesome emails from WordPress

Newsletter – Send awesome emails from WordPress

newsletter

A
89

An email marketing tool for your blog: subscription forms to create your lists with unlimited subscribers and newsletters.

200K 20 CVEs
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments

SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments

surecart

A
96

Make ecommerce easy with a simple-to-use, all-in-one platform that anyone can set up in just a few minutes!

90K 3 CVEs
Hustle – Email Marketing, Lead Generation, Optins, Popups

Hustle – Email Marketing, Lead Generation, Optins, Popups

wordpress-popup

A
88

Setup email optin forms, popups, newsletter forms & subscription forms to generate email leads with the best marketing popup builder

90K 9 CVEs
Developer Profile

Aweber Super Simple Developer Profile

Dave Doolin

3 plugins · 90 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Aweber Super Simple

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/aweber-super-simple/css/install.css/wp-content/plugins/aweber-super-simple/css/install-rtl.css

HTML / DOM Fingerprints

CSS Classes
error-page
HTML Comments
All the code in this file is either dead, or related to * code that handled AWeber signups for people adding * comments to the blog. Comment registration will come * back in the future. Hold on to this code until comment * registration is correctly implemented.Gross.
Data Attributes
name="awebersub"id="awebersub"name="meta_web_form_id"name="meta_split_id"name="unit"name="redirect"+10 more
JS Globals
window.aweberdocument.forms['awebersub']document.getElementById('continue')document.getElementById('redir')
FAQ

Frequently Asked Questions about Aweber Super Simple