Does Check & Log Email – Easy Email Testing & Mail logging have any unpatched vulnerabilities?

No. All known vulnerabilities in Check & Log Email – Easy Email Testing & Mail logging have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Check & Log Email – Easy Email Testing & Mail logging compatible with WordPress 6.9.4?

According to WordPress.org data, Check & Log Email – Easy Email Testing & Mail logging 2.0.12 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Check & Log Email – Easy Email Testing & Mail logging compatible with PHP 5.6+?

Check & Log Email – Easy Email Testing & Mail logging requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Check & Log Email – Easy Email Testing & Mail logging's security score?

Check & Log Email – Easy Email Testing & Mail logging has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Check & Log Email – Easy Email Testing & Mail logging Security Review

Safety Verdict

Is Check & Log Email – Easy Email Testing & Mail logging Safe to Use in 2026?

Generally Safe

Score 97/100

Check & Log Email – Easy Email Testing & Mail logging has a strong security track record. Known vulnerabilities have been patched promptly.

5 known CVEsLast CVE: Mar 25, 2024Updated 1mo ago

Risk Assessment

The "check-email" plugin v2.0.12 exhibits a mixed security posture. While it demonstrates good practices in its use of prepared statements for SQL queries and proper output escaping, suggesting a general effort towards secure coding, several concerning areas warrant attention. The presence of 2 AJAX handlers without authentication checks is a significant risk, potentially allowing unauthorized actions. Furthermore, taint analysis revealed 2 high-severity flows with unsanitized paths, indicating potential vulnerabilities that could be exploited.

The plugin's vulnerability history, with 5 known CVEs including 2 high and 3 medium severity, is a significant red flag. The common vulnerability types (Code Injection, SQL Injection, XSS) found in its past, coupled with the recent discovery of vulnerabilities (last one on 2024-03-25), suggest a recurring pattern of security weaknesses that attackers have successfully exploited. While there are currently no unpatched CVEs, the historical trend implies a persistent need for vigilance and rigorous security testing.

In conclusion, the "check-email" plugin has strengths in its data handling and output sanitization but suffers from critical weaknesses in access control for its AJAX endpoints and has a concerning track record of vulnerabilities. The identified taint flows and past CVEs highlight a need for deeper code auditing and a robust patch management process to mitigate the risks.

Key Concerns

AJAX handlers without auth checks
High severity taint flows
Total known CVEs (5)
High severity CVEs (2)
Medium severity CVEs (3)
Flows with unsanitized paths

Vulnerabilities

5

Check & Log Email – Easy Email Testing & Mail logging Security Vulnerabilities

CVEs by Year

1 CVE in 2016

2016

2 CVEs in 2021

2021

1 CVE in 2022

2022

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

2

Medium

3

5 total CVEs

CVE-2024-0866high · 8.1Improper Control of Generation of Code ('Code Injection')

Check & Log Email <= 1.0.9 - Unauthenticated Hook Injection

Mar 25, 2024 Patched in 1.0.10 (1d)

CVE-2022-1547medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Check & Log email <= 1.0.5 - Reflected Cross-Site Scripting

May 2, 2022 Patched in 1.0.6 (631d)

CVE-2021-24908medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Check & Log Email <= 1.0.3 - Reflected Cross-Site Scripting

Nov 1, 2021 Patched in 1.0.4 (813d)

CVE-2021-24774high · 7.2Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Check & Log Email <= 1.0.2 - Admin+ SQL Injection via Order and OrderBy parameters

Sep 27, 2021 Patched in 1.0.3 (848d)

CVE-2016-10934medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Check & Log Email <= 0.5.1 - Reflected Cross-Site Scripting

Nov 12, 2016 Patched in 0.5.2 (2628d)

Code Analysis

Analyzed Mar 16, 2026

Check & Log Email – Easy Email Testing & Mail logging Code Analysis

Dangerous Functions

0

Raw SQL Queries

7

70 prepared

Unescaped Output

115

755 escaped

Nonce Checks

27

Capability Checks

25

File Operations

2

External Requests

9

Bundled Libraries

1

Bundled Libraries

Guzzle

SQL Query Safety

91% prepared77 total queries

Output Escaping

87% escaped870 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

22 flows6 with unsanitized paths

search_box (include\Core\UI\list_table\Check_Email_Error_Tracker.php:202)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Check & Log Email – Easy Email Testing & Mail logging Attack Surface

Entry Points22

Unprotected2

AJAX Handlers 21

authwp_ajax_check_email_remove_outlookinclude\Check_Email_SMTP_Tab.php:18

authwp_ajax_ck_mail_subscribe_to_news_letterinclude\class-check-email-newsletter.php:20

authwp_ajax_ck_mail_export_logsinclude\Core\Check_Email_Export_Log.php:17

authwp_ajax_ck_email_export_filter_popupinclude\Core\Check_Email_Export_Log.php:18

authwp_ajax_epsilon_check-email_reviewinclude\Core\Check_Email_Review.php:30

authwp_ajax_check-email-log-list-view-messageinclude\Core\Request\Check_Email_Log_List_Action.php:12

authwp_ajax_check-email-error-tracker-detailinclude\Core\Request\Check_Email_Log_List_Action.php:13

authwp_ajax_check-email-log-list-view-resend-messageinclude\Core\Request\Check_Email_Log_List_Action.php:14

authwp_ajax_check_mail_resend_submitinclude\Core\Request\Check_Email_Log_List_Action.php:15

authwp_ajax_check_mail_import_plugin_datainclude\Core\Request\Check_Email_Log_List_Action.php:16

authwp_ajax_oneclick_smtp_installinclude\Core\UI\Page\Check_Email_Settings_Page.php:17

authwp_ajax_oneclick_smtp_activateinclude\Core\UI\Page\Check_Email_Settings_Page.php:18

authwp_ajax_ce_send_query_messageinclude\Core\UI\Page\Check_Email_Settings_Page.php:19

authwp_ajax_check_mail_save_wizard_datainclude\Core\UI\Page\Check_Email_Wizard_Page.php:26

authwp_ajax_ck_mail_send_feedbackinclude\helper-function.php:116

authwp_ajax_ck_mail_subscribe_newsletterinclude\helper-function.php:143

authwp_ajax_update_network_settingsinclude\helper-function.php:603

authwp_ajax_check_dnsinclude\helper-function.php:665

authwp_ajax_check_email_analyzeinclude\helper-function.php:807

authwp_ajax_checkmail_save_admin_fcm_tokeninclude\helper-function.php:809

authwp_ajax_get_email_analyticsinclude\helper-function.php:1318

Shortcodes 1

[checkmail-encode] include\helper-function.php:942

WordPress Hooks 83

actionadmin_noticescheck-email.php:67

actionadmin_initcheck-email.php:78

filtercheck_mail_pro_upgrade_bannercheck-email.php:85

actionplugins_loadedcheck-email.php:192

actioninitinclude\Check_Email_Encode_Tab.php:17

actioncheck_mail_email_encodeinclude\Check_Email_Encode_Tab.php:26

actionadmin_initinclude\Check_Email_Encode_Tab.php:27

actioninitinclude\Check_Email_Notify_Tab.php:20

actionadmin_enqueue_scriptsinclude\Check_Email_Notify_Tab.php:21

actionwp_mail_failedinclude\Check_Email_Notify_Tab.php:22

actioncheck_mail_email_notifyinclude\Check_Email_Notify_Tab.php:78

actionadmin_initinclude\Check_Email_Notify_Tab.php:79

actioninitinclude\Check_Email_Notify_Tab.php:82

actioncheck_mail_smtp_forminclude\Check_Email_SMTP_Tab.php:16

actionadmin_initinclude\Check_Email_SMTP_Tab.php:17

actionphpmailer_initinclude\Check_Email_SMTP_Tab.php:21

actioncheck_mail_smtp_admin_updateinclude\Check_Email_SMTP_Tab.php:22

actionadmin_noticesinclude\Check_Email_SMTP_Tab.php:23

actionadmin_noticesinclude\Check_Email_SMTP_Tab.php:94

filterck_mail_localize_filterinclude\class-check-email-newsletter.php:18

actionadmin_enqueue_scriptsinclude\class-check-email-newsletter.php:19

filteruser_has_capinclude\Core\Check_Email_Admin_Capability_Giver.php:10

filterwp_mailinclude\Core\Check_Email_From_Handler.php:22

filterwp_mail_frominclude\Core\Check_Email_From_Handler.php:23

filterwp_mail_from_nameinclude\Core\Check_Email_From_Handler.php:24

filterwp_mailinclude\Core\Check_Email_Logger.php:10

actionwp_mail_failedinclude\Core\Check_Email_Logger.php:11

actionbp_send_email_successinclude\Core\Check_Email_Logger.php:17

actionbp_send_email_failureinclude\Core\Check_Email_Logger.php:18

actioninitinclude\Core\Check_Email_Multisite.php:11

actioninitinclude\Core\Check_Email_Multisite.php:12

actionnetwork_admin_menuinclude\Core\Check_Email_Multisite.php:20

actionadmin_enqueue_scriptsinclude\Core\Check_Email_Multisite.php:21

actioninitinclude\Core\Check_Email_Review.php:17

actionadmin_noticesinclude\Core\Check_Email_Review.php:29

actionadmin_enqueue_scriptsinclude\Core\Check_Email_Review.php:31

actionadmin_print_footer_scriptsinclude\Core\Check_Email_Review.php:32

actionwpmu_new_bloginclude\Core\DB\Check_Email_Table_Manager.php:30

filterwpmu_drop_tablesinclude\Core\DB\Check_Email_Table_Manager.php:32

filteradmin_initinclude\Core\DB\Check_Email_Table_Manager.php:34

filteradmin_initinclude\Core\DB\Check_Email_Table_Manager.php:35

actionadmin_initinclude\Core\DB\Check_Email_Table_Manager.php:39

actioncheck_mail_cron_hookinclude\Core\DB\Check_Email_Table_Manager.php:40

actioncheck-email-log-list-deleteinclude\Core\Request\Check_Email_Log_List_Action.php:18

actioncheck-email-log-list-delete-allinclude\Core\Request\Check_Email_Log_List_Action.php:19

actioncheck-email-error-tracker-deleteinclude\Core\Request\Check_Email_Log_List_Action.php:20

actioncheck-email-error-tracker-delete-allinclude\Core\Request\Check_Email_Log_List_Action.php:21

actioncheck-email-log-list-manage-user-roles-changedinclude\Core\Request\Check_Email_Log_List_Action.php:22

actionadmin_initinclude\Core\Request\Check_Email_Log_List_Action.php:23

actionadmin_initinclude\Core\Request\Check_Email_Nonce_Checker.php:14

actionadmin_initinclude\Core\Request\Check_Email_Override_PluginAPI.php:16

filterplugins_api_resultinclude\Core\Request\Check_Email_Override_PluginAPI.php:18

actionwp_dashboard_setupinclude\Core\UI\Component\Check_Email_Dashboard_Widget.php:9

actionadmin_enqueue_scriptsinclude\Core\UI\Page\Check_Email_Analyzer.php:25

actioninitinclude\Core\UI\Page\Check_Email_Analyzer.php:26

actionadmin_headinclude\Core\UI\Page\Check_Email_Analyzer.php:27

actionadmin_menuinclude\Core\UI\Page\Check_Email_BasePage.php:40

actionadmin_enqueue_scriptsinclude\Core\UI\Page\Check_Email_Dashboard.php:27

filterset-screen-optioninclude\Core\UI\Page\Check_Email_Error_Tracker_list.php:33

actionadmin_enqueue_scriptsinclude\Core\UI\Page\Check_Email_Error_Tracker_list.php:35

filterset-screen-optioninclude\Core\UI\Page\Check_Email_Log_List_Page.php:23

actionadmin_enqueue_scriptsinclude\Core\UI\Page\Check_Email_Log_List_Page.php:25

actioninitinclude\Core\UI\Page\Check_Email_Settings_Page.php:8

actionadmin_initinclude\Core\UI\Page\Check_Email_Settings_Page.php:16

actionadmin_noticesinclude\Core\UI\Page\Check_Email_Settings_Page.php:738

actionadmin_enqueue_scriptsinclude\Core\UI\Page\Check_Email_Status_Page.php:28

actionadmin_enqueue_scriptsinclude\Core\UI\Page\Check_Email_Wizard_Page.php:25

filtercheck_email_setting_sectionsinclude\Core\UI\Setting\Check_Email_Core_Setting.php:89

actioncheck_email_log_insertedinclude\Core\UI\Setting\Check_Email_Core_Setting.php:94

actioncheck_email_trigger_notify_email_when_log_threshold_metinclude\Core\UI\Setting\Check_Email_Core_Setting.php:95

actionadmin_noticesinclude\Core\UI\Setting\Check_Email_Core_Setting.php:407

filtercheck_email_setting_sectionsinclude\Core\UI\Setting\Check_Email_Setting.php:23

actionadmin_enqueue_scriptsinclude\Core\UI\Setting\Check_Email_Tools_Tab.php:13

filteradmin_footerinclude\helper-function.php:44

actionadmin_enqueue_scriptsinclude\helper-function.php:140

actionwpinclude\helper-function.php:935

actioninitinclude\helper-function.php:938

actionwp_enqueue_scriptsinclude\helper-function.php:1101

actioninitinclude\helper-function.php:1172

actionwp_dashboard_setupinclude\helper-function.php:1240

actionadmin_enqueue_scriptsinclude\helper-function.php:1261

actionwpmu_new_bloginclude\install.php:74

filterwpmu_drop_tablesinclude\install.php:77

Scheduled Events 1

check_mail_cron_hook

Maintenance & Trust

Check & Log Email – Easy Email Testing & Mail logging Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 3, 2026

PHP min version5.6

Downloads2.6M

Community Trust

Rating96/100

Number of ratings281

Active installs100K

Alternatives

Check & Log Email – Easy Email Testing & Mail logging Alternatives

Mail via Resend

mail-via-resend

A

100

Send WordPress emails via Resend. Includes email logging and management.

0 No CVEs

WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin

wp-mail-smtp

A

99

Make email delivery easy for WordPress. Connect with SMTP, Gmail, Outlook, SendGrid, Mailgun, SES, Zoho, + more. Rated #1 WordPress SMTP Email plugin.

4.0M 2 CVEs

Easy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more

easy-wp-smtp

A

91

Make SMTP email sending and delivery easy. Configure Gmail, Outlook, Brevo, SendGrid, Mailgun, SendLayer or connect to any SMTP server.

500K 8 CVEs

Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App

post-smtp

B

76

Improve WordPress email deliverability. Connect Gmail SMTP, Microsoft 365, Brevo, SendGrid, Mailgun, Zoho, Amazon SES, etc. #1 WordPress SMTP Plugin.

400K 21 CVEs

WP Mail Logging

wp-mail-logging

A

89

Log, view, and resend all emails sent from your WordPress site. Great for resolving email sending issues or keeping a copy for auditing.

300K 6 CVEs

Developer Profile

Check & Log Email – Easy Email Testing & Mail logging Developer Profile

checkemail

1 plugin · 100K total installs

77

trust score

Avg Security Score

97/100

Avg Patch Time

984 days

View full developer profile

Detection Fingerprints

How We Detect Check & Log Email – Easy Email Testing & Mail logging

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/check-email/assets/css/main.css/wp-content/plugins/check-email/assets/css/vendor.css/wp-content/plugins/check-email/assets/js/bundle.js/wp-content/plugins/check-email/assets/js/main.js

Script Paths

/wp-content/plugins/check-email/assets/js/main.js/wp-content/plugins/check-email/assets/js/bundle.js

Version Parameters

check-email/assets/css/main.css?ver=check-email/assets/css/vendor.css?ver=check-email/assets/js/bundle.js?ver=check-email/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

celog-bannercelog-banner--yellowcheck-mail-premium-btncelog-banner__iconcelog-banner__bodycelog-banner__titlecelog-banner__close

HTML Comments

NOTE:Chris Taylor transferred ownership rights on: The MachoThemes ownership period started on: MachoThemes sold the plugin to WPOmnia on: +4 more

Data Attributes

data-dismiss-key

JS Globals

wpchill_check_email

FAQ

Check & Log Email – Easy Email Testing & Mail logging Security & Risk Analysis

Is Check & Log Email – Easy Email Testing & Mail logging Safe to Use in 2026?

Generally Safe

Key Concerns

Check & Log Email – Easy Email Testing & Mail logging Security Vulnerabilities

CVEs by Year

Severity Breakdown

Check & Log Email – Easy Email Testing & Mail logging Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Check & Log Email – Easy Email Testing & Mail logging Attack Surface

AJAX Handlers 21

Shortcodes 1

Scheduled Events 1

Check & Log Email – Easy Email Testing & Mail logging Maintenance & Trust

Maintenance Signals

Community Trust

Check & Log Email – Easy Email Testing & Mail logging Alternatives

Mail via Resend

WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin

Easy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more

Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App

WP Mail Logging

Check & Log Email – Easy Email Testing & Mail logging Developer Profile

How We Detect Check & Log Email – Easy Email Testing & Mail logging

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Check & Log Email – Easy Email Testing & Mail logging