[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgPmy46QXpsSdRZGjxNT5OUkj6A5GKbBEf2kpuTgpd1A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":139,"fingerprints":181},"bcc-everything","BCC Everything","1.1.2","ffischer","https:\u002F\u002Fprofiles.wordpress.org\u002Fffischer\u002F","\u003Cp>The plugin adds additional BCC recipients to every email that’s sent through\u003Cbr \u002F>\nWordPress’ \u003Ccode>wp_mail()\u003C\u002Fcode> function. Simply enter multiple comma separated email\u003Cbr \u002F>\naddresses into the \u003Cem>BCC Recipient\u003C\u002Fem> field near the bottom of Settings -> General.\u003C\u002Fp>\n","Blind copy (Bcc) outgoing emails to additional recipients.",300,3517,90,2,"2014-10-11T12:35:00.000Z","4.0.38","2.2","",[20,21,22,23,24],"bcc","blind-copy","email","mail","wp_mail","https:\u002F\u002Fgithub.com\u002Ffelixfischer\u002Fwp-bcc-everything","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbcc-everything.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T19:13:10.244Z",[38,57,78,101,121],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":28,"num_ratings":28,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"inesta-send-mail-copy","Inesta Send Mail Copy","1.0.3","roelv","https:\u002F\u002Fprofiles.wordpress.org\u002Froelv\u002F","\u003Cp>\u003Cstrong>Inesta Send Mail Copy\u003C\u002Fstrong> is a lightweight plugin designed to help you keep track of outgoing WordPress emails by automatically sending a copy (or a BCC) to a designated email address. Whether you’re running a large-scale site and want to monitor outgoing notifications, or simply need a way to archive specific emails, this plugin provides a simple solution.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Sends a copy or BCC of all outgoing emails to a specified email address.\u003C\u002Fli>\n\u003Cli>Optionally choose between sending a direct copy or BCC for privacy.\u003C\u002Fli>\n\u003Cli>Easy-to-use settings page for configuration.\u003C\u002Fli>\n\u003Cli>Works seamlessly with the native \u003Ccode>wp_mail\u003C\u002Fcode> function.\u003C\u002Fli>\n\u003Cli>Lightweight, ensuring no performance impact.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Email Archiving\u003C\u002Fstrong>: Keep a record of every email sent from your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monitoring Email Deliverability\u003C\u002Fstrong>: Verify that emails sent to users are being properly formatted and delivered.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quality Assurance\u003C\u002Fstrong>: Check content and formatting of outgoing emails.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>Once activated, you can navigate to the plugin settings page to configure your email address and choose whether to send a direct copy or use BCC. The plugin then hooks into the \u003Ccode>wp_mail\u003C\u002Fcode> function and automatically updates the recipients according to your settings.\u003C\u002Fp>\n","Inesta Send Mail Copy is a lightweight plugin designed to help you keep track of outgoing WordPress emails by automatically sending a copy (or a BCC)  &hellip;",10,1121,"2024-10-11T12:35:00.000Z","6.6.5","5.0","7.2",[20,22,53,23,24],"email-copy","https:\u002F\u002Fwebapplicatielatenmaken.nl","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finesta-send-mail-copy.1.0.3.zip",92,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":34,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":56,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"postmark-approved-wordpress-plugin","ActiveCampaign Postmark for WordPress","1.19.1","alexknowshtml","https:\u002F\u002Fprofiles.wordpress.org\u002Falexknowshtml\u002F","\u003Cp>If you’re still sending email with default SMTP, you’re blind to delivery problems! ActiveCampaign Postmark for WordPress enables sites of any size to deliver and track WordPress notification emails reliably, with minimal setup time and zero maintenance.\u003C\u002Fp>\n\u003Cp>If you don’t already have a Postmark account, you can get one in minutes, sign up at https:\u002F\u002Fpostmarkapp.com\u003C\u002Fp>\n\u003Cp>Check out our video on how to set up the Postmark for WordPress plugin \u003Ca href=\"https:\u002F\u002Fpostmarkapp.com\u002Fwebinars\u002Fpostmark-wordpress\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Additional Resources\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpostmarkapp.com\u002Fsupport\u002Farticle\u002F1138-postmark-for-wordpress-faq\" rel=\"nofollow ugc\">Postmark for WordPress FAQ\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpostmarkapp.com\u002Fsupport\u002Farticle\u002F1129-can-i-use-the-postmark-for-wordpress-plugin-with-gravity-forms\" rel=\"nofollow ugc\">Can I use the Postmark for WordPress plugin with Gravity Forms?\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpostmarkapp.com\u002Fsupport\u002Farticle\u002F1047-how-do-i-send-with-ninja-forms-and-postmark-for-wordpress\" rel=\"nofollow ugc\">How do I send with Ninja Forms and Postmark for WordPress?\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpostmarkapp.com\u002Fsupport\u002Farticle\u002F1072-how-do-i-send-with-contact-form-7-and-postmark-for-wordpress\" rel=\"nofollow ugc\">How do I send with Contact Form 7 and Postmark for WordPress?\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpostmarkapp.com\u002Fsupport\u002Farticle\u002F1128-can-i-use-the-postmark-for-wordpress-plugin-with-divi-contact-forms\" rel=\"nofollow ugc\">Can I use the Postmark for WordPress plugin with Divi contact forms?\u003C\u002Fa>\u003C\u002Fp>\n","The officially-supported ActiveCampaign Postmark plugin for Wordpress.",50000,761312,94,"2024-11-18T20:01:00.000Z","6.7.5","5.3","7.0",[22,73,74,75,24],"notifications","postmark","smtp","https:\u002F\u002Fpostmarkapp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpostmark-approved-wordpress-plugin.1.19.1.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":97,"download_link":98,"security_score":99,"vuln_count":14,"unpatched_count":28,"last_vuln_date":100,"fetched_at":30},"smtp2go","SMTP2GO for WordPress – Email Made Easy","1.14.1","SMTP2GO","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmtp2go\u002F","\u003Cp>SMTP2GO’s WordPress plugin replaces the default built in wp_mail() functionality (phpmailer) and sends your email via SMTP2GO’s API and industry leading email delivery platform.\u003C\u002Fp>\n\u003Cp>SMTP2GO provides valuable insights into every aspect of your email’s life cycle, enabling you to track delivery rates, opens, clicks, and bounce rates. Whether your email is transactional, marketing, newsletter, contact form, or notification – we have got you covered.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The main benefits of using the official SMTP2GO plugin:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>We have made our plugin as easy and low maintenance as possible – you can set it up in under ten minutes.\u003C\u002Fli>\n\u003Cli>Take over from the default WordPress email system for more reliable delivery – you can be confident your emails have arrived at their destination inbox successfully.\u003C\u002Fli>\n\u003Cli>Get access to our intuitive real-time reporting tools. You can uncover what is going on behind the scenes with delivery, open rates, click rates, bounce, and unsubscription reports.\u003C\u002Fli>\n\u003Cli>We offer secure worldwide servers with intelligent routing for network redundancy and speedy delivery.\u003C\u002Fli>\n\u003Cli>We handle SPF and DKIM on your behalf. SMTP2GO can even turn your “http” links into “https”.\u003C\u002Fli>\n\u003Cli>Diagnose and resolve delivery issues with our insightful reporting page, or reach out to our award-winning support team who are available almost 24\u002F7 to help address problems in a timely, friendly fashion.\u003C\u002Fli>\n\u003Cli>We have a dedicated Review team who constantly monitor the reputations of our IP’s and we proactively alert members to any suspicious changes in their email regimen.\u003C\u002Fli>\n\u003Cli>Avoid poor reputation and throttling or limitations from over-used shared web hosts and other providers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.smtp2go.com\u002F\" rel=\"nofollow ugc\">Sign up here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you have questions or need assistance then feel free to contact the support team by logging into your \u003Ca href=\"https:\u002F\u002Fapp.smtp2go.com\" rel=\"nofollow ugc\">SMTP2GO dashboard\u003C\u002Fa> and clicking the support icon on the top right navigation bar.\u003C\u002Fp>\n\u003Cp>More information on this plugin is available in our \u003Ca href=\"https:\u002F\u002Fsupport.smtp2go.com\u002Fhc\u002Fen-gb\u002Farticles\u002F900000195666-SMTP2GO-WordPress-Plugin\" rel=\"nofollow ugc\">knowledgebase\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>About SMTP2GO\u003C\u002Fh3>\n\u003Cp>Founded in 2006, SMTP2GO is a fast and scalable world class email service provider for sending transactional and marketing emails. It is developed and supported by a team of delivery experts at the forefront of the email industry, providing a reliable SMTP solution for over 35,000 businesses.\u003C\u002Fp>\n\u003Cp>Complexities such as reputation monitoring, SPF and DKIM are professionally managed for each customer. Native-English speaking support is available worldwide (agents in the USA, EU, UK, Australia, and New Zealand).\u003C\u002Fp>\n\u003Cp>Our data centers are located around the world, meaning lightning-fast connection speeds, network redundancy, and GDPR compliance.\u003C\u002Fp>\n","Resolve email delivery issues, increase inbox placement, track sent email, get 24\u002F7 support, and real-time reporting.",30000,331932,100,64,"2026-03-04T01:49:00.000Z","6.9.4","6.2","7.4",[95,22,96,75,24],"delivery","inbox","https:\u002F\u002Fgithub.com\u002Fthefold\u002Fsmtp2go-wordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmtp2go.1.14.1.zip",98,"2025-07-16 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":91,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":119,"download_link":120,"security_score":88,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"zoho-mail","Zoho Mail for WordPress","1.6.2","Zoho Mail","https:\u002F\u002Fprofiles.wordpress.org\u002Fzmintegration\u002F","\u003Ch4>Zoho Mail for WordPress\u003C\u002Fh4>\n\u003Cp>Zoho Mail Plugin helps you to configure your Zoho Mail account in your WordPress site, to send emails from your Site.\u003Cbr \u002F>\nIt is recommended to use authorized server for sending emails from websites, instead of using generic hosting servers. It is possible to misuse unauthorized and unauthenticated configuration and harm the reputation of your domain\u002F website when using generic servers.\u003Cbr \u002F>\nZoho Mail plugin can help to ensure that the emails are sent from your account using Zoho Mail API’s.\u003C\u002Fp>\n\u003Ch3>PRE-REQUISITES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A Zoho Mail Account\u003C\u002Fli>\n\u003Cli>A self-hosted WordPress site\u003C\u002Fli>\n\u003Cli>PHP 5.6 or later\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ADVANTAGES OF ZOHO MAIL PLUGIN\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Zoho Mail plugin makes use of \u003Cstrong>OAuth 2.0\u003C\u002Fstrong> protocol to access Zoho Mail API. This ensures a highly secure authentication process where the Username or password is not stored so cannot be misused.\u003C\u002Fli>\n\u003Cli>Zoho Mail plugin has customized the \u003Cstrong>PHPMailer’s\u003C\u002Fstrong> code library, used in WordPress for sending email.\u003C\u002Fli>\n\u003Cli>By using \u003Cstrong>’wp_mail’\u003C\u002Fstrong> function of WordPress, Zoho Mail plugin handles the custom send mail action anywhere from the entire site, without having to change\u002F configure in every occurrence.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ZOHO MAIL API FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Zoho Mail API is authenticated using OAuth 2.0 protocol.\u003C\u002Fli>\n\u003Cli>You can configure your Zoho Mail account in your website to send email using Zoho Mail API.\u003C\u002Fli>\n\u003Cli>The emails sent will be available in the corresponding Zoho Mail account’s Sent folder.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ZOHO MAIL PLUGIN PARAMETERS\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Where is your account hosted?\u003C\u002Fstrong> :The region where your Zoho Account data resides.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client ID\u003C\u002Fstrong> :The Client ID of your Zoho Mail API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client Secret\u003C\u002Fstrong> : The Client secret of your API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authorized Redirect URI\u003C\u002Fstrong> : Authorized Redirect URL obtained from your website that is used to create Client ID.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>From Email Address\u003C\u002Fstrong> :The Email address that will be used to send all the outgoing emails from your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>From Name\u003C\u002Fstrong> :The Name that will be shown as the display name while sending all emails from your website.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ZOHO MAIL PLUGIN TEST EMAIL\u003C\u002Fh3>\n\u003Cp>After configuration, you can test the plugin. Navigate to the Zoho Mail – Test Email page in your Website settings.\u003Cbr \u002F>\n– \u003Cstrong>To\u003C\u002Fstrong> : Email address of the recipient.\u003Cbr \u002F>\n– \u003Cstrong>Subject\u003C\u002Fstrong> : Subject of the email.\u003Cbr \u002F>\n– \u003Cstrong>Content\u003C\u002Fstrong> :The message or body of the email.\u003C\u002Fp>\n\u003Cp>For in detail instructions on how to set up Zoho Mail plugin, visit \u003Ca href=\"https:\u002F\u002Fwww.zoho.com\u002Fmail\u002Fhelp\u002Fzohomail-plugin-for-wordpress.html\" rel=\"nofollow ugc\">Zoho Mail plugin page\u003C\u002Fa> .\u003Cbr \u002F>\n\u003Cstrong>Note\u003C\u002Fstrong> :\u003Cbr \u002F>\nSending emails through Zoho Mail is subjective to our Usage Policy restrictions. Please refer to our Usage Policy details \u003Ca href=\"https:\u002F\u002Fwww.zoho.com\u002Fmail\u002Fhelp\u002Fusage-policy.html\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","Zoho Mail Plugin lets you configure your Zoho Mail account on your WordPress site enabling you to send the email via Zoho Mail API.",20000,335443,76,41,"2026-01-27T05:17:00.000Z","4.8","5.6",[22,23,117,118,24],"mailer","phpmailer","http:\u002F\u002Fmail.zoho.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzoho-mail.1.6.2.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":99,"num_ratings":131,"last_updated":132,"tested_up_to":91,"requires_at_least":50,"requires_php":93,"tags":133,"homepage":135,"download_link":136,"security_score":137,"vuln_count":33,"unpatched_count":28,"last_vuln_date":138,"fetched_at":30},"wpo365-msgraphmailer","WPO365 | MICROSOFT 365 GRAPH MAILER","4.2","Marco van Wieren","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpo365\u002F","\u003Cp>\u003Cstrong>WPO365 | MS GRAPH MAILER\u003C\u002Fstrong> provides you with a modern, reliable and efficient way to send WordPress transactional emails from one of your Microsoft 365 \u002F Exchange Online \u002F Mail enabled accounts.\u003C\u002Fp>\n\u003Cp>The plugin re-configures your WordPress website to send emails using the \u003Cstrong>Microsoft Graph API\u003C\u002Fstrong> instead of – for example – SMTP. Sending WordPress emails using the \u003Cstrong>Microsoft Graph API\u003C\u002Fstrong> has become the only available alternative after Microsoft has disabled basic authentication (username and password) over the SMTP protocol.\u003C\u002Fp>\n\u003Ch4>DELIVERY\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Send WordPress transactional emails from one of your \u003Cstrong>Microsoft 365 Exchange Online \u002F Mail enabled accounts\u003C\u002Fstrong> using Microsoft Graph instead of – for example – SMTP.\u003C\u002Fli>\n\u003Cli>Choose between delegated (send mail as a user) and application-level (send mail as any user) type permissions.\u003C\u002Fli>\n\u003Cli>Or: Select either a Microsoft 365 account or a personal Microsoft account, like Hotmail.com or Outlook.com, to send WordPress emails.\u003C\u002Fli>\n\u003Cli>Or: Configure \u003Ca href=\"https:\u002F\u002Flearn.microsoft.com\u002Fen-us\u002FExchange\u002Fpermissions-exo\u002Fapplication-rbac\" rel=\"nofollow ugc\">RBAC for Exchange Online\u003C\u002Fa> and authorize as an application but with a limited scope e.g. one specific mailbox.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SEND AS HTML\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Send emails formatted as \u003Cstrong>HTML\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SAVE TO SENT ITEMS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Emails sent will be saved in the account’s mailbox in the \u003Cstrong>Sent Items\u003C\u002Fstrong> folder, further helping to track (successful) mail delivery.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>ATTACHMENTS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Send files from your WordPress website as \u003Cem>attachments\u003C\u002Fem>. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WPO365 INSIGHTS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>See what matters, when it happens\u003C\u002Fstrong> Track key WPO365 events like sent emails with WPO365 Insights \u003Ca href=\"https:\u002F\u002Fdocs.wpo365.com\u002Farticle\u002F210-wpo365-insights\" rel=\"nofollow ugc\">more\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>CONFIGURATION \u002F TEST EMAIL DELIVERY\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy configuration with detailed step-by-step \u003Ca href=\"https:\u002F\u002Fdocs.wpo365.com\u002Farticle\u002F141-send-email-using-microsoft-graph-mailer\" rel=\"nofollow ugc\">Getting started\u003C\u002Fa> guide and video.\u003C\u002Fli>\n\u003Cli>Send \u003Cem>test email\u003C\u002Fem> to recipients incl. CC, BCC and attachment.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F1CK7Fl8f8iA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>ADD FUNCTIONALITY WITH PREMIUM EXTENSIONS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The following features can be unlocked with the \u003Ca href=\"https:\u002F\u002Fwww.wpo365.com\u002Fdownloads\u002Fwpo365-mail\u002F\" rel=\"nofollow ugc\">WPO365 | MAIL\u003C\u002Fa> extension.\u003C\u002Fp>\n\u003Ch4>WPO365 INSIGHTS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Get \u003Cstrong>WPO35 Alerts\u003C\u002Fstrong> in your inbox when email delivery is failing \u003Ca href=\"https:\u002F\u002Fdocs.wpo365.com\u002Farticle\u002F210-wpo365-insights\" rel=\"nofollow ugc\">more\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Auto-Retry\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Log every email\u003C\u002Fstrong> sent from your WordPress website, review errors and (automatically) try to send unsuccessfully \u003Cstrong>sent mails again\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>LARGE ATTACHMENTS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add support to send WordPress emails with \u003Cstrong>attachments larger than 3 MB\u003C\u002Fstrong> using Microsoft Graph.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SEND AS \u002F SEND ON BEHALF OF\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Send email \u003Cstrong>as \u002F on behalf of\u003C\u002Fstrong> another user or distribution list.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SHARED MAILBOX\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Send email from \u003Cstrong>Microsoft 365 Shared Mailbox\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>STAGING MODE\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Mail Staging Mode\u003C\u002Fstrong> is useful for debugging and staging environments. WordPress emails will be logged and saved in the database instead of being sent.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>DYNAMIC SEND-FROM\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow forms to \u003Cstrong>override “From”\u003C\u002Fstrong> address e.g allow Contact Form 7 to dynamically configure the account used to send the email from (requires application-level Mail.Send permissions).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>MAIL THROTTLE\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Throttle\u003C\u002Fstrong> the number of emails sent from your website per minute.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP-CONFIG FOR AAD SECRETS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Further improve overall security by choosing to store Azure Active Directory secrets in your WordPress WP-Config.php (on disk) and have those secrets removed from the database.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>SEND AS BCC\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Send emails \u003Cstrong>as BCC\u003C\u002Fstrong> instead and prevent reply-to-all mail pollution.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>REPLY-TO\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Configure a \u003Cstrong>default reply-to\u003C\u002Fstrong> mail address if this should differ from the account’s mail address that is used to send WordPress transactional emails from.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Prerequisites\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We have tested our plugin with WordPress >= 5.0 and PHP >= 5.6.40.\u003C\u002Fli>\n\u003Cli>You need to be an Entra ID Tenant Administrator to configure both Azure Active Directory and the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We will go to great length trying to support you if the plugin doesn’t work as expected. Go to our \u003Ca href=\"https:\u002F\u002Fwww.wpo365.com\u002Fhow-to-get-support\u002F\" rel=\"nofollow ugc\">Support Page\u003C\u002Fa> to get in touch with us. We haven’t been able to test our plugin in all endless possible WordPress configurations and versions so we are keen to hear from you and happy to learn!\u003C\u002Fp>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>We are keen to hear from you so share your feedback with us on \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fdownloads-by-van-wieren\" rel=\"nofollow ugc\">LinkedIn\u003C\u002Fa> and help us get better!\u003C\u002Fp>\n\u003Ch3>Open Source\u003C\u002Fh3>\n\u003Cp>When you’re a developer and interested in the code you should have a look at our repo over at \u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpo365-msgraphmailer\u002F\" rel=\"nofollow ugc\">WordPress\u003C\u002Fa>.\u003C\u002Fp>\n","Send WordPress emails from a M365 \u002F Exchange Online Mailbox using Microsoft Graph, leveraging OAuth for authentication which is more secure than SMTP",10000,180605,37,"2025-12-07T21:56:00.000Z",[22,134,118,75,24],"microsoft","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpo365-msgraphmailer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpo365-msgraphmailer.4.2.zip",99,"2025-02-23 22:53:02",{"attackSurface":140,"codeSignals":156,"taintFlows":168,"riskAssessment":169,"analyzedAt":180},{"hooks":141,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":155,"entryPointCount":28,"unprotectedCount":28},[142,147],{"type":143,"name":24,"callback":144,"file":145,"line":146},"filter","bcc_everything","bcc-everything.php",16,{"type":148,"name":149,"callback":150,"file":145,"line":151},"action","admin_init","bcce_plugin_options",48,[],[],[],[],{"dangerousFunctions":157,"sqlUsage":158,"outputEscaping":160,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":167},[],{"prepared":28,"raw":28,"locations":159},[],{"escaped":28,"rawEcho":14,"locations":161},[162,165],{"file":145,"line":163,"context":164},81,"raw output",{"file":145,"line":166,"context":164},91,[],[],{"summary":170,"deductions":171},"The 'bcc-everything' plugin v1.1.2 demonstrates a generally good security posture based on the provided static analysis and vulnerability history. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, the code signals indicate no dangerous functions, file operations, external HTTP requests, or bundled libraries, which are all positive indicators.  The fact that all SQL queries utilize prepared statements is a strong practice for preventing SQL injection vulnerabilities. The plugin also shows no recorded vulnerabilities, including CVEs, which suggests a history of secure development or diligent patching by its maintainers.\n\nHowever, a significant concern arises from the output escaping. With 100% of the observed outputs being unescaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data displayed to users, if not properly escaped, could be exploited to inject malicious scripts. Additionally, the absence of nonce checks and capability checks across all entry points (even though there are none) implies that if any were introduced in future versions or if the attack surface expands, they would be unprotected. This highlights a potential gap in security awareness or implementation for handling user-submitted data that is rendered.\n\nIn conclusion, while the plugin benefits from a minimal attack surface and secure database practices, the critical lack of output escaping represents a substantial risk. The vulnerability history is reassuring, but the static analysis reveals a clear area for improvement. Prioritizing output sanitization is crucial to mitigate the risk of XSS attacks and ensure a more robust security profile for this plugin.",[172,175,178],{"reason":173,"points":174},"Unescaped output identified",8,{"reason":176,"points":177},"Missing nonce checks",5,{"reason":179,"points":177},"Missing capability checks","2026-03-16T19:57:39.257Z",{"wat":182,"direct":187},{"assetPaths":183,"generatorPatterns":184,"scriptPaths":185,"versionParams":186},[],[],[],[],{"cssClasses":188,"htmlComments":189,"htmlAttributes":190,"restEndpoints":191,"jsGlobals":192,"shortcodeOutput":193},[],[],[],[],[],[]]