WP-Safety

Email Validator for WooCommerce Security & Risk Analysis

wordpress.org/plugins/email-domain-validator-for-woocommerce

Email Domain Validator for WooCommerce an easy tool for prevent fake orders.

0 active installs v1.0 PHP 5.6+ WP 4.4+ Updated Nov 18, 2019
emailspamvalidatorwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Email Validator for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Email Validator for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "email-domain-validator-for-woocommerce" plugin v1.0 exhibits a mixed security posture. On the positive side, its code signals indicate good practices regarding SQL query safety and output escaping, with a high percentage of outputs being properly escaped and all SQL queries using prepared statements. The absence of known CVEs and a clean vulnerability history suggests a generally stable and well-maintained codebase. However, the plugin's attack surface presents significant concerns. It has two AJAX handlers, both of which lack authentication checks. This is a critical oversight, as it exposes these entry points to any user, including unauthenticated visitors, who could potentially exploit them. Furthermore, the taint analysis reveals two flows with unsanitized paths, which, while not classified as critical or high severity, still represent potential avenues for injection or unexpected behavior if not handled with sufficient user input validation. The absence of nonce checks on AJAX handlers, coupled with the lack of capability checks, amplifies the risk associated with these unprotected entry points.

Key Concerns

  • 2 unprotected AJAX handlers
  • 2 flows with unsanitized paths
  • 0 Nonce checks on AJAX handlers
  • 0 Capability checks
Vulnerabilities
None known

Email Validator for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Email Validator for WooCommerce Release Timeline

v1.0Current
Code Analysis
Analyzed Apr 16, 2026

Email Validator for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
48 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

92% escaped52 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
hs_ev_save (hs-ev.php:90)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Email Validator for WooCommerce Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_hs_subscribe_tipshs-ev.php:184
authwp_ajax_no_priv_hs_subscribe_tipshs-ev.php:185
WordPress Hooks 9
actionadmin_noticeshs-ev.php:26
actionwoocommerce_get_sections_emailhs-ev.php:47
actionwoocommerce_settings_tabs_emailhs-ev.php:60
actionwoocommerce_settings_savedhs-ev.php:84
actionwoocommerce_checkout_processhs-ev.php:99
actionadmin_menuhs-ev.php:130
filteradmin_footer_texths-ev.php:145
actionadmin_noticeshs-ev.php:154
actionadmin_enqueue_scriptshs-ev.php:177
Maintenance & Trust

Email Validator for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedNov 18, 2019
PHP min version5.6
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Email Validator for WooCommerce Alternatives

Customer Email Verification for WooCommerce

Customer Email Verification for WooCommerce

customer-email-verification-for-woocommerce

A
100

Secure WooCommerce registrations with OTP-based email verification, reducing spam and ensuring only valid email addresses are used.

2K No CVEs
Reoon Email Verifier

Reoon Email Verifier

reoon-email-verifier

A
99

Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.

600 1 CVE
Email and Domain Blocker for WooCommerce

Email and Domain Blocker for WooCommerce

email-and-domain-blocker

A
100

Block emails or domains from WooCommerce and WordPress signups. Supports wildcards, disposable email blocking, bulk import, CSV export, and logs.

300 No CVEs
EmailVerify.io

EmailVerify.io

emailverify

A
100

Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.

0 No CVEs
Unelma Email Verification with SnapValid

Unelma Email Verification with SnapValid

unelma-email-verification-snapvalid

A
100

🚀 Transform Your Email Quality with Real-Time Validation Tired of fake emails, spam signups, and invalid customers? Unelma Email Verification with S …

0 No CVEs
Developer Profile

Email Validator for WooCommerce Developer Profile

UltiWP

4 plugins · 90 total installs

86
trust score
Avg Security Score
89/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Email Validator for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/email-domain-validator-for-woocommerce/assets/css/hs_ev.css/wp-content/plugins/email-domain-validator-for-woocommerce/assets/js/hs_ev.js
Script Paths
/wp-content/plugins/email-domain-validator-for-woocommerce/assets/js/hs_ev.js
Version Parameters
/wp-content/plugins/email-domain-validator-for-woocommerce/assets/css/hs_ev.css?ver=/wp-content/plugins/email-domain-validator-for-woocommerce/assets/js/hs_ev.js?ver=

HTML / DOM Fingerprints

CSS Classes
hs_tips
Data Attributes
id="plug-logo"id="hs-subscribe-loader"id="hs-subscribe"id="hs-dismiss"id="hs_email"
JS Globals
HS_EV_PLUGIN_URL
REST Endpoints
/wp-json/services/v1/subscriptions
FAQ

Frequently Asked Questions about Email Validator for WooCommerce