[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBv_agYegUBxvMYKm15coY6_jcgpuhOxrU0JvKwTsqgI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":133,"fingerprints":240},"deliverability","Deliverability – pass DKIM, SPF, DMARC & more","1.8.0","Top Deliverability","https:\u002F\u002Fprofiles.wordpress.org\u002Ftopdeliverability\u002F","\u003Cp>Our Deliverability Plugin for WordPress allows you to easily authenticate emails generated from your website with a DKIM signature.\u003C\u002Fp>\n\u003Cp>But our Deliverability Plugin does much more than that! In fact, it’s packed with incredible email security and email deliverability features such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SPF authentication check, monitor and troubleshoot\u003C\u002Fli>\n\u003Cli>DKIM authentication implementation, check, monitor and troubleshoot\u003C\u002Fli>\n\u003Cli>DMARC authentication check, monitor and troubleshoot\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s always a good practice to authenticate your domain, but if your domain has a DMARC record and your website runs on WordPress you almost certainly need this plugin.\u003C\u002Fp>\n\u003Cp>The Deliverability plugin will take your Email Deliverability to a whole new level.\u003C\u002Fp>\n\u003Cp>This plugin is designed and written by experts and is easy to use and understand.\u003C\u002Fp>\n\u003Cp>It reduces security risk by checking for shortcomings in your email setup, and by implementing and enforcing the latest recommended Email security practices and techniques.\u003C\u002Fp>\n\u003Cp>Fully compatible with Contact-Form 7, WPForms, BuddyPress, WP Mail SMTP and more.\u003C\u002Fp>\n","Check and improve your Email Deliverability. Pass DMARC by DKIM-signing your emails without an external SMTP. Comply with Google & Yahoo requirements!",800,11120,84,15,"2025-09-15T12:59:00.000Z","6.6.5","5.9","7.4",[4,20,21,22,23],"dkim","dmarc","email","spf","https:\u002F\u002Ftopdeliverability.com\u002Fplugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdeliverability.1.8.0.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"topdeliverability",1,30,94,"2026-04-04T11:39:00.395Z",[38,58,76,92,113],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":26,"num_ratings":33,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"mailsure","Mailsure","1.0","corytrevor","https:\u002F\u002Fprofiles.wordpress.org\u002Fcorytrevor\u002F","\u003Ch3>Test email sending, SPF, DKIM & DMARC\u003C\u002Fh3>\n\u003Cp>Mailsure provides a simple one-click email authentication test to check if WordPress is able to send properly authenticated emails.\u003C\u002Fp>\n\u003Cp>Also included:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send a test email to any address\u003C\u002Fli>\n\u003Cli>Mail server IP blacklist check via \u003Ca href=\"https:\u002F\u002Fmxtoolbox.com\u002F\" rel=\"nofollow ugc\">MXToolbox\u003C\u002Fa>. View their privacy policy \u003Ca href=\"https:\u002F\u002Fmxtoolbox.com\u002Fprivacypolicy.aspx\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugin settings are in Tools -> Mailsure\u003C\u002Fp>\n","Test email sending, SPF, DKIM & DMARC",50,786,"2024-07-12T10:18:00.000Z","6.5.8","6.0","7.1",[20,21,22,53,54],"email-authentication","test-email","https:\u002F\u002Fmailsure.app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailsure.1.0.zip",92,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":27,"num_ratings":27,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"email-essentials","Email Essentials","6.0.3","Acato","https:\u002F\u002Fprofiles.wordpress.org\u002Facato\u002F","\u003Cp>Email Essentials vastly reduces the chances of your emails being marked as spam or being rejected. Originally a debugging tool, it has grown into a full-fledged email enhancement plugin.\u003C\u002Fp>\n\u003Cp>Please note that this plugin is not a “we support any type of transport” Email plugin. For other protocols than SMTP, but rather to enhance the email sending capabilities of WordPress.\u003Cbr \u002F>\nIf you need to send emails with other protocols than SMTP, this plugin is not for you. You might want to look at plugins like Post SMTP (not affiliated).\u003C\u002Fp>\n\u003Cp>And since version 6.0.0, after more than 10 years of development, this plugin is now a FOSS plugin, meaning it is free to use, modify and distribute under the GPLv2 license.\u003C\u002Fp>\n\u003Cp>In return, we ask you to support the development of this plugin by contributing to the codebase, reporting bugs, and helping others in the community.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Responsible disclosure:\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you find a vulnerability, please email us at \u003Ca href=\"mailto:responsibledisclosure@acato.nl\" rel=\"nofollow ugc\">responsibledisclosure@acato.nl\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Set a good From name and email address, automatically correcting it if needed. For example, a contact form is sent from the visitors email address, resulting in an invalid Sender address. This plugin will correct it to a valid email address. This plugin automatically corrects it.\u003C\u002Fli>\n\u003Cli>Correct envelope-from address; often forgotten, but important for deliverability.\u003C\u002Fli>\n\u003Cli>Reformat as HTML with plain text alternative; will detect the use of HTML ensures that emails are sent as HTML with a plain text alternative.\u003C\u002Fli>\n\u003Cli>Process shortcodes in your email content.\u003C\u002Fli>\n\u003Cli>UTF8 recoding, to ensure that special characters are correctly encoded in the email.\u003C\u002Fli>\n\u003Cli>Email Essentials allows for adding CSS, header, footer, and body template using filters, see below.\u003C\u002Fli>\n\u003Cli>Convert CSS to inline styles for better support in email clients\u003C\u002Fli>\n\u003Cli>SMTP configuration\u003C\u002Fli>\n\u003Cli>Send emails to multiple addressees as separate emails\u003C\u002Fli>\n\u003Cli>S\u002FMIME signing, using a supplied certificate, to ensure the authenticity of the email.\u003C\u002Fli>\n\u003Cli>DKIM signing, and providing all information needed to set up DKIM signing for your domain.\u003C\u002Fli>\n\u003Cli>Allow redirecting emails sent to the administrator to other email addresses based on the email subject.\u003C\u002Fli>\n\u003Cli>Allow redirecting emails sent to the moderators (e.g., for comments).\u003C\u002Fli>\n\u003Cli>Keep a history of outgoing emails (debugging, cleared on deactivation)\u003C\u002Fli>\n\u003Cli>Email receipt tracking (for investigative purposes only, see GDPR note)\u003C\u002Fli>\n\u003Cli>Re-send button for failed emails\u003C\u002Fli>\n\u003Cli>Allow sending emails delayed, to prevent sending too many emails at once. (Beta feature)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Important Note\u003C\u002Fh3>\n\u003Cp>This tool is for users who understand email delivery. If unsure, ask for help.\u003C\u002Fp>\n\u003Cp>\u003Cem>Under GDPR, storing and tracking emails is prohibited. The history feature is for investigative purposes only!\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>Email Essentials uses one external service by default, two if you create and define your own IP services.\u003C\u002Fp>\n\u003Col>\n\u003Cli>CloudFlare DNS over HTTPS (DoH). This is used to resolve domain names to IP addresses when (for example) checking SPF or DKIM records. In theory, it is possible to use PHPs own \u003Ccode>dns_get_record\u003C\u002Fcode> function, but in practice this often fails due to server DNS-resolve misconfiguration. Using CloudFlare’s DoH service ensures reliable DNS resolution. We only send the hostname (the domain part) to CloudFlare, no other data. Explicitly, we do NOT send any other information.\u003C\u002Fli>\n\u003Cli>The plugin can use an IP-address relay service to accurately determine the sender’s IP address. This is required to accurately check that the sender’s IP address is authorized to send email for the domain (SPF check). To use this, you will need to set up your own service, see documentation on filter \u003Ccode>acato_email_essentials_ip_services\u003C\u002Fcode>. Without this service, IP detection can be inaccurate because it will use the website itself as a relay. Use of a reverse proxy, load balancer etc. can lead to incorrect IP detection.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WordPress Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>acato_email_essentials_settings\u003C\u002Fcode> — Filter plugin settings.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_defaults\u003C\u002Fcode> — Filter default settings.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_subject\u003C\u002Fcode> — Filter email subject.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_body\u003C\u002Fcode> — Filter HTML body of the email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_head\u003C\u002Fcode> — Filter HEAD section of HTML email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_css\u003C\u002Fcode> — Filter CSS for the email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_minify_css\u003C\u002Fcode> — Filter CSS minification.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_is_throttled\u003C\u002Fcode> — Check if mail should be throttled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_throttle_time_window\u003C\u002Fcode> — Set mail throttle time window.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_throttle_max_count_per_time_window\u003C\u002Fcode> — Set max emails per time window.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_throttle_batch_size\u003C\u002Fcode> — Set mail batch size.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_ip_services\u003C\u002Fcode> — Define custom IP services for accurately determining the sender’s IP address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_ip_service\u003C\u002Fcode> — Filter individual IP service URLs.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_website_root_path\u003C\u002Fcode> — Filter to supply the correct website root path in case of non-standard setups.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_development_tlds\u003C\u002Fcode> — Filter development\u002Flocal TLDs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WordPress Filters in detail\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Plugin Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_settings\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$settings\u003C\u002Fcode> The current settings of the plugin.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The new settings of the plugin.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_defaults\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$defaults\u003C\u002Fcode> The current default settings of the plugin.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The new default settings of the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Email Content\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_subject\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$the_subject\u003C\u002Fcode> Subject for the email.\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (altered) Subject.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_body\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$should_be_html\u003C\u002Fcode> A text that should be html, but might not yet be, your job to make a nice HTML body.\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) A text that should be html.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_head\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$the_head_section\u003C\u002Fcode> HTML that is the HEAD section of the HTML email.\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The altered HEAD section of the HTML email.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_css\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$the_css\u003C\u002Fcode> CSS for the email (empty by default).\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (altered) CSS.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_minify_css\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$css\u003C\u002Fcode> CSS to be minified.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The minified CSS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Mail Throttling\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_is_throttled\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (bool) \u003Ccode>$is_throttled\u003C\u002Fcode> Whether the mail is currently throttled.\u003Cbr \u002F>\n– (string) \u003Ccode>$ip\u003C\u002Fcode> The sender’s IP address.\u003Cbr \u002F>\n– (int) \u003Ccode>$mails_recently_sent\u003C\u002Fcode> Number of mails recently sent from this IP.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (bool) Whether the mail should be throttled.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_throttle_time_window\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (int) \u003Ccode>$time_window\u003C\u002Fcode> Time window in seconds for counting sent emails.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (int) The (altered) time window in seconds.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_throttle_max_count_per_time_window\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (int) \u003Ccode>$count\u003C\u002Fcode> Maximum number of emails allowed per time window.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (int) The (altered) maximum count.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_throttle_batch_size\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (int) \u003Ccode>$size\u003C\u002Fcode> Number of emails to send in a single batch.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (int) The (altered) batch size.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IP Detection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_ip_services\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$services\u003C\u002Fcode> The current list of IP services used to determine the sender’s IP address.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The (altered) list of IP services.\u003C\u002Fp>\n\u003Cp>The services must be keyed with \u003Ccode>ipv4\u003C\u002Fcode>, \u003Ccode>ipv6\u003C\u002Fcode> and \u003Ccode>dual-stack\u003C\u002Fcode>. The values must be URLs that return the IP address in plain text.\u003Cbr \u002F>\nThe dual-stack service should return an IPv6 address if available, otherwise an IPv4 address, never both.\u003C\u002Fp>\n\u003Cp>You can set-up your own service like this;\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You will need a webserver that can run PHP, and you need a DNS service that allows you to manually add records.\u003C\u002Fli>\n\u003Cli>You will need three webspaces, for example; ipv4.myservice.com, ipv6.myservice.com and dual-stack.myservice.com.\n\u003Cul>\n\u003Cli>You could use the same webspace for all three, but you will still need three subdomains on the service.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>For the ipv4 subdomain, ONLY register an A record, pointing to the webserver’s IP address.\u003C\u002Fli>\n\u003Cli>For the ipv6 subdomain, ONLY register an AAAA record, pointing to the webserver’s IPv6 address.\u003C\u002Fli>\n\u003Cli>For the dual-stack subdomain, register both an A and an AAAA record, pointing to the webserver’s IP addresses.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Create a file called \u003Ccode>index.php\u003C\u002Fcode> in each of the webspaces with the following content:\u003C\u002Fp>\n\u003Cp>\u003Ccode>php\u003Cbr \u002F>\n\u003C?php\u003Cbr \u002F>\nheader('Content-Type: text\u002Fplain');\u003Cbr \u002F>\nprint $_SERVER['REMOTE_ADDR'];\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>That’s it. You can now use these services in the plugin settings like this;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`php\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>add_filter(‘acato_email_essentials_ip_services’, ‘my_custom_ip_services’);\u003Cbr \u002F>\nfunction my_custom_ip_services($services) {\u003Cbr \u002F>\n    \u002F\u002F Add your custom services here\u003Cbr \u002F>\n    $services[‘ipv4’] = ‘https:\u002F\u002Fipv4.myservice.com’;\u003Cbr \u002F>\n    $services[‘ipv6’] = ‘https:\u002F\u002Fipv6.myservice.com’;\u003Cbr \u002F>\n    $services[‘dual-stack’] = ‘https:\u002F\u002Fdual-stack.myservice.com’;\u003Cbr \u002F>\n    return $services;\u003Cbr \u002F>\n}\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_ip_service\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$service\u003C\u002Fcode> The URL of the IP service for the given type.\u003Cbr \u002F>\n– (string) \u003Ccode>$type\u003C\u002Fcode> The type of IP service (‘ipv4’, ‘ipv6’, or ‘dual-stack’).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (altered) IP service URL.\u003C\u002Fp>\n\u003Cp>Filter to modify individual IP service URLs based on type.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_website_root_path\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$path\u003C\u002Fcode> The current website root path.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (possibly altered) website root path.\u003C\u002Fp>\n\u003Cp>Filter to supply the correct website root path in case of non-standard setups.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_development_tlds\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$tlds\u003C\u002Fcode> Array of top-level domains considered as development environments.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The (altered) array of development TLDs.\u003C\u002Fp>\n\u003Cp>Filter to modify which TLDs are treated as development\u002Flocal environments. Default values are ‘local’ and ‘test’.\u003C\u002Fp>\n\u003Ch3>Scripts\u002Fstyles\u003C\u002Fh3>\n\u003Cp>In the \u003Ccode>public\u002Fscripts\u003C\u002Fcode> and \u003Ccode>public\u002Fstyles\u003C\u002Fcode> folder you find the JS and CSS files used in the plugin admin area.\u003Cbr \u002F>\nThese files are processed with Webpack, just so it works in all recent browsers. Script is nearly identical to the source.\u003C\u002Fp>\n\u003Cp>You can find the source files in the \u003Ccode>src\u002Fscripts\u003C\u002Fcode> and \u003Ccode>src\u002Fstyles\u003C\u002Fcode> folders.\u003C\u002Fp>\n\u003Cp>If you feel the need to modify these files, you can change them there, and run \u003Ccode>npm install ; npm run build\u003C\u002Fcode> to create the production files.\u003C\u002Fp>\n\u003Ch3>Translation files\u003C\u002Fh3>\n\u003Cp>You can use \u003Ccode>npm run i18n\u003C\u002Fcode> to generate the POT file for translation, update the PO files in the \u003Ccode>languages\u003C\u002Fcode> folder, and compile to MO\u002Fphp files.\u003Cbr \u002F>\nThis is a one-task-does-all; run it, change the translations, run it again. Done.\u003Cbr \u002F>\nSee package.json for more details or individual commands.\u003C\u002Fp>\n\u003Ch3>Tools\u003C\u002Fh3>\n\u003Cp>In the \u003Ccode>tools\u003C\u002Fcode> folder you will find a script to generate DKIM keys, should you want to use DKIM signing.\u003Cbr \u002F>\nrename to remove the .txt extension and run it in a shell.\u003C\u002Fp>\n\u003Cp>Tools are provided as-is, without support. Use at your own risk. Read the scripts before using them.\u003C\u002Fp>\n\u003Cp>You DO NOT HAVE TO USE these scripts, you can generate DKIM keys with any tool you like.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>For advanced configuration and custom IP services, see the plugin documentation or source code.\u003C\u002Fp>\n","A plugin to make WordPress outgoing emails better and less likely to be marked as spam.",40,146,"2026-03-03T12:44:00.000Z","6.9.4","5.6",[4,20,22,72,73],"smime","smtp","https:\u002F\u002Fgithub.com\u002Facato-plugins\u002Femail-essentials","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-essentials.6.0.3.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":27,"downloaded":84,"rating":27,"num_ratings":27,"last_updated":85,"tested_up_to":69,"requires_at_least":86,"requires_php":18,"tags":87,"homepage":85,"download_link":90,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":91},"dmarcreport-domain-auth-checker","DMARCREPORT Domain Auth Checker","1.7.2","DuoCircle LLC","https:\u002F\u002Fprofiles.wordpress.org\u002Fduocircle\u002F","\u003Cp>DMARCREPORT Domain Auth Checker lets you embed interactive email authentication record checkers on any WordPress page or post using a simple shortcode. All DNS lookups run locally through PHP’s native \u003Ccode>dns_get_record()\u003C\u002Fcode> function. The MTA-STS checker also fetches the domain’s MTA-STS policy file over HTTPS (see External Services below).\u003C\u002Fp>\n\u003Ch4>SPF Checker\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Analyze SPF records for any domain\u003C\u002Fli>\n\u003Cli>Monitor DNS lookup count (RFC 7208 limit of 10)\u003C\u002Fli>\n\u003Cli>View SPF record structure in an interactive tree\u003C\u002Fli>\n\u003Cli>Per-mechanism lookup count breakdown\u003C\u002Fli>\n\u003Cli>Health status indicator (Good \u002F At Limit \u002F Critical)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>DMARC Checker\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Analyze DMARC policies and configuration\u003C\u002Fli>\n\u003Cli>Interactive DMARC record builder\u003C\u002Fli>\n\u003Cli>Tag parsing with descriptions\u003C\u002Fli>\n\u003Cli>DKIM and SPF alignment checks\u003C\u002Fli>\n\u003Cli>Reporting configuration (rua\u002Fruf) verification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>TLS-RPT Checker\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Check SMTP TLS Reporting configuration\u003C\u002Fli>\n\u003Cli>Validate mailto: and https: reporting endpoints\u003C\u002Fli>\n\u003Cli>Health scoring for TLS-RPT setup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BIMI Checker\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Verify Brand Indicators for Message Identification setup\u003C\u002Fli>\n\u003Cli>Visual logo preview\u003C\u002Fli>\n\u003Cli>VMC (Verified Mark Certificate) detection\u003C\u002Fli>\n\u003Cli>Custom selector support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>MTA-STS Checker\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Verify MTA-STS DNS TXT record\u003C\u002Fli>\n\u003Cli>Fetch and parse the MTA-STS policy file\u003C\u002Fli>\n\u003Cli>Mode detection (enforce\u002Ftesting\u002Fnone)\u003C\u002Fli>\n\u003Cli>MX host listing from policy\u003C\u002Fli>\n\u003Cli>Max age analysis\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Common Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Copy to clipboard for domains and record values\u003C\u002Fli>\n\u003Cli>Fully responsive design (desktop and mobile)\u003C\u002Fli>\n\u003Cli>URL deep linking — share results via \u003Ccode>?domain=example.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Visual health indicators for all checkers\u003C\u002Fli>\n\u003Cli>Powered by dmarcreport.com watermark\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Use the \u003Ccode>[dmarcreport_domain_auth_checker]\u003C\u002Fcode> shortcode with the \u003Ccode>type\u003C\u002Fcode> attribute:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>SPF\u003C\u002Fstrong> (default): \u003Ccode>[dmarcreport_domain_auth_checker]\u003C\u002Fcode> or \u003Ccode>[dmarcreport_domain_auth_checker type=\"spf\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DMARC\u003C\u002Fstrong>: \u003Ccode>[dmarcreport_domain_auth_checker type=\"dmarc\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>TLS-RPT\u003C\u002Fstrong>: \u003Ccode>[dmarcreport_domain_auth_checker type=\"tlsrpt\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>BIMI\u003C\u002Fstrong>: \u003Ccode>[dmarcreport_domain_auth_checker type=\"bimi\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MTA-STS\u003C\u002Fstrong>: \u003Ccode>[dmarcreport_domain_auth_checker type=\"mta-sts\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All checkers support the \u003Ccode>?domain=example.com\u003C\u002Fcode> URL parameter for deep linking and auto-analysis.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin performs DNS lookups and, for the MTA-STS checker, an HTTPS request to the domain being analyzed. No data is sent to any third-party API or service operated by the plugin author.\u003C\u002Fp>\n\u003Ch4>DNS lookups\u003C\u002Fh4>\n\u003Cp>When a user submits a domain for analysis, the plugin uses PHP’s built-in \u003Ccode>dns_get_record()\u003C\u002Fcode> function to query DNS records directly from your WordPress server. The domain name entered by the user is sent as a standard DNS query. This happens each time a user clicks the analyze button for any checker (SPF, DMARC, TLS-RPT, BIMI, or MTA-STS).\u003C\u002Fp>\n\u003Cp>DNS lookups are handled by your server’s configured DNS resolver and are not routed through any external API.\u003C\u002Fp>\n\u003Ch4>MTA-STS policy file fetch\u003C\u002Fh4>\n\u003Cp>The MTA-STS checker fetches the domain’s MTA-STS policy file by making an HTTPS GET request to:\u003Cbr \u002F>\n    https:\u002F\u002Fmta-sts.{domain}\u002F.well-known\u002Fmta-sts.txt\u003C\u002Fp>\n\u003Cp>This request is sent to the web server of the domain being analyzed (not to a third-party service). It is made each time a user analyzes a domain using the MTA-STS checker. Only the HTTP request itself is sent — no additional user data, cookies, or tracking information is included.\u003C\u002Fp>\n\u003Cp>Since this request goes directly to the analyzed domain’s own web server, there is no third-party service provider with separate terms of use or privacy policy. The connection uses HTTPS with SSL verification enabled.\u003C\u002Fp>\n\u003Ch4>Outbound links\u003C\u002Fh4>\n\u003Cp>The plugin includes links to \u003Ca href=\"https:\u002F\u002Fdmarcreport.com\" rel=\"nofollow ugc\">dmarcreport.com\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fautospf.com\" rel=\"nofollow ugc\">autospf.com\u003C\u002Fa> (services by the plugin author, DuoCircle). These appear as “Powered by” watermarks and pricing call-to-action buttons within the checker interface. They are standard hyperlinks that open in a new browser tab when clicked by the user — no data is sent to these sites automatically by the plugin.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdmarcreport.com\u002Fterms-and-conditions\u002F\" rel=\"nofollow ugc\">dmarcreport.com Terms and Conditions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdmarcreport.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">dmarcreport.com Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fautospf.com\u002Fterms-and-conditions\u002F\" rel=\"nofollow ugc\">autospf.com Terms and Conditions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fautospf.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">autospf.com Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Check SPF, DMARC, BIMI, MTA-STS and TLS-RPT records for any domain. Embed email authentication checkers with a shortcode.",111,"","5.0",[88,21,53,89,23],"bimi","mta-sts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdmarcreport-domain-auth-checker.1.7.2.zip","2026-03-15T10:48:56.248Z",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":35,"num_ratings":102,"last_updated":103,"tested_up_to":69,"requires_at_least":104,"requires_php":18,"tags":105,"homepage":108,"download_link":109,"security_score":110,"vuln_count":111,"unpatched_count":27,"last_vuln_date":112,"fetched_at":29},"wp-mail-logging","WP Mail Logging","1.16.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>WP Mail Logging is the most popular plugin for logging emails sent from your WordPress site. Simply activate it and it will work immediately, no extra configuration is needed.\u003C\u002Fp>\n\u003Ch3>Are your WordPress emails not being sent or delivered?\u003C\u002Fh3>\n\u003Cp>Use this plugin to log all outgoing emails from your WordPress site. If there are any errors when sending the email from your site, our email logs will catch that error and display it to you.\u003C\u002Fp>\n\u003Cp>This will allow you to debug and fix your email sending issue.\u003C\u002Fp>\n\u003Ch3>Did a client not receive your email?\u003C\u002Fh3>\n\u003Cp>Our email logs allow you to resend any email that was sent from your site. No more lost emails!\u003C\u002Fp>\n\u003Ch3>Do you just want to keep a record of all emails sent from your site?\u003C\u002Fh3>\n\u003Cp>By default, WordPress and your web host do not log, store or keep track of emails sent from your website.\u003C\u002Fp>\n\u003Cp>This plugin will allow you to do just that. Our email logs will store every email that is sent from your WordPress site.\u003C\u002Fp>\n\u003Cp>You can search and view a particular email log, inspect its content or attachments, and even resend that email.\u003C\u002Fp>\n\u003Ch3>What email information is logged?\u003C\u002Fh3>\n\u003Cp>All emails sent from your WordPress site are logged. And here is the information that is stored:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email Subject\u003C\u002Fli>\n\u003Cli>Email Content (HTML or text)\u003C\u002Fli>\n\u003Cli>Email Attachments\u003C\u002Fli>\n\u003Cli>Email Headers (to, from, reply-to, cc, bcc, …)\u003C\u002Fli>\n\u003Cli>Error Message (in case there was an error while attempting to send the email)\u003C\u002Fli>\n\u003Cli>IP Address of originating server (can be enabled in the settings)\u003C\u002Fli>\n\u003Cli>Date and Time of the email\u003C\u002Fli>\n\u003Cli>Receiver (the TO email address)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why are my logged emails still not delivered to the inbox?\u003C\u002Fh3>\n\u003Cp>There are a lot of steps that emails have to make in order to be delivered to the recipient’s inbox.\u003C\u002Fp>\n\u003Cp>When your WordPress site sends an email, there’s no guarantee it will be delivered.\u003C\u002Fp>\n\u003Cp>This is what the email’s journey looks like:\u003C\u002Fp>\n\u003Col>\n\u003Cli>WordPress creates an email\u003C\u002Fli>\n\u003Cli>WordPress passes the email to your website host and that email gets logged by our plugin\u003C\u002Fli>\n\u003Cli>The host server takes the email and sends it (SMTP or Mail Transfer Agent)\u003C\u002Fli>\n\u003Cli>Recipient server receives or blocks the email\u003C\u002Fli>\n\u003Cli>If the email is accepted, the spam filter decides if it goes to the inbox or the spam folder\u003C\u002Fli>\n\u003Cli>Recipients see the email and might open it.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This plugin does not track delivery after step 2.\u003C\u002Fp>\n\u003Cp>If you have deliverability issues, we suggest installing the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>WP Mail SMTP fixes WordPress email deliverability problems, you can choose between 12 email providers (Gmail, Outlook, SendLayer, Mailgun, …) to resolve your email sending issue and it’s super easy to set up. WP Mail SMTP is trusted by more than 3 million websites.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The plugin was created and launched in 2014 by \u003Ca href=\"https:\u002F\u002Fno3x.de\u002F\" rel=\"nofollow ugc\">Christian Zöller\u003C\u002Fa>.\u003C\u002Fp>\n","Log, view, and resend all emails sent from your WordPress site. Great for resolving email sending issues or keeping a copy for auditing.",300000,4360548,349,"2026-02-19T07:13:00.000Z","5.3",[4,22,106,73,107],"email-log","spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-logging\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mail-logging.1.16.0.zip",89,6,"2026-02-27 17:58:35",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":26,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":86,"requires_php":18,"tags":126,"homepage":129,"download_link":130,"security_score":131,"vuln_count":33,"unpatched_count":27,"last_vuln_date":132,"fetched_at":29},"mail-control","Mail Control – Email Customizer, SMTP Deliverability, logging, open and click Tracking","0.3.9","Rahal Aboulfeth","https:\u002F\u002Fprofiles.wordpress.org\u002Frahalaboulfeth\u002F","\u003Cp>Design and customize your emails using WordPress native customizer (compatible with WooCommerce), control your SMTP email deliverability, track your emails clicks and openings (reads), and allow defering the emails as a background process to speed up your pages.\u003C\u002Fp>\n\u003Cp>With Mail Control, you will have a better control over how your emails are handled by wordpress (and WooCommerce) from email design and customization to smtp delivery and click tracking.\u003C\u002Fp>\n\u003Ch3>Email Designer using WordPress native customizer\u003C\u002Fh3>\n\u003Cp>Design beautiful emails using the WooCommerce compatible Email Customizer. The UI provided by WordPress Native Customizer makes it easy to customize the look and feel of your emails.\u003C\u002Fp>\n\u003Ch3>Tracking and logging emails opening and clicks\u003C\u002Fh3>\n\u003Cp>This will allow you to optimize how you craft your emails content and get the better of your email marketing.\u003C\u002Fp>\n\u003Ch3>Sending Emails via an SMTP server\u003C\u002Fh3>\n\u003Cp>For a better deliverability for your emails, Mail Control lets you setup easily you favorite SMTP server.\u003C\u002Fp>\n\u003Ch3>Testing Email Deliverability of your SMTP server\u003C\u002Fh3>\n\u003Cp>Help you make sure your smtp servers checks all the requierements for the perfect deliverability by testing your SFP, DKIM and DMARC setup (and more on this to come).\u003C\u002Fp>\n\u003Ch3>Sending the emails by a background process to speed up your pages\u003C\u002Fh3>\n\u003Cp>No more page timeout because the smtp server take too much time to respond, defer your emails and let a cronjob take care of sending your emails in a separate process.\u003C\u002Fp>\n\u003Ch3>Having a log of all the emails sent (or failed) by wordpress\u003C\u002Fh3>\n\u003Cp>You can find all the emails handled by wordpress (or still in the queue), and resend them if needed.\u003C\u002Fp>\n\u003Ch3>More features and documentation coming\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpmailcontrol.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Mail Control Online Documentation\u003C\u002Fa> writing is in progress.\u003C\u002Fp>\n","Design and customize email templates, control your SMTP email deliverability, track your emails clicks and openings, and send them as background task.",60,2305,4,"2025-03-22T17:45:00.000Z","6.7.5",[22,127,128,106,73],"email-customizer","email-deliverability","https:\u002F\u002Fwww.wpmailcontrol.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmail-control.0.3.9.zip",91,"2023-07-10 00:00:00",{"attackSurface":134,"codeSignals":180,"taintFlows":227,"riskAssessment":228,"analyzedAt":239},{"hooks":135,"ajaxHandlers":176,"restRoutes":177,"shortcodes":178,"cronEvents":179,"entryPointCount":27,"unprotectedCount":27},[136,142,146,149,153,157,161,167,172],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_menu","register_menu","index.php",29,{"type":137,"name":143,"callback":144,"file":140,"line":145},"admin_init","configure_admin_pages",31,{"type":137,"name":143,"callback":147,"file":140,"line":148},"handle_callback",33,{"type":137,"name":150,"callback":151,"file":140,"line":152},"plugins_loaded","load_translations",35,{"type":137,"name":154,"callback":155,"file":140,"line":156},"phpmailer_init","overwrite_phpmailer",37,{"type":137,"name":158,"callback":159,"file":140,"line":160},"td\u002Fphpmailer-presend","append_dkim_signature",39,{"type":162,"name":163,"callback":164,"file":165,"line":166},"filter","wp_mail_from","anonymous","src\\EmailDomainProvider.php",19,{"type":137,"name":168,"callback":169,"file":170,"line":171},"admin_notices","render","src\\Plugin\\Configurer.php",170,{"type":162,"name":173,"callback":174,"file":170,"line":175},"plugin_action_links_deliverability\u002Findex.php","addCustomLinks",172,[],[],[],[],{"dangerousFunctions":181,"sqlUsage":192,"outputEscaping":194,"fileOperations":217,"externalRequests":218,"nonceChecks":219,"capabilityChecks":196,"bundledLibraries":220},[182,187],{"fn":183,"file":184,"line":185,"context":186},"proc_open","vendor-prefixed\\psr-4\\Monolog\\Handler\\ProcessHandler.php",116,"$this->process = proc_open($this->command, static::DESCRIPTOR_SPEC, $this->pipes, $this->cwd);",{"fn":188,"file":189,"line":190,"context":191},"unserialize","vendor-prefixed\\psr-4\\Twig\\Profiler\\Profile.php",163,"$this->__unserialize(unserialize($data));",{"prepared":27,"raw":27,"locations":193},[],{"escaped":195,"rawEcho":196,"locations":197},3,7,[198,202,205,207,209,212,215],{"file":199,"line":200,"context":201},"vendor-prefixed\\psr-4\\Monolog\\Handler\\BrowserConsoleHandler.php",128,"raw output",{"file":203,"line":204,"context":201},"vendor-prefixed\\psr-4\\Twig\\Template.php",133,{"file":203,"line":206,"context":201},151,{"file":203,"line":208,"context":201},328,{"file":210,"line":211,"context":201},"vendor-prefixed\\psr-4\\Twig\\TemplateWrapper.php",70,{"file":213,"line":214,"context":201},"vendor-prefixed\\psr-4\\Twig\\Test\\IntegrationTestCase.php",244,{"file":213,"line":216,"context":201},245,45,14,2,[221,224],{"name":222,"version":28,"knownCves":223},"PHPMailer",[],{"name":225,"version":28,"knownCves":226},"Guzzle",[],[],{"summary":229,"deductions":230},"The \"deliverability\" plugin v1.8.0 exhibits a generally good security posture with zero known CVEs and no recorded vulnerabilities. The static analysis shows a remarkably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, which is a significant strength.  Furthermore, all SQL queries utilize prepared statements, a crucial security measure.  However, the presence of dangerous functions like `proc_open` and `unserialize` raises concerns, as these can be leveraged in vulnerabilities if not handled with extreme care and proper sanitization. The limited output escaping (30%) is another area that warrants attention, as unescaped output can lead to Cross-Site Scripting (XSS) vulnerabilities.\n\nThe plugin's vulnerability history is clean, suggesting a diligent development team or perhaps limited exposure. However, the absence of vulnerabilities does not negate the risks identified in the code analysis. The use of `unserialize` is particularly concerning as it can lead to Remote Code Execution (RCE) if untrusted data is deserialized. While the taint analysis shows no current flows with unsanitized paths, the potential for exploitation exists given the presence of these dangerous functions. In conclusion, the plugin benefits from a minimal attack surface and secure database practices, but the use of dangerous functions and insufficient output escaping represent key areas for improvement to further enhance its security.",[231,234,236],{"reason":232,"points":233},"Presence of 'unserialize' function",8,{"reason":235,"points":196},"Presence of 'proc_open' function",{"reason":237,"points":238},"Low percentage of properly escaped output",5,"2026-03-16T19:17:36.693Z",{"wat":241,"direct":250},{"assetPaths":242,"generatorPatterns":245,"scriptPaths":246,"versionParams":247},[243,244],"\u002Fwp-content\u002Fplugins\u002Fdeliverability\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fdeliverability\u002Fassets\u002Fjs\u002Fadmin.js",[],[244],[248,249],"deliverability\u002Fassets\u002Fcss\u002Fadmin.css?ver=","deliverability\u002Fassets\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":251,"htmlComments":253,"htmlAttributes":254,"restEndpoints":256,"jsGlobals":257,"shortcodeOutput":259},[252],"top-deliverability-admin-page",[],[255],"data-td-plugin-version=\"1.8.0\"",[],[258],"window.topDeliverabilityAdmin",[]]