WP-Safety

Custom Email Template Security & Risk Analysis

wordpress.org/plugins/custom-email-template

Customize how all emails from your WordPress site look and are delivered with a professional template and SMTP support.

10 active installs v1.1.4 PHP 7.4+ WP 5.6+ Updated Jan 20, 2026
email-brandingemail-customizationemail-templatesmtpwoocommerce-email
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Custom Email Template Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Email Template has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "custom-email-template" plugin v1.1.4 exhibits a mixed security posture. On the positive side, it demonstrates good practices in handling SQL queries, exclusively using prepared statements, and shows no history of known vulnerabilities (CVEs). The taint analysis also reveals no critical or high-severity unsanitized flows, which is a strong indicator of secure code concerning data manipulation. However, significant concerns arise from the identified attack surface. With two AJAX handlers and both lacking authentication checks, this presents a substantial risk of unauthorized access and execution of plugin functionality. Furthermore, while nonce checks are present, their absence on these critical entry points is a notable weakness. The percentage of properly escaped output is also a concern, as poorly escaped output can lead to Cross-Site Scripting (XSS) vulnerabilities.

Key Concerns

  • AJAX handlers without authentication checks
  • Insufficient output escaping
Vulnerabilities
None known

Custom Email Template Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Custom Email Template Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
72
135 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

65% escaped207 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<admin-page> (templates\admin-page.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Custom Email Template Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_custom_email_template_send_testincludes\class-custom-email-template.php:75
authwp_ajax_custom_email_template_test_smtpincludes\class-custom-email-template.php:76
WordPress Hooks 11
actionadmin_enqueue_scriptsincludes\class-custom-email-template.php:66
actionadmin_initincludes\class-custom-email-template.php:69
actionadmin_menuincludes\class-custom-email-template.php:72
filterwp_redirectincludes\class-custom-email-template.php:79
filterwp_mail_content_typeincludes\class-custom-email-template.php:92
filterwp_mail_fromincludes\class-custom-email-template.php:95
filterwp_mail_from_nameincludes\class-custom-email-template.php:96
filterwp_mail_headersincludes\class-custom-email-template.php:99
filterwp_mailincludes\class-custom-email-template.php:102
actionphpmailer_initincludes\class-custom-email-template.php:105
actionphpmailer_initincludes\class-custom-email-template.php:118
Maintenance & Trust

Custom Email Template Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 20, 2026
PHP min version7.4
Downloads627

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Custom Email Template Alternatives

EmailKit – Email Customizer for WooCommerce & WP

EmailKit – Email Customizer for WooCommerce & WP

emailkit

A
96

EmailKit is a powerful WordPress and WooCommerce email customizer tool, free for everyone! It allows users to customize and design templates that show &hellip;

70K 3 CVEs
YayMail – WooCommerce Email Customizer

YayMail – WooCommerce Email Customizer

yaymail

A
91

Customize WooCommerce email templates with an advanced drag-and-drop email builder. Works great with 80+ WooCommerce Email Customizer Addons.

50K 4 CVEs
Email Template Customizer for WooCommerce

Email Template Customizer for WooCommerce

email-template-customizer-for-woo

A
98

Make your WooCommerce emails become professional.

20K 2 CVEs
Email Templates Customizer and Designer for WordPress and WooCommerce

Email Templates Customizer and Designer for WordPress and WooCommerce

email-templates

A
99

Design and send custom emails with Email Templates plugin for WordPress and WooCommerce

20K 2 CVEs
Email Template Designer – WP HTML Mail

Email Template Designer – WP HTML Mail

wp-html-mail

A
89

All in one email template designer for WooCommerce, Ninja Forms, Elementor Forms, Gravity Forms, CF7, Support Plus, EDD, ...

20K 4 CVEs
Developer Profile

Custom Email Template Developer Profile

swiftspeed

2 plugins · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Custom Email Template

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/custom-email-template/assets/css/admin.css/wp-content/plugins/custom-email-template/assets/js/admin.js
Version Parameters
custom-email-template/assets/css/admin.css?ver=custom-email-template/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
custom-email-template-settings
HTML Comments
<!-- Custom Email Template Options -->
Data Attributes
data-tab
JS Globals
customEmailTemplateSettings
FAQ

Frequently Asked Questions about Custom Email Template