[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgKCGtMQv6MulnKIV1CCGTYzjicaDWjw1d6eef4BRsS4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":90,"crawl_stats":38,"alternatives":95,"analysis":188,"fingerprints":461},"debounce-io-email-validator","DeBounce Email Validator","5.8.7","debounce","https:\u002F\u002Fprofiles.wordpress.org\u002Fdebounce\u002F","\u003Ch3>🚀 Transform Your Email Quality with AI-Powered Validation\u003C\u002Fh3>\n\u003Cp>Tired of fake emails, spam traps, and disposable addresses cluttering your database? DeBounce Email Validator is the ultimate solution for WordPress websites that demand real, deliverable email addresses.\u003C\u002Fp>\n\u003Ch3>Why Choose DeBounce?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>99.9% Accuracy Rate\u003C\u002Fstrong> – Industry-leading validation precision  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero IP Impact\u003C\u002Fstrong> – No emails sent, no blacklisting risk  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant\u003C\u002Fstrong> – Complete privacy protection  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Validation\u003C\u002Fstrong> – Instant feedback for users  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced AI Detection\u003C\u002Fstrong> – Catches sophisticated spam attempts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Perfect For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>E-commerce stores (WooCommerce)  \u003C\u002Fli>\n\u003Cli>Lead generation forms  \u003C\u002Fli>\n\u003Cli>User registration systems  \u003C\u002Fli>\n\u003Cli>Contact forms  \u003C\u002Fli>\n\u003Cli>Newsletter signups  \u003C\u002Fli>\n\u003Cli>Any WordPress form  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Install, connect your API key, and watch your email quality soar while reducing spam and improving conversion rates.\u003C\u002Fp>\n\u003Ch3>Supported Forms and Plugins\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🛒 E-COMMERCE & BUSINESS FORMS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce – Validate shipping and billing emails  \u003C\u002Fli>\n\u003Cli>Gravity Forms – Enterprise-grade form validation  \u003C\u002Fli>\n\u003Cli>Contact Form 7 – Most popular contact form plugin  \u003C\u002Fli>\n\u003Cli>WPForms – Drag & drop form builder  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🏗️ ADVANCED FORM BUILDERS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ninja Forms – Professional form creation  \u003C\u002Fli>\n\u003Cli>Formidable Forms – Complex form solutions  \u003C\u002Fli>\n\u003Cli>Forminator – Modern form builder  \u003C\u002Fli>\n\u003Cli>Fluent Forms – Advanced form management  \u003C\u002Fli>\n\u003Cli>Elementor Forms – Page builder integration  \u003C\u002Fli>\n\u003Cli>WSForms – Premium form builder  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>⚙️ WORDPRESS CORE FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress Comments – Validate commenter emails  \u003C\u002Fli>\n\u003Cli>User Registration – Ensure valid signup emails  \u003C\u002Fli>\n\u003Cli>Jetpack Forms – Automattic’s form solution  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🔧 CUSTOM INTEGRATION\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Any Custom Form – Works with \u003Ccode>is_email()\u003C\u002Fcode> function  \u003C\u002Fli>\n\u003Cli>Third-party Plugins – Automatic compatibility  \u003C\u002Fli>\n\u003Cli>API Integration – Direct API access available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🔍 CORE VALIDATION CHECKS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>DNS & MX Record Validation – Verify domain authenticity  \u003C\u002Fli>\n\u003Cli>Syntax Verification – IETF\u002FRFC standard compliance  \u003C\u002Fli>\n\u003Cli>Mailbox Existence – Confirm email actually exists  \u003C\u002Fli>\n\u003Cli>SMTP Connection Testing – Real server verification  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🛡️ SECURITY & SPAM PROTECTION\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disposable Email Detection – Block temporary email services  \u003C\u002Fli>\n\u003Cli>Spam Trap Identification – Prevent honeypot emails  \u003C\u002Fli>\n\u003Cli>Typosquatting Prevention – Catch misspelled domains  \u003C\u002Fli>\n\u003Cli>Role-based Email Filtering – Block info@, admin@, etc.  \u003C\u002Fli>\n\u003Cli>Custom Blocklist – Your own domain\u002Femail restrictions  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>⚡ PERFORMANCE & RELIABILITY\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Real-time Validation – Instant user feedback  \u003C\u002Fli>\n\u003Cli>Temporary Unavailability Detection – Handle server issues  \u003C\u002Fli>\n\u003Cli>Catch-All Domain Testing – Identify low-quality domains  \u003C\u002Fli>\n\u003Cli>Greylisting Detection – Advanced spam protection  \u003C\u002Fli>\n\u003Cli>99.9% Accuracy Rate – Industry-leading precision  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🔒 PRIVACY & COMPLIANCE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>GDPR Compliant – No email storage  \u003C\u002Fli>\n\u003Cli>Zero IP Impact – No emails sent from your servers  \u003C\u002Fli>\n\u003Cli>Secure API Communication – Encrypted data transfer  \u003C\u002Fli>\n\u003Cli>Privacy-First Design – Your data stays private  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>📊 ANALYTICS & MONITORING\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Validation Logs – Track all validation attempts  \u003C\u002Fli>\n\u003Cli>Performance Metrics – Monitor validation success rates  \u003C\u002Fli>\n\u003Cli>Custom Error Messages – Branded user feedback  \u003C\u002Fli>\n\u003Cli>Multi-language Support – Global accessibility  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Start with 100 Free Validations\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fdebounce.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get your API key now\u003C\u002Fa>\u003C\u002Fp>\n","Real-time email validation for WordPress forms. Block invalid, disposable, and risky emails to keep your database clean and improve deliverability.",300,22560,78,16,"2026-01-21T23:40:00.000Z","6.9.4","3.0.1","7.0",[20,21,22,23,24],"disposable-email","email-checker","email-validation","email-verification","spam-prevention","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebounce-io-email-validator.zip",92,4,0,"2025-04-09 00:00:00","2026-03-15T15:16:48.613Z",[33,49,65,77],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-32580","debounce-email-validator-cross-site-request-forgery-to-stored-cross-site-scripting","DeBounce Email Validator \u003C= 5.8.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=5.8.1","5.8.2","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-08-11 14:23:18",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F646af494-5348-484a-80d8-0f9a11ed310e?source=api-prod",125,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":61,"references":62,"days_to_patch":64},"CVE-2025-31098","debounce-email-validator-unauthenticated-local-file-inclusion","DeBounce Email Validator \u003C= 5.7 - Unauthenticated Local File Inclusion","The DeBounce Email Validator plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 5.7. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.","\u003C=5.7","5.71","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2025-04-03 00:00:00","2025-04-10 12:42:49",[63],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3a9f775f-4b82-449c-a5c3-d881b983d2c4?source=api-prod",8,{"id":66,"url_slug":67,"title":68,"description":69,"plugin_slug":4,"theme_slug":38,"affected_versions":70,"patched_in_version":71,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76},"CVE-2024-13339","debounce-email-validator-cross-site-request-forgery-to-stored-cross-site-scripting-2","DeBounce Email Validator \u003C= 5.8.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.8.0. This is due to missing or incorrect nonce validation on the 'debounce_email_validator' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=5.8.0","5.8.1","2025-02-18 19:33:29","2025-11-05 21:49:19",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9121ab04-d16b-468b-880f-8f00bcec6489?source=api-prod",260,{"id":78,"url_slug":79,"title":80,"description":81,"plugin_slug":4,"theme_slug":38,"affected_versions":82,"patched_in_version":83,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":84,"published_date":85,"updated_date":86,"references":87,"days_to_patch":89},"CVE-2024-11463","debounce-email-validator-reflected-cross-site-scripting","DeBounce Email Validator \u003C= 5.6.5 - Reflected Cross-Site Scripting","The DeBounce Email Validator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'from', 'to', and 'key' parameters in all versions up to, and including, 5.6.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. CVE-2025-24539 is a possible duplicate of this issue.","\u003C=5.6.5","5.6.6","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-11-22 15:20:34","2025-04-22 21:59:05",[88],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F39e8c8e1-5bf4-4e4a-91a3-cf884cccf374?source=api-prod",151,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":91,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":92,"trust_score":93,"computed_at":94},1,136,73,"2026-04-04T13:51:59.925Z",[96,112,131,152,170],{"slug":97,"name":98,"version":99,"author":97,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":16,"requires_at_least":108,"requires_php":25,"tags":109,"homepage":25,"download_link":111,"security_score":105,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"quickemailverification","QuickEmailVerification","1.11.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fquickemailverification\u002F","\u003Cp>An email verification plugin by \u003Ca href=\"http:\u002F\u002Fquickemailverification.com\" rel=\"nofollow ugc\">QuickEmailVerification\u003C\u002Fa> enables you to validate and verify the email address existence in real time, before you actually send them an email. Its unique email verification system is composed of multiple different validations starting from syntax checking to the end users’ mailbox existence checking. It not only detects invalid email addresses but also detects many other types of poor email addresses which could negatively impact the email deliverability and harm your sender reputation.\u003C\u002Fp>\n\u003Cp>This plugin need a QuickEmailVerification API key to verify. You can get it from \u003Ca href=\"https:\u002F\u002Fquickemailverification.com\u002Fapisettings\" title=\"Get your API key\" rel=\"nofollow ugc\">API settings\u003C\u002Fa> page of QuickEmailVerification service.\u003C\u002Fp>\n\u003Ch4>Key features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Email address syntax checking\u003C\u002Fli>\n\u003Cli>Domain\u002FMX records checking\u003C\u002Fli>\n\u003Cli>Role address detection\u003C\u002Fli>\n\u003Cli>Disposable email address (DEA) detection\u003C\u002Fli>\n\u003Cli>Free email service detection\u003C\u002Fli>\n\u003Cli>Typo detection and suggestion\u003C\u002Fli>\n\u003Cli>Accept all email checking\u003C\u002Fli>\n\u003Cli>Mailbox existence checking\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported form Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>Formidable forms\u003C\u002Fli>\n\u003Cli>Ninja forms\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Profile Builder\u003C\u002Fli>\n\u003Cli>Contact Form by BestWebSoft\u003C\u002Fli>\n\u003Cli>Ultimate Member registration form\u003C\u002Fli>\n\u003Cli>Fluent Forms\u003C\u002Fli>\n\u003Cli>WPEverest forms\u003C\u002Fli>\n\u003Cli>MailPoet\u003C\u002Fli>\n\u003Cli>Theme My Login\u003C\u002Fli>\n\u003Cli>WP-Members\u003C\u002Fli>\n\u003Cli>Visual Form Builder\u003C\u002Fli>\n\u003Cli>PlanSo forms\u003C\u002Fli>\n\u003Cli>Buddypress registration form\u003C\u002Fli>\n\u003Cli>Any other form which uses the is_email() function\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin works either with “is_email()” function or with any other supported form plugins. So if any supported form plugin is enabled, “is_email()” hook will automatically be disabled.\u003C\u002Fp>\n\u003Cp>To know more about email verification results, please have a look at the \u003Ca href=\"http:\u002F\u002Fdocs.quickemailverification.com\u002Fgetting-started\u002Funderstanding-email-verification-result\" rel=\"nofollow ugc\">QuickEmailVerification knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n","The QuickEmailVerification email verification plugin to avoid fake, bad and nonexistent emails.",200,6916,100,5,"2026-02-05T06:12:00.000Z","4.6",[20,21,22,23,110],"form-validation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquickemailverification.1.11.0.zip",{"slug":113,"name":114,"version":115,"author":113,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":121,"num_ratings":28,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":128,"download_link":129,"security_score":27,"vuln_count":91,"unpatched_count":29,"last_vuln_date":130,"fetched_at":31},"zerobounce","ZeroBounce Email Verification & Validation","1.1.3","https:\u002F\u002Fprofiles.wordpress.org\u002Fzerobounce\u002F","\u003Cp>Need an email validation tool to block invalid and high-risk emails on your WordPress website?\u003C\u002Fp>\n\u003Cp>The ZeroBounce email verification plugin assists users by validating email addresses entered into your registration forms, comments sections, eCommerce shops, and more. Install the plugin, connect your API key, and select the forms you want to monitor with email validation.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automated real-time email validation\u003C\u002Fstrong> – Automatically prevent selected email types from creating accounts, leaving comments, or signing up\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detect more than 30+ email address types\u003C\u002Fstrong> – Including invalid, abuse, disposable, spam trap, toxic domains, catch-all, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose what to accept\u003C\u002Fstrong> – Create your own rules for email validation and disallow emails based on status\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email verification for 9 form types\u003C\u002Fstrong> – Easily select which forms you want to protect with email validation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast manual email validation\u003C\u002Fstrong> – Verify any email address in the tools section using our interactive form\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email validation API logs\u003C\u002Fstrong> – Keep track of monthly email verifications, including status, sub-status, IP, date, and credits used\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Benefits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Keep your email list clean & accurate\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce your email bounce rate\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Boost your inbox placement\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Protect your email sender reputation\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Improve email deliverability\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Eliminate fraudulent, untrustworthy shoppers\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block spammers and spoofers\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keep your comments section clean\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Forms\u002FPlugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Formidable Forms\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>WordPress Post Comments\u003C\u002Fli>\n\u003Cli>WordPress Registration\u003C\u002Fli>\n\u003Cli>MC4WP: Mailchimp for WordPress\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Fluent Forms\u003C\u002Fli>\n\u003Cli>WS Forms\u003C\u002Fli>\n\u003Cli>Mailster Forms\u003C\u002Fli>\n\u003Cli>Forminator Forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And more support is being added gradually.\u003C\u002Fp>\n","ZeroBounce validates emails on your WordPress site in real-time, blocking invalid and risky emails to improve deliverability and reduce bounce rates.",1000,11330,96,"2024-11-22T15:23:00.000Z","6.7.5","4.4",[21,126,22,23,127],"email-tester","email-verifier","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fzerobounce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzerobounce.zip","2023-12-26 00:00:00",{"slug":132,"name":133,"version":134,"author":135,"author_profile":136,"description":137,"short_description":138,"active_installs":139,"downloaded":140,"rating":141,"num_ratings":142,"last_updated":143,"tested_up_to":25,"requires_at_least":25,"requires_php":25,"tags":144,"homepage":148,"download_link":149,"security_score":150,"vuln_count":91,"unpatched_count":29,"last_vuln_date":151,"fetched_at":31},"antideo-email-validator","Antideo Email Validator","1.0.11","Antideo","https:\u002F\u002Fprofiles.wordpress.org\u002Fantideo\u002F","\u003Cp>The email validator is designed by Antideo to help combat spam coming in through contact forms. Antideo \u003Ca href=\"https:\u002F\u002Fwww.antideo.com\u002Femail-validation\u002F\" rel=\"nofollow ugc\">validates email addresses\u003C\u002Fa> entered through your contact forms in real time to prevent inquiries from fake email addresses. The email validator plugin comes packed with several features that help you –\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Check the syntax of the email entered, to quickly flag the error to the visitor\u003C\u002Fli>\n\u003Cli>Check for disposable or temporary emails\u003C\u002Fli>\n\u003Cli>Prevent inquiries from free ESP’s like Gmail, Yahoo, etc (Can be switched on and off)\u003C\u002Fli>\n\u003Cli>Prevent inquiries from role-based emails like info@, support@, admin@ etc (Can be switched on and off)\u003C\u002Fli>\n\u003Cli>Check MX records to identify invalid emails\u003C\u002Fli>\n\u003Cli>Create and maintain your own local whitelist of domains and emails \u003C\u002Fli>\n\u003Cli>Create and maintain your own local blacklist of domains and emails\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Armed with the capabilities of our plugin you would be able to eliminate a major portion of contact form spam, as spammers seldom use a valid business email address. Our plugin out of the box is compatible with major forms like\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Mailster Form\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>MailChimp\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Formidable forms\u003C\u002Fli>\n\u003Cli>JetPack comments and a contact form\u003C\u002Fli>\n\u003Cli>MailPoet\u003C\u002Fli>\n\u003Cli>WP-Members\u003C\u002Fli>\n\u003Cli>Paid Membership Pro\u003C\u002Fli>\n\u003Cli>Form Maker by 10Web\u003C\u002Fli>\n\u003Cli>Visual Form Builder\u003Cbr \u002F>\nAnd pretty much any other form that uses the default WordPress is_email() function. The plugin is very easy to install and activate, no tech knowledge whatsoever is needed to get going with the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advantages of our plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No limits on the number of validations – go crazy, it’s unlimited!!\u003C\u002Fli>\n\u003Cli>Real time validations done in a fraction of a second\u003C\u002Fli>\n\u003Cli>Extensive database of 84K+ disposable email domains and constantly being updated with newer ones\u003C\u002Fli>\n\u003Cli>Clean and super friendly UI that is easy to use\u003C\u002Fli>\n\u003Cli>A powerful free version and an affordable premium version \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We are literally eating our own dog food, implementing the \u003Ca href=\"https:\u002F\u002Fwww.antideo.com\u002Fwordpress-email-validation-plugin\u002F\" rel=\"nofollow ugc\">Antideo Email Validation plugin\u003C\u002Fa> on several websites that we own, which has resulted in spam inquiries going down by over 87%.\u003C\u002Fp>\n\u003Cp>You can access more information on the plugin as well as the several aspects of email validation \u003Ca href=\"https:\u002F\u002Fwww.antideo.com\u002Fblog\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Disclaimer: This plugin is an email validator and not an email verifier\u003C\u002Fp>\n","Form email validation, Email Blacklist, Domain Blacklist, Form email check, Real time email validator Requires at least: 4.7 Tested up to: 6.9.",900,13361,70,14,"2026-03-12T08:06:00.000Z",[145,21,146,22,147],"disposable-emails","email-syntax-check","email-validator","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fantideo-email-validator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantideo-email-validator.zip",97,"2026-01-16 00:00:00",{"slug":153,"name":154,"version":155,"author":156,"author_profile":157,"description":158,"short_description":159,"active_installs":160,"downloaded":161,"rating":162,"num_ratings":163,"last_updated":164,"tested_up_to":16,"requires_at_least":108,"requires_php":25,"tags":165,"homepage":25,"download_link":167,"security_score":168,"vuln_count":91,"unpatched_count":29,"last_vuln_date":169,"fetched_at":31},"clearout-email-validator","Clearout Email Validator – Real-Time Email Verification on WordPress Forms","3.3.1","clearoutio","https:\u002F\u002Fprofiles.wordpress.org\u002Fclearoutio\u002F","\u003Cp>Clearout Email Validation plugin seamlessly integrates with all major forms to validate the email addresses in real time.\u003C\u002Fp>\n\u003Cp>The plugin performs 20+ refined real-time validation checks to determine the current status of the email address. These checks include extensive verifications like greylist verification, anti-spam check, gibberish check, catch-all verification, email blacklist verification, temporary email address check, and more.\u003C\u002Fp>\n\u003Ch4>Key Benefits of Using Clearout Email Verification Plugin:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Accept only \u003Cstrong>safe-to-send\u003C\u002Fstrong> email address to \u003Cstrong>protect your sender reputation\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Accept only \u003Cstrong>business or work email addresses\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent fraudulent signups or leads getting into CRM\u003C\u002Fstrong> by stopping \u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fblog\u002F2020\u002F09\u002F30\u002Fdont-let-your-email-campaigns-be-a-victim-of-disposable-email-addresses\" rel=\"nofollow ugc\">temporary \u002F disposable \u002F throw away email addresses\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customization to Block free email address providers\u003C\u002Fstrong> like gmail.com \u002F yahoo.com \u002F hotmail.com\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove\u003C\u002Fstrong> duplicate and \u003Cstrong>alias email addresses\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How to Install Clearout Email Verifier Plugin\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Obtain an API Token:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. \u003Cstrong>Log in\u003C\u002Fstrong> to your Clearout account.\u003Cbr \u002F>\n2. Navigate to the \u003Ca href=\"https:\u002F\u002Fapp.clearout.io\u002Fdeveloper\u002Fapi\u002Flist\" rel=\"nofollow ugc\">‘Developer’\u003C\u002Fa> menu and click on \u003Cstrong>‘+ Create API Token’\u003C\u002Fstrong>.\u003Cbr \u002F>\n3. Add the necessary details for reference, and click on “Create” to generate the API token.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Create a Clearout Account (if you don’t have one):\u003C\u002Fstrong>\u003Cbr \u002F>\n1. \u003Ca href=\"https:\u002F\u002Fapp.clearout.io\u002Fregister\" rel=\"nofollow ugc\">Sign up\u003C\u002Fa> for a Clearout account to \u003Cstrong>get 100 free email validation credits with no credit card required\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>For more detailed instructions, visit Clearout \u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fintegrations\u002Fwordpress\u002F\" rel=\"nofollow ugc\">Email Verifier Plugin Installation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FYG5BrBn7FHo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Supported Forms\u002FPlugins\u003C\u002Fh4>\n\u003Cp>The Clearout email verification plugin supports a rich set of popular form-based plugins by listening to email address capture flow or by hooking into WordPress is_email() function:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Elementor Form\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Forminator Form\u003C\u002Fli>\n\u003Cli>WooCommerce Checkout Forms\u003C\u002Fli>\n\u003Cli>WooCommerce Registration Form\u003C\u002Fli>\n\u003Cli>Fluent Form\u003C\u002Fli>\n\u003Cli>WP Forms\u003C\u002Fli>\n\u003Cli>Formidable forms\u003C\u002Fli>\n\u003Cli>WS Form \u003C\u002Fli>\n\u003Cli>WP-Members\u003C\u002Fli>\n\u003Cli>Contact Form\u003C\u002Fli>\n\u003Cli>Mailster Form\u003C\u002Fli>\n\u003Cli>MailChimp\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Profile Builder\u003C\u002Fli>\n\u003Cli>Ultimate Member registration form\u003C\u002Fli>\n\u003Cli>Users Ultra registration form\u003C\u002Fli>\n\u003Cli>JetPack comments and a contact form\u003C\u002Fli>\n\u003Cli>MailPoet\u003C\u002Fli>\n\u003Cli>Theme My Login\u003C\u002Fli>\n\u003Cli>Paid Memberships Pro\u003C\u002Fli>\n\u003Cli>Form Maker by 10Web\u003C\u002Fli>\n\u003Cli>Visual Form Builder\u003C\u002Fli>\n\u003Cli>Any WordPress registrations & contact forms   \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Accurate Email Verification\u003C\u002Fli>\n\u003Cli>Fastest Real-time Email Validation\u003C\u002Fli>\n\u003Cli>Seamless API Integration\u003C\u002Fli>\n\u003Cli>Guaranteed Deliverability (Safe to send)\u003C\u002Fli>\n\u003Cli>High Precision Advanced Catch-all Resolver\u003C\u002Fli>\n\u003Cli>Block Role Email\u003C\u002Fli>\n\u003Cli>Block Disposable Email\u003C\u002Fli>\n\u003Cli>Block Gibberish Email\u003C\u002Fli>\n\u003Cli>Email \u002F Domain Allowlisting and Blocklisting\u003C\u002Fli>\n\u003Cli>Custom Error Message\u003C\u002Fli>\n\u003Cli>Limit email validation to only required pages\u003C\u002Fli>\n\u003Cli>Low Credit Notification Alert\u003C\u002Fli>\n\u003Cli>Team Accounts\u003C\u002Fli>\n\u003Cli>Syntax Verification\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.clearout.io\u002Fapi-overview.html#testing\" rel=\"nofollow ugc\">Test email addresses\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Know A Little More About Clearout Email Verification Service\u003C\u002Fh4>\n\u003Cp>In addition to its availability as a WordPress Plugin, Clearout Email Verifier supports email verification in multiple forms and ways to meet the needs of the user. Other verification methods supported by Clearout Email Verifier are – Bulk email list validation, real-time email validation API, and Form Guard Email Validation.\u003C\u002Fp>\n\u003Ch4>FURTHER READING\u003C\u002Fh4>\n\u003Cp>More about Clearout Email Verification\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Femail-verification-api\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Femail-verification-api\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fdisposable-email-checker\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Fdisposable-email-checker\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fintegrations\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Fintegrations\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fhelp\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Fhelp\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.clearout.io\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fdocs.clearout.io\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Other Clearout Services\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Femail-finder\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Femail-finder\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fsales-prospecting\u002Fchrome-extension\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Fsales-prospecting\u002Fchrome-extension\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Fsales-prospecting\u002Fadvanced-data-enrichment\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Fsales-prospecting\u002Fadvanced-data-enrichment\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Freverse-lookup\u002Flinkedin\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Freverse-lookup\u002Flinkedin\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclearout.io\u002Freverse-lookup\u002Femail\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fclearout.io\u002Freverse-lookup\u002Femail\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Block invalid emails like temporary, disposable, etc. with our real-time email verification. Verify email address during form-fill and stop form spam.",600,32216,84,13,"2026-02-18T16:31:00.000Z",[21,22,23,127,166],"woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclearout-email-validator.3.3.1.zip",99,"2025-03-27 00:00:00",{"slug":171,"name":172,"version":173,"author":174,"author_profile":175,"description":176,"short_description":177,"active_installs":105,"downloaded":178,"rating":179,"num_ratings":180,"last_updated":181,"tested_up_to":16,"requires_at_least":182,"requires_php":183,"tags":184,"homepage":186,"download_link":187,"security_score":105,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"dilli-email-validator","Dilli Email Validator","1.7.1.0","dillilabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fdillilabs\u002F","\u003Cp>This plugin integrates with the Dilli Email Validation API (DEVA) to block fake or incorrectly formatted email addresses at form submission, ensuring higher-quality leads and significantly reducing spam.\u003C\u002Fp>\n\u003Cp>This plugin requires an API Key which can be obtained for FREE by \u003Ca href=\"https:\u002F\u002Fdeva.dillilabs.com\u002Fregister\" rel=\"nofollow ugc\">signing up here\u003C\u002Fa>. Learn more about Dilli Email Validation API \u003Ca href=\"https:\u002F\u002Fwww.dillilabs.com\u002Fproducts\u002Femail-validation-api\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin hooks directly into the WordPress core email validation function (\u003Ccode>is_email()\u003C\u002Fcode>), which is used by most major form plugins. That means it works out of the box with popular form builders like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Jetpack\u002FGrunion contact forms\u003C\u002Fli>\n\u003Cli>WordPress registration forms\u003C\u002Fli>\n\u003Cli>and many others.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>No need to modify your forms — just install and activate the plugin.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Validates email address format. Ex: email address \u003Ccode>fooAtdillilabs.com\u003C\u002Fcode> is invalid because of missing ‘@’\u003C\u002Fli>\n\u003Cli>Checks for existence of MX records of the email address domain. Ex: \u003Ccode>foobar@dlfkdlfkf.co\u003C\u002Fcode> is invalid because no MX records exist for domain dlfkdlfkf.co.\u003C\u002Fli>\n\u003Cli>Checks for Disposable\u002FTemporary email addresses. Ex: user@mailinator.com is invalid because mailinator.com provides temporary shared temporary email inboxes.\u003C\u002Fli>\n\u003Cli>Checks for conformity with ESP (Email Service Provider) grammar rules. Ex: \u003Ccode>bob@yahoo.com\u003C\u002Fcode> is invalid because Yahoo does not allow user part (\u003Ccode>bob\u003C\u002Fcode> in this case) to be less than 4 characters.\u003C\u002Fli>\n\u003Cli>Checks for profanity in user part of email address. Ex: \u003Ccode>f***you@gmail.com\u003C\u002Fcode> is invalid.\u003C\u002Fli>\n\u003Cli>Checks user and domain parts of an email address for known malicious patterns. Ex: \u003Ccode>jondoe@gmail.com\u003C\u002Fcode>, \u003Ccode>foobar@yahoo.com\u003C\u002Fcode>, \u003Ccode>idontwanttogive@gmail.com\u003C\u002Fcode> and \u003Ccode>noemail@gmail.com\u003C\u002Fcode> will be treated as invalid.\u003C\u002Fli>\n\u003Cli>Checks email address domain against a known blacklist.\u003C\u002Fli>\n\u003Cli>Checks email address against a known blacklist of frequently used email addresses for spam.\u003C\u002Fli>\n\u003Cli>Checks for reserved domains. Ex: example.com is a reserved domain. Therefore, validemail@example.com is not allowed.\u003C\u002Fli>\n\u003Cli>Checks for Role-based email addresses. Ex: info@someorganization.com will be treated as invalid.\u003C\u002Fli>\n\u003Cli>Checks for safe domains. Restricts emails whose domains represents sites with adult content.\u003C\u002Fli>\n\u003Cli>Checks for non-business email address.  Ex: *@gmail.com, *@yahoo.com, *@hotmail.com email addresses will be treated as invalid.\u003C\u002Fli>\n\u003Cli>Checks the IP address of the user submitting the form against a known list of malicious IP addresses.\u003C\u002Fli>\n\u003Cli>Add custom blocklist. You may request certain domains, emails and users to be blocked. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (Deutsche)\u003C\u002Fli>\n\u003C\u002Ful>\n","Validates email addresses in real-time and blocks form submissions with invalid or fake emails. Reduce spam, fix typos, and capture quality leads.",7832,94,15,"2025-12-23T11:38:00.000Z","3.6.0","7.4",[185,21,22,147,23],"email-address-validation","https:\u002F\u002Fwww.dillilabs.com\u002Fproducts\u002Femail-validation-api\u002Fdilli-email-validator-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdilli-email-validator.1.7.1.0.zip",{"attackSurface":189,"codeSignals":314,"taintFlows":345,"riskAssessment":446,"analyzedAt":460},{"hooks":190,"ajaxHandlers":281,"restRoutes":282,"shortcodes":312,"cronEvents":313,"entryPointCount":106,"unprotectedCount":29},[191,198,202,208,211,214,217,220,223,226,229,232,235,236,239,243,246,249,254,256,258,260,264,269,272,276,278],{"type":192,"name":193,"callback":194,"priority":195,"file":196,"line":197},"action","after_setup_theme","debounce_load",11,"plugin.php",20,{"type":192,"name":199,"callback":199,"priority":200,"file":196,"line":201},"grunion_pre_message_sent",10,123,{"type":203,"name":204,"callback":205,"priority":197,"file":206,"line":207},"filter","wpcf7_validate_email","validate","src\\Checks\\class-debounce-cf7.php",31,{"type":203,"name":209,"callback":205,"priority":197,"file":206,"line":210},"wpcf7_validate_email*",32,{"type":203,"name":212,"callback":205,"priority":200,"file":213,"line":200},"elementor_pro\u002Fforms\u002Fvalidation\u002Femail","src\\Checks\\class-debounce-elementor-form.php",{"type":203,"name":215,"callback":205,"priority":200,"file":216,"line":200},"fluentform_validate_input_item_input_email","src\\Checks\\class-debounce-fluent-forms.php",{"type":203,"name":218,"callback":205,"priority":200,"file":219,"line":200},"frm_validate_entry","src\\Checks\\class-debounce-formidable-forms.php",{"type":203,"name":221,"callback":205,"priority":200,"file":222,"line":200},"forminator_custom_form_submit_errors","src\\Checks\\class-debounce-forminator-forms.php",{"type":203,"name":224,"callback":205,"priority":200,"file":225,"line":207},"gform_field_validation","src\\Checks\\class-debounce-gravity-forms.php",{"type":203,"name":227,"callback":205,"priority":200,"file":228,"line":207},"is_email","src\\Checks\\class-debounce-is-email.php",{"type":203,"name":230,"callback":205,"priority":200,"file":231,"line":207},"ninja_forms_submit_data","src\\Checks\\class-debounce-ninja-forms.php",{"type":192,"name":233,"callback":205,"file":234,"line":200},"pre_comment_on_post","src\\Checks\\class-debounce-on-comment.php",{"type":203,"name":227,"callback":205,"priority":200,"file":234,"line":14},{"type":192,"name":237,"callback":205,"priority":200,"file":238,"line":210},"registration_errors","src\\Checks\\class-debounce-on-registration.php",{"type":192,"name":240,"callback":205,"priority":200,"file":241,"line":242},"woocommerce_after_checkout_validation","src\\Checks\\class-debounce-woocommerce.php",40,{"type":203,"name":244,"callback":205,"priority":200,"file":245,"line":207},"wpforms_process_after_filter","src\\Checks\\class-debounce-wp-forms.php",{"type":203,"name":247,"callback":205,"priority":91,"file":248,"line":200},"wsf_action_email_email_validate","src\\Checks\\class-debounce-wsforms.php",{"type":192,"name":250,"callback":251,"file":252,"line":253},"admin_enqueue_scripts","enqueue","src\\class-debounce-admin.php",12,{"type":192,"name":255,"callback":255,"file":252,"line":163},"admin_menu",{"type":192,"name":257,"callback":257,"file":252,"line":142},"admin_footer",{"type":192,"name":259,"callback":259,"file":252,"line":180},"admin_notices",{"type":192,"name":261,"callback":262,"file":252,"line":263},"admin_init","maybe_export_logs_csv",17,{"type":192,"name":265,"callback":266,"file":267,"line":268},"wp_enqueue_scripts","register_script","src\\class-debounce-plugin.php",250,{"type":192,"name":270,"callback":270,"file":267,"line":271},"rest_api_init",259,{"type":203,"name":273,"callback":274,"file":275,"line":180},"debounce_api_is_private","__return_false","src\\functions.php",{"type":192,"name":265,"callback":277,"priority":195,"file":275,"line":14},"enqueue_frontend",{"type":192,"name":279,"callback":280,"file":275,"line":263},"wp_footer","footer_styles",[],[283,291,296,301,307],{"namespace":284,"route":285,"methods":286,"callback":288,"permissionCallback":289,"file":267,"line":290},"debounceio","\u002FcheckEmail",[287],"POST","check_email_callback","closure",264,{"namespace":284,"route":292,"methods":293,"callback":294,"permissionCallback":289,"file":267,"line":295},"\u002FupdateCredit",[287],"update_credit_callback",272,{"namespace":284,"route":297,"methods":298,"callback":299,"permissionCallback":289,"file":267,"line":300},"\u002Freview",[287],"review_callback",280,{"namespace":284,"route":302,"methods":303,"callback":305,"permissionCallback":289,"file":267,"line":306},"\u002Flogs",[304],"GET","logs_callback",288,{"namespace":284,"route":308,"methods":309,"callback":310,"permissionCallback":289,"file":267,"line":311},"\u002FgetChart",[304],"get_chart_callback",296,[],[],{"dangerousFunctions":315,"sqlUsage":316,"outputEscaping":318,"fileOperations":91,"externalRequests":28,"nonceChecks":106,"capabilityChecks":343,"bundledLibraries":344},[],{"prepared":197,"raw":29,"locations":317},[],{"escaped":319,"rawEcho":200,"locations":320},129,[321,325,327,329,331,333,335,337,339,341],{"file":322,"line":323,"context":324},"src\\admin-partials\\logs.php",106,"raw output",{"file":322,"line":326,"context":324},110,{"file":322,"line":328,"context":324},114,{"file":322,"line":330,"context":324},118,{"file":322,"line":332,"context":324},122,{"file":322,"line":334,"context":324},126,{"file":322,"line":336,"context":324},130,{"file":322,"line":338,"context":324},160,{"file":340,"line":207,"context":324},"src\\admin-partials\\settings.php",{"file":252,"line":342,"context":324},139,9,[],[346,362,391,404,421,431],{"entryPoint":347,"graph":348,"unsanitizedCount":91,"severity":41},"admin_footer (src\\class-debounce-admin.php:132)",{"nodes":349,"edges":359},[350,354],{"id":351,"type":352,"label":353,"file":252,"line":92},"n0","source","$_GET",{"id":355,"type":356,"label":357,"file":252,"line":342,"wp_function":358},"n1","sink","echo() [XSS]","echo",[360],{"from":351,"to":355,"sanitized":361},false,{"entryPoint":363,"graph":364,"unsanitizedCount":29,"severity":390},"\u003Clogs> (src\\admin-partials\\logs.php:0)",{"nodes":365,"edges":385},[366,369,371,375,377,380],{"id":351,"type":352,"label":367,"file":322,"line":368},"$_GET (x3)",236,{"id":355,"type":356,"label":357,"file":322,"line":370,"wp_function":358},239,{"id":372,"type":352,"label":373,"file":322,"line":374},"n2","$_GET['key']",249,{"id":376,"type":356,"label":357,"file":322,"line":374,"wp_function":358},"n3",{"id":378,"type":352,"label":353,"file":322,"line":379},"n4",286,{"id":381,"type":356,"label":382,"file":322,"line":383,"wp_function":384},"n5","get_results() [SQLi]",322,"get_results",[386,388,389],{"from":351,"to":355,"sanitized":387},true,{"from":372,"to":376,"sanitized":387},{"from":378,"to":381,"sanitized":387},"low",{"entryPoint":392,"graph":393,"unsanitizedCount":29,"severity":390},"\u003Ctranslate> (src\\admin-partials\\translate.php:0)",{"nodes":394,"edges":402},[395,399],{"id":351,"type":352,"label":396,"file":397,"line":398},"$_POST","src\\admin-partials\\translate.php",19,{"id":355,"type":356,"label":400,"file":397,"line":197,"wp_function":401},"update_option() [Settings Manipulation]","update_option",[403],{"from":351,"to":355,"sanitized":387},{"entryPoint":405,"graph":406,"unsanitizedCount":29,"severity":390},"save_general (src\\class-debounce-admin.php:463)",{"nodes":407,"edges":418},[408,411,414,416],{"id":351,"type":352,"label":409,"file":252,"line":410},"$_POST['debounce_api_key']",480,{"id":355,"type":356,"label":412,"file":252,"line":410,"wp_function":413},"wp_remote_get() [SSRF]","wp_remote_get",{"id":372,"type":352,"label":415,"file":252,"line":410},"$_POST (x2)",{"id":376,"type":356,"label":400,"file":252,"line":417,"wp_function":401},490,[419,420],{"from":351,"to":355,"sanitized":387},{"from":372,"to":376,"sanitized":387},{"entryPoint":422,"graph":423,"unsanitizedCount":29,"severity":390},"save (src\\class-debounce-admin.php:507)",{"nodes":424,"edges":429},[425,427],{"id":351,"type":352,"label":396,"file":252,"line":426},519,{"id":355,"type":356,"label":400,"file":252,"line":428,"wp_function":401},520,[430],{"from":351,"to":355,"sanitized":387},{"entryPoint":432,"graph":433,"unsanitizedCount":29,"severity":390},"\u003Cclass-debounce-admin> (src\\class-debounce-admin.php:0)",{"nodes":434,"edges":442},[435,436,437,438,439,441],{"id":351,"type":352,"label":353,"file":252,"line":92},{"id":355,"type":356,"label":357,"file":252,"line":342,"wp_function":358},{"id":372,"type":352,"label":409,"file":252,"line":410},{"id":376,"type":356,"label":412,"file":252,"line":410,"wp_function":413},{"id":378,"type":352,"label":440,"file":252,"line":410},"$_POST (x3)",{"id":381,"type":356,"label":400,"file":252,"line":417,"wp_function":401},[443,444,445],{"from":351,"to":355,"sanitized":387},{"from":372,"to":376,"sanitized":387},{"from":378,"to":381,"sanitized":387},{"summary":447,"deductions":448},"The debounce-io-email-validator plugin v5.8.7 exhibits a mixed security posture. On the positive side, static analysis reveals no unprotected entry points and strong adherence to secure coding practices such as using prepared statements for all SQL queries, implementing nonce checks and capability checks for most operations, and properly escaping a high percentage of output. The limited attack surface, consisting of 5 REST API routes with permission callbacks, is also a good sign.\n\nHowever, the plugin's vulnerability history is a significant concern. With a total of 4 known CVEs, including one critical and three medium-severity vulnerabilities, it suggests a pattern of recurring security weaknesses. The common vulnerability types reported – CSRF, PHP Remote File Inclusion, and Cross-site Scripting – are serious issues that attackers often target. While there are currently no unpatched vulnerabilities, the presence of past critical and medium issues warrants caution.\n\nA notable concern from the static analysis is one flow with an unsanitized path, which could potentially lead to security issues if not handled with extreme care, even if it didn't register as a critical or high severity taint flow. The presence of file operations and external HTTP requests, while not inherently insecure, adds to the potential attack surface that needs to be managed diligently, especially given the plugin's history. Overall, while the current version shows improvements in secure coding practices, the historical vulnerability record necessitates ongoing vigilance and a thorough review of how past issues were addressed.",[449,451,453,455,458],{"reason":450,"points":180},"History of 1 critical vulnerability",{"reason":452,"points":180},"History of 3 medium vulnerabilities",{"reason":454,"points":64},"Flow with unsanitized path detected",{"reason":456,"points":457},"1 file operation detected",3,{"reason":459,"points":28},"4 external HTTP requests detected","2026-03-16T19:54:37.461Z",{"wat":462,"direct":475},{"assetPaths":463,"generatorPatterns":468,"scriptPaths":469,"versionParams":470},[464,465,466,467],"\u002Fwp-content\u002Fplugins\u002Fdebounce-io-email-validator\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fdebounce-io-email-validator\u002Fassets\u002Fjs\u002Fdebounce.js","\u002Fwp-content\u002Fplugins\u002Fdebounce-io-email-validator\u002Fassets\u002Fjs\u002Fdebounce.validate.js","\u002Fwp-content\u002Fplugins\u002Fdebounce-io-email-validator\u002Fassets\u002Fjs\u002Fdebounce.admin.js",[],[465,466,467],[471,472,473,474],"debounce-io-email-validator\u002Fassets\u002Fcss\u002Fadmin.css?ver=","debounce-io-email-validator\u002Fassets\u002Fjs\u002Fdebounce.js?ver=","debounce-io-email-validator\u002Fassets\u002Fjs\u002Fdebounce.validate.js?ver=","debounce-io-email-validator\u002Fassets\u002Fjs\u002Fdebounce.admin.js?ver=",{"cssClasses":476,"htmlComments":483,"htmlAttributes":484,"restEndpoints":486,"jsGlobals":488,"shortcodeOutput":490},[477,478,479,480,481,482],"debounce-notice","dbbtn","dbbtn1","dbbtn2","lastp","ddbtn-close",[],[485],"data-value",[487],"\u002Fwp-json\u002Fdebounceio\u002Freview",[489],"debounce_io_debounce_settings",[]]