Does Email Customizer for WPForms have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Email Customizer for WPForms compatible with WordPress 6.9.4?

According to WordPress.org data, Email Customizer for WPForms 1.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Email Customizer for WPForms updated?

Email Customizer for WPForms was last updated on Nov 28, 2025. Frequent updates are generally a positive security signal.

What is Email Customizer for WPForms's security score?

Email Customizer for WPForms has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Email Customizer for WPForms Security & Risk Analysis

wordpress.org/plugins/email-customizer-for-wpforms

Allows you to customize notification emails WPForms with a drag-and-drop editor, add logos, branding colors, and CSS support for a polished design.

70 active installs v1.0.2 PHP + WP 2.5+ Updated Nov 28, 2025

emailemail-builderemail-templatewpformswpforms-email

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Email Customizer for WPForms Safe to Use in 2026?

Generally Safe

Score 100/100

Email Customizer for WPForms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The "email-customizer-for-wpforms" v1.0.2 plugin exhibits a generally strong security posture based on the provided static analysis. It demonstrates good practices by implementing nonce checks and capability checks for its single AJAX entry point, and all SQL queries are secured with prepared statements. The vast majority of its output is properly escaped, and there are no identified critical or high-severity taint flows. This indicates a proactive approach to preventing common web vulnerabilities within its code.

However, a minor concern arises from the presence of file operations and external HTTP requests. While not inherently insecure, these functionalities can introduce vulnerabilities if not handled with extreme care, especially regarding user-supplied input. The plugin's lack of recorded vulnerabilities in its history is a positive indicator, suggesting a history of secure development. Overall, the plugin appears to be well-developed from a security standpoint, with minimal apparent risks, but continued vigilance with file and network operations is advised.

Key Concerns

File operations present, requires careful handling
External HTTP requests present, requires careful handling

Vulnerabilities

None known

Email Customizer for WPForms Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Email Customizer for WPForms Release Timeline

v1.0.2Current

v1.0.1

Code Analysis

Analyzed Mar 16, 2026

Email Customizer for WPForms Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

41 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped42 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<processing> (backend\processing.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Email Customizer for WPForms Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_yeekit_dismiss_notyyeekit\document.php:13

WordPress Hooks 15

filteryeemail_wpforms_messagebackend\processing.php:9

actionyeemail_header_builderbackend\processing.php:10

actionsave_post_yeemail_templatebackend\processing.php:11

filteryeemail_shortcodesbackend\processing.php:12

filteryeemail_wpforms_settingsbackend\processing.php:13

actionadmin_menuyeekit\document.php:10

actionadmin_enqueue_scriptsyeekit\document.php:11

filterfluentform_global_addonsyeekit\document.php:12

actionadmin_noticesyeekit\document.php:14

actionelementor/element/form/section_form_options/after_section_endyeekit\document.php:15

actionadmin_inityeekit\document.php:17

actionelementor/editor/after_enqueue_stylesyeekit\document.php:19

filterhttp_responseyeekit\document.php:208

actionplugins_loadedyeemail-for-wpforms.php:18

actionadmin_noticesyeemail-for-wpforms.php:40

Maintenance & Trust

Email Customizer for WPForms Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 28, 2025

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs70

Alternatives

Email Customizer for WPForms Alternatives

EmailKit – Email Customizer for WooCommerce & WP

emailkit

EmailKit is a powerful WordPress and WooCommerce email customizer tool, free for everyone! It allows users to customize and design templates that show …

70K 5 CVEs

YayMail – WooCommerce Email Customizer

yaymail

Customize WooCommerce email templates with an advanced drag-and-drop email builder. Works great with 80+ WooCommerce Email Customizer Addons.

50K 7 CVEs

YeeMail — Email Template Builder & Customizer

yeemail

Make an impression with your customers and represent your brand well by customizing the design and content of your email

600 1 CVE

Email customizer and designer for woocommerce

email-customizer-and-designer-for-woocommerce

100

If you tired of default email templates of WooCommerce and you are looking for a way to customize WooCommerce emails. Email Customizer for WooCommerce …

100 No CVEs

Kadence WooCommerce Email Designer

kadence-woocommerce-email-designer

Customize the default WooCommerce email templates design and text through the native WordPress customizer. Preview emails and send test emails.

100K 5 CVEs

Developer Profile

Email Customizer for WPForms Developer Profile

add-ons.org

59 plugins · 26K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

48 days

View full developer profile

Detection Fingerprints

How We Detect Email Customizer for WPForms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/email-customizer-for-wpforms/yeekit/assets/css/style.css/wp-content/plugins/email-customizer-for-wpforms/yeekit/assets/js/yeekit-admin.js/wp-content/plugins/email-customizer-for-wpforms/yeekit/assets/js/yeekit.js

Script Paths

/wp-content/plugins/email-customizer-for-wpforms/yeekit/assets/js/yeekit-admin.js/wp-content/plugins/email-customizer-for-wpforms/yeekit/assets/js/yeekit.js

Version Parameters

email-customizer-for-wpforms/yeekit/assets/css/style.css?ver=email-customizer-for-wpforms/yeekit/assets/js/yeekit-admin.js?ver=email-customizer-for-wpforms/yeekit/assets/js/yeekit.js?ver=

HTML / DOM Fingerprints

CSS Classes

yeekit_addons_listyeekit_addons_list liyee-installyee-pro

Data Attributes

data-yeekit-item-id

JS Globals

yeekit_document_addonsyeekit_document_addons_options

FAQ