Does Easy Email have any unpatched vulnerabilities?

No. All known vulnerabilities in Easy Email have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Email compatible with WordPress 6.9.4?

According to WordPress.org data, Easy Email 1.0.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Easy Email compatible with PHP 7.4+?

Easy Email requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Easy Email updated?

Easy Email was last updated on Feb 9, 2026. Frequent updates are generally a positive security signal.

What is Easy Email's security score?

Easy Email has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Email Security & Risk Analysis

wordpress.org/plugins/easy-email

The easy way to fix WordPress emails not sending or going to spam. Setup on only takes a few minutes.

10 active installs v1.0.4 PHP 7.4+ WP 6.4+ Updated Feb 9, 2026

administrationemail-going-to-spamemail-not-workingemailsorder-notifications

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Easy Email Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Email has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'easy-email' v1.0.4 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any identified vulnerabilities in its history, coupled with a clean taint analysis and the secure handling of its limited attack surface (no AJAX, REST API, shortcodes, or cron events), suggests diligent development practices regarding common WordPress attack vectors. Furthermore, the plugin effectively utilizes prepared statements for SQL queries and shows a high percentage of properly escaped output, mitigating risks of SQL injection and XSS respectively.

However, a few areas warrant attention. The presence of an external HTTP request, while only one, can represent a potential attack vector if not handled securely, as it could be exploited for SSRF or other vulnerabilities. The lack of capability checks on any entry points (though there are none identified, this is a general concern if entry points were to be added) means that if any new entry points were introduced without proper authorization checks, they could be accessible to unauthenticated users. While the plugin has no known CVEs and a clean history, this doesn't guarantee future safety. Continuous monitoring and adherence to secure coding practices, especially for external requests, remain crucial.

Key Concerns

External HTTP request present
No capability checks on entry points

Vulnerabilities

None known

Easy Email Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Easy Email Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

92% escaped25 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

maybe_handle_connect (classes\plugin.php:168)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Easy Email Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

filterwp_mail_fromclasses\plugin.php:36

filterplugin_action_links_easy-email/easy-email.phpclasses\plugin.php:37

actionphpmailer_initclasses\plugin.php:42

actionadmin_initclasses\plugin.php:43

actionadmin_noticesclasses\plugin.php:44

filteradmin_body_classclasses\ui.php:23

actionadmin_menuclasses\ui.php:25

actionadmin_enqueue_scriptsclasses\ui.php:26

Maintenance & Trust

Easy Email Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 9, 2026

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Easy Email Alternatives

Vibe BuddyPress Mails via WPMail

vibe-buddypress-to-wp-mail-fix

100

Send BuddyPress HTML Emails via WordPress Mail system.

80 No CVEs

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs

LightStart – Maintenance Mode, Coming Soon and Landing Page Builder

wp-maintenance-mode

Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.

500K 6 CVEs

Adminimize

adminimize

Adminimize that lets you hide 'unnecessary' items from the WordPress backend

200K 2 CVEs

YayMail – WooCommerce Email Customizer

yaymail

Customize WooCommerce email templates with an advanced drag-and-drop email builder. Works great with 80+ WooCommerce Email Customizer Addons.

50K 4 CVEs

Developer Profile

Easy Email Developer Profile

wickedplugins

4 plugins · 21K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

353 days

View full developer profile

Detection Fingerprints

How We Detect Easy Email

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-email/assets/js/confetti.js/wp-content/plugins/easy-email/assets/css/style.css

Script Paths

/wp-content/plugins/easy-email/assets/js/confetti.js

Version Parameters

easy-email/assets/js/confetti.js?ver=easy-email/assets/css/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

ee-connect

Data Attributes

data-nonce-value

FAQ