[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwysOsOKsCYtNpzDohrMixYI8EsF99KfwMiXrAsjE7n8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":136,"fingerprints":240},"email-essentials","Email Essentials","6.0.3","Acato","https:\u002F\u002Fprofiles.wordpress.org\u002Facato\u002F","\u003Cp>Email Essentials vastly reduces the chances of your emails being marked as spam or being rejected. Originally a debugging tool, it has grown into a full-fledged email enhancement plugin.\u003C\u002Fp>\n\u003Cp>Please note that this plugin is not a “we support any type of transport” Email plugin. For other protocols than SMTP, but rather to enhance the email sending capabilities of WordPress.\u003Cbr \u002F>\nIf you need to send emails with other protocols than SMTP, this plugin is not for you. You might want to look at plugins like Post SMTP (not affiliated).\u003C\u002Fp>\n\u003Cp>And since version 6.0.0, after more than 10 years of development, this plugin is now a FOSS plugin, meaning it is free to use, modify and distribute under the GPLv2 license.\u003C\u002Fp>\n\u003Cp>In return, we ask you to support the development of this plugin by contributing to the codebase, reporting bugs, and helping others in the community.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Responsible disclosure:\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you find a vulnerability, please email us at \u003Ca href=\"mailto:responsibledisclosure@acato.nl\" rel=\"nofollow ugc\">responsibledisclosure@acato.nl\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Set a good From name and email address, automatically correcting it if needed. For example, a contact form is sent from the visitors email address, resulting in an invalid Sender address. This plugin will correct it to a valid email address. This plugin automatically corrects it.\u003C\u002Fli>\n\u003Cli>Correct envelope-from address; often forgotten, but important for deliverability.\u003C\u002Fli>\n\u003Cli>Reformat as HTML with plain text alternative; will detect the use of HTML ensures that emails are sent as HTML with a plain text alternative.\u003C\u002Fli>\n\u003Cli>Process shortcodes in your email content.\u003C\u002Fli>\n\u003Cli>UTF8 recoding, to ensure that special characters are correctly encoded in the email.\u003C\u002Fli>\n\u003Cli>Email Essentials allows for adding CSS, header, footer, and body template using filters, see below.\u003C\u002Fli>\n\u003Cli>Convert CSS to inline styles for better support in email clients\u003C\u002Fli>\n\u003Cli>SMTP configuration\u003C\u002Fli>\n\u003Cli>Send emails to multiple addressees as separate emails\u003C\u002Fli>\n\u003Cli>S\u002FMIME signing, using a supplied certificate, to ensure the authenticity of the email.\u003C\u002Fli>\n\u003Cli>DKIM signing, and providing all information needed to set up DKIM signing for your domain.\u003C\u002Fli>\n\u003Cli>Allow redirecting emails sent to the administrator to other email addresses based on the email subject.\u003C\u002Fli>\n\u003Cli>Allow redirecting emails sent to the moderators (e.g., for comments).\u003C\u002Fli>\n\u003Cli>Keep a history of outgoing emails (debugging, cleared on deactivation)\u003C\u002Fli>\n\u003Cli>Email receipt tracking (for investigative purposes only, see GDPR note)\u003C\u002Fli>\n\u003Cli>Re-send button for failed emails\u003C\u002Fli>\n\u003Cli>Allow sending emails delayed, to prevent sending too many emails at once. (Beta feature)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Important Note\u003C\u002Fh3>\n\u003Cp>This tool is for users who understand email delivery. If unsure, ask for help.\u003C\u002Fp>\n\u003Cp>\u003Cem>Under GDPR, storing and tracking emails is prohibited. The history feature is for investigative purposes only!\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>Email Essentials uses one external service by default, two if you create and define your own IP services.\u003C\u002Fp>\n\u003Col>\n\u003Cli>CloudFlare DNS over HTTPS (DoH). This is used to resolve domain names to IP addresses when (for example) checking SPF or DKIM records. In theory, it is possible to use PHPs own \u003Ccode>dns_get_record\u003C\u002Fcode> function, but in practice this often fails due to server DNS-resolve misconfiguration. Using CloudFlare’s DoH service ensures reliable DNS resolution. We only send the hostname (the domain part) to CloudFlare, no other data. Explicitly, we do NOT send any other information.\u003C\u002Fli>\n\u003Cli>The plugin can use an IP-address relay service to accurately determine the sender’s IP address. This is required to accurately check that the sender’s IP address is authorized to send email for the domain (SPF check). To use this, you will need to set up your own service, see documentation on filter \u003Ccode>acato_email_essentials_ip_services\u003C\u002Fcode>. Without this service, IP detection can be inaccurate because it will use the website itself as a relay. Use of a reverse proxy, load balancer etc. can lead to incorrect IP detection.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WordPress Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>acato_email_essentials_settings\u003C\u002Fcode> — Filter plugin settings.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_defaults\u003C\u002Fcode> — Filter default settings.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_subject\u003C\u002Fcode> — Filter email subject.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_body\u003C\u002Fcode> — Filter HTML body of the email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_head\u003C\u002Fcode> — Filter HEAD section of HTML email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_css\u003C\u002Fcode> — Filter CSS for the email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_minify_css\u003C\u002Fcode> — Filter CSS minification.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_is_throttled\u003C\u002Fcode> — Check if mail should be throttled.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_throttle_time_window\u003C\u002Fcode> — Set mail throttle time window.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_throttle_max_count_per_time_window\u003C\u002Fcode> — Set max emails per time window.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_mail_throttle_batch_size\u003C\u002Fcode> — Set mail batch size.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_ip_services\u003C\u002Fcode> — Define custom IP services for accurately determining the sender’s IP address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_ip_service\u003C\u002Fcode> — Filter individual IP service URLs.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_website_root_path\u003C\u002Fcode> — Filter to supply the correct website root path in case of non-standard setups.\u003C\u002Fli>\n\u003Cli>\u003Ccode>acato_email_essentials_development_tlds\u003C\u002Fcode> — Filter development\u002Flocal TLDs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WordPress Filters in detail\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Plugin Settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_settings\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$settings\u003C\u002Fcode> The current settings of the plugin.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The new settings of the plugin.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_defaults\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$defaults\u003C\u002Fcode> The current default settings of the plugin.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The new default settings of the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Email Content\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_subject\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$the_subject\u003C\u002Fcode> Subject for the email.\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (altered) Subject.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_body\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$should_be_html\u003C\u002Fcode> A text that should be html, but might not yet be, your job to make a nice HTML body.\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) A text that should be html.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_head\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$the_head_section\u003C\u002Fcode> HTML that is the HEAD section of the HTML email.\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The altered HEAD section of the HTML email.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_css\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$the_css\u003C\u002Fcode> CSS for the email (empty by default).\u003Cbr \u002F>\n– (PHPMailer) \u003Ccode>$mailer\u003C\u002Fcode> The PHPMailer object (by reference).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (altered) CSS.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_minify_css\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$css\u003C\u002Fcode> CSS to be minified.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The minified CSS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Mail Throttling\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_is_throttled\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (bool) \u003Ccode>$is_throttled\u003C\u002Fcode> Whether the mail is currently throttled.\u003Cbr \u002F>\n– (string) \u003Ccode>$ip\u003C\u002Fcode> The sender’s IP address.\u003Cbr \u002F>\n– (int) \u003Ccode>$mails_recently_sent\u003C\u002Fcode> Number of mails recently sent from this IP.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (bool) Whether the mail should be throttled.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_throttle_time_window\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (int) \u003Ccode>$time_window\u003C\u002Fcode> Time window in seconds for counting sent emails.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (int) The (altered) time window in seconds.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_throttle_max_count_per_time_window\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (int) \u003Ccode>$count\u003C\u002Fcode> Maximum number of emails allowed per time window.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (int) The (altered) maximum count.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_mail_throttle_batch_size\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (int) \u003Ccode>$size\u003C\u002Fcode> Number of emails to send in a single batch.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (int) The (altered) batch size.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IP Detection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_ip_services\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$services\u003C\u002Fcode> The current list of IP services used to determine the sender’s IP address.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The (altered) list of IP services.\u003C\u002Fp>\n\u003Cp>The services must be keyed with \u003Ccode>ipv4\u003C\u002Fcode>, \u003Ccode>ipv6\u003C\u002Fcode> and \u003Ccode>dual-stack\u003C\u002Fcode>. The values must be URLs that return the IP address in plain text.\u003Cbr \u002F>\nThe dual-stack service should return an IPv6 address if available, otherwise an IPv4 address, never both.\u003C\u002Fp>\n\u003Cp>You can set-up your own service like this;\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You will need a webserver that can run PHP, and you need a DNS service that allows you to manually add records.\u003C\u002Fli>\n\u003Cli>You will need three webspaces, for example; ipv4.myservice.com, ipv6.myservice.com and dual-stack.myservice.com.\n\u003Cul>\n\u003Cli>You could use the same webspace for all three, but you will still need three subdomains on the service.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>For the ipv4 subdomain, ONLY register an A record, pointing to the webserver’s IP address.\u003C\u002Fli>\n\u003Cli>For the ipv6 subdomain, ONLY register an AAAA record, pointing to the webserver’s IPv6 address.\u003C\u002Fli>\n\u003Cli>For the dual-stack subdomain, register both an A and an AAAA record, pointing to the webserver’s IP addresses.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Create a file called \u003Ccode>index.php\u003C\u002Fcode> in each of the webspaces with the following content:\u003C\u002Fp>\n\u003Cp>\u003Ccode>php\u003Cbr \u002F>\n\u003C?php\u003Cbr \u002F>\nheader('Content-Type: text\u002Fplain');\u003Cbr \u002F>\nprint $_SERVER['REMOTE_ADDR'];\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>That’s it. You can now use these services in the plugin settings like this;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`php\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>add_filter(‘acato_email_essentials_ip_services’, ‘my_custom_ip_services’);\u003Cbr \u002F>\nfunction my_custom_ip_services($services) {\u003Cbr \u002F>\n    \u002F\u002F Add your custom services here\u003Cbr \u002F>\n    $services[‘ipv4’] = ‘https:\u002F\u002Fipv4.myservice.com’;\u003Cbr \u002F>\n    $services[‘ipv6’] = ‘https:\u002F\u002Fipv6.myservice.com’;\u003Cbr \u002F>\n    $services[‘dual-stack’] = ‘https:\u002F\u002Fdual-stack.myservice.com’;\u003Cbr \u002F>\n    return $services;\u003Cbr \u002F>\n}\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_ip_service\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$service\u003C\u002Fcode> The URL of the IP service for the given type.\u003Cbr \u002F>\n– (string) \u003Ccode>$type\u003C\u002Fcode> The type of IP service (‘ipv4’, ‘ipv6’, or ‘dual-stack’).\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (altered) IP service URL.\u003C\u002Fp>\n\u003Cp>Filter to modify individual IP service URLs based on type.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_website_root_path\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (string) \u003Ccode>$path\u003C\u002Fcode> The current website root path.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (string) The (possibly altered) website root path.\u003C\u002Fp>\n\u003Cp>Filter to supply the correct website root path in case of non-standard setups.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acato_email_essentials_development_tlds\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Parameters:\u003Cbr \u002F>\n– (array) \u003Ccode>$tlds\u003C\u002Fcode> Array of top-level domains considered as development environments.\u003C\u002Fp>\n\u003Cp>Expected return:\u003Cbr \u002F>\n– (array) The (altered) array of development TLDs.\u003C\u002Fp>\n\u003Cp>Filter to modify which TLDs are treated as development\u002Flocal environments. Default values are ‘local’ and ‘test’.\u003C\u002Fp>\n\u003Ch3>Scripts\u002Fstyles\u003C\u002Fh3>\n\u003Cp>In the \u003Ccode>public\u002Fscripts\u003C\u002Fcode> and \u003Ccode>public\u002Fstyles\u003C\u002Fcode> folder you find the JS and CSS files used in the plugin admin area.\u003Cbr \u002F>\nThese files are processed with Webpack, just so it works in all recent browsers. Script is nearly identical to the source.\u003C\u002Fp>\n\u003Cp>You can find the source files in the \u003Ccode>src\u002Fscripts\u003C\u002Fcode> and \u003Ccode>src\u002Fstyles\u003C\u002Fcode> folders.\u003C\u002Fp>\n\u003Cp>If you feel the need to modify these files, you can change them there, and run \u003Ccode>npm install ; npm run build\u003C\u002Fcode> to create the production files.\u003C\u002Fp>\n\u003Ch3>Translation files\u003C\u002Fh3>\n\u003Cp>You can use \u003Ccode>npm run i18n\u003C\u002Fcode> to generate the POT file for translation, update the PO files in the \u003Ccode>languages\u003C\u002Fcode> folder, and compile to MO\u002Fphp files.\u003Cbr \u002F>\nThis is a one-task-does-all; run it, change the translations, run it again. Done.\u003Cbr \u002F>\nSee package.json for more details or individual commands.\u003C\u002Fp>\n\u003Ch3>Tools\u003C\u002Fh3>\n\u003Cp>In the \u003Ccode>tools\u003C\u002Fcode> folder you will find a script to generate DKIM keys, should you want to use DKIM signing.\u003Cbr \u002F>\nrename to remove the .txt extension and run it in a shell.\u003C\u002Fp>\n\u003Cp>Tools are provided as-is, without support. Use at your own risk. Read the scripts before using them.\u003C\u002Fp>\n\u003Cp>You DO NOT HAVE TO USE these scripts, you can generate DKIM keys with any tool you like.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>For advanced configuration and custom IP services, see the plugin documentation or source code.\u003C\u002Fp>\n","A plugin to make WordPress outgoing emails better and less likely to be marked as spam.",40,146,0,"2026-03-03T12:44:00.000Z","6.9.4","5.6","7.4",[19,20,21,22,23],"deliverability","dkim","email","smime","smtp","https:\u002F\u002Fgithub.com\u002Facato-plugins\u002Femail-essentials","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-essentials.6.0.3.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"acato",4,12040,97,107,77,"2026-04-04T11:38:04.707Z",[39,61,80,101,119],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":15,"requires_at_least":52,"requires_php":17,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":13,"last_vuln_date":60,"fetched_at":28},"wp-mail-logging","WP Mail Logging","1.16.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>WP Mail Logging is the most popular plugin for logging emails sent from your WordPress site. Simply activate it and it will work immediately, no extra configuration is needed.\u003C\u002Fp>\n\u003Ch3>Are your WordPress emails not being sent or delivered?\u003C\u002Fh3>\n\u003Cp>Use this plugin to log all outgoing emails from your WordPress site. If there are any errors when sending the email from your site, our email logs will catch that error and display it to you.\u003C\u002Fp>\n\u003Cp>This will allow you to debug and fix your email sending issue.\u003C\u002Fp>\n\u003Ch3>Did a client not receive your email?\u003C\u002Fh3>\n\u003Cp>Our email logs allow you to resend any email that was sent from your site. No more lost emails!\u003C\u002Fp>\n\u003Ch3>Do you just want to keep a record of all emails sent from your site?\u003C\u002Fh3>\n\u003Cp>By default, WordPress and your web host do not log, store or keep track of emails sent from your website.\u003C\u002Fp>\n\u003Cp>This plugin will allow you to do just that. Our email logs will store every email that is sent from your WordPress site.\u003C\u002Fp>\n\u003Cp>You can search and view a particular email log, inspect its content or attachments, and even resend that email.\u003C\u002Fp>\n\u003Ch3>What email information is logged?\u003C\u002Fh3>\n\u003Cp>All emails sent from your WordPress site are logged. And here is the information that is stored:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email Subject\u003C\u002Fli>\n\u003Cli>Email Content (HTML or text)\u003C\u002Fli>\n\u003Cli>Email Attachments\u003C\u002Fli>\n\u003Cli>Email Headers (to, from, reply-to, cc, bcc, …)\u003C\u002Fli>\n\u003Cli>Error Message (in case there was an error while attempting to send the email)\u003C\u002Fli>\n\u003Cli>IP Address of originating server (can be enabled in the settings)\u003C\u002Fli>\n\u003Cli>Date and Time of the email\u003C\u002Fli>\n\u003Cli>Receiver (the TO email address)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why are my logged emails still not delivered to the inbox?\u003C\u002Fh3>\n\u003Cp>There are a lot of steps that emails have to make in order to be delivered to the recipient’s inbox.\u003C\u002Fp>\n\u003Cp>When your WordPress site sends an email, there’s no guarantee it will be delivered.\u003C\u002Fp>\n\u003Cp>This is what the email’s journey looks like:\u003C\u002Fp>\n\u003Col>\n\u003Cli>WordPress creates an email\u003C\u002Fli>\n\u003Cli>WordPress passes the email to your website host and that email gets logged by our plugin\u003C\u002Fli>\n\u003Cli>The host server takes the email and sends it (SMTP or Mail Transfer Agent)\u003C\u002Fli>\n\u003Cli>Recipient server receives or blocks the email\u003C\u002Fli>\n\u003Cli>If the email is accepted, the spam filter decides if it goes to the inbox or the spam folder\u003C\u002Fli>\n\u003Cli>Recipients see the email and might open it.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This plugin does not track delivery after step 2.\u003C\u002Fp>\n\u003Cp>If you have deliverability issues, we suggest installing the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>WP Mail SMTP fixes WordPress email deliverability problems, you can choose between 12 email providers (Gmail, Outlook, SendLayer, Mailgun, …) to resolve your email sending issue and it’s super easy to set up. WP Mail SMTP is trusted by more than 3 million websites.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The plugin was created and launched in 2014 by \u003Ca href=\"https:\u002F\u002Fno3x.de\u002F\" rel=\"nofollow ugc\">Christian Zöller\u003C\u002Fa>.\u003C\u002Fp>\n","Log, view, and resend all emails sent from your WordPress site. Great for resolving email sending issues or keeping a copy for auditing.",300000,4360548,94,349,"2026-02-19T07:13:00.000Z","5.3",[19,21,54,23,55],"email-log","spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-logging\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mail-logging.1.16.0.zip",89,6,"2026-02-27 17:58:35",{"slug":19,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":17,"tags":75,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"Deliverability – pass DKIM, SPF, DMARC & more","1.8.0","Top Deliverability","https:\u002F\u002Fprofiles.wordpress.org\u002Ftopdeliverability\u002F","\u003Cp>Our Deliverability Plugin for WordPress allows you to easily authenticate emails generated from your website with a DKIM signature.\u003C\u002Fp>\n\u003Cp>But our Deliverability Plugin does much more than that! In fact, it’s packed with incredible email security and email deliverability features such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SPF authentication check, monitor and troubleshoot\u003C\u002Fli>\n\u003Cli>DKIM authentication implementation, check, monitor and troubleshoot\u003C\u002Fli>\n\u003Cli>DMARC authentication check, monitor and troubleshoot\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s always a good practice to authenticate your domain, but if your domain has a DMARC record and your website runs on WordPress you almost certainly need this plugin.\u003C\u002Fp>\n\u003Cp>The Deliverability plugin will take your Email Deliverability to a whole new level.\u003C\u002Fp>\n\u003Cp>This plugin is designed and written by experts and is easy to use and understand.\u003C\u002Fp>\n\u003Cp>It reduces security risk by checking for shortcomings in your email setup, and by implementing and enforcing the latest recommended Email security practices and techniques.\u003C\u002Fp>\n\u003Cp>Fully compatible with Contact-Form 7, WPForms, BuddyPress, WP Mail SMTP and more.\u003C\u002Fp>\n","Check and improve your Email Deliverability. Pass DMARC by DKIM-signing your emails without an external SMTP. Comply with Google & Yahoo requirements!",800,11120,84,15,"2025-09-15T12:59:00.000Z","6.6.5","5.9",[19,20,76,21,77],"dmarc","spf","https:\u002F\u002Ftopdeliverability.com\u002Fplugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdeliverability.1.8.0.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":26,"num_ratings":32,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":17,"tags":93,"homepage":96,"download_link":97,"security_score":98,"vuln_count":99,"unpatched_count":13,"last_vuln_date":100,"fetched_at":28},"mail-control","Mail Control – Email Customizer, SMTP Deliverability, logging, open and click Tracking","0.3.9","Rahal Aboulfeth","https:\u002F\u002Fprofiles.wordpress.org\u002Frahalaboulfeth\u002F","\u003Cp>Design and customize your emails using WordPress native customizer (compatible with WooCommerce), control your SMTP email deliverability, track your emails clicks and openings (reads), and allow defering the emails as a background process to speed up your pages.\u003C\u002Fp>\n\u003Cp>With Mail Control, you will have a better control over how your emails are handled by wordpress (and WooCommerce) from email design and customization to smtp delivery and click tracking.\u003C\u002Fp>\n\u003Ch3>Email Designer using WordPress native customizer\u003C\u002Fh3>\n\u003Cp>Design beautiful emails using the WooCommerce compatible Email Customizer. The UI provided by WordPress Native Customizer makes it easy to customize the look and feel of your emails.\u003C\u002Fp>\n\u003Ch3>Tracking and logging emails opening and clicks\u003C\u002Fh3>\n\u003Cp>This will allow you to optimize how you craft your emails content and get the better of your email marketing.\u003C\u002Fp>\n\u003Ch3>Sending Emails via an SMTP server\u003C\u002Fh3>\n\u003Cp>For a better deliverability for your emails, Mail Control lets you setup easily you favorite SMTP server.\u003C\u002Fp>\n\u003Ch3>Testing Email Deliverability of your SMTP server\u003C\u002Fh3>\n\u003Cp>Help you make sure your smtp servers checks all the requierements for the perfect deliverability by testing your SFP, DKIM and DMARC setup (and more on this to come).\u003C\u002Fp>\n\u003Ch3>Sending the emails by a background process to speed up your pages\u003C\u002Fh3>\n\u003Cp>No more page timeout because the smtp server take too much time to respond, defer your emails and let a cronjob take care of sending your emails in a separate process.\u003C\u002Fp>\n\u003Ch3>Having a log of all the emails sent (or failed) by wordpress\u003C\u002Fh3>\n\u003Cp>You can find all the emails handled by wordpress (or still in the queue), and resend them if needed.\u003C\u002Fp>\n\u003Ch3>More features and documentation coming\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpmailcontrol.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Mail Control Online Documentation\u003C\u002Fa> writing is in progress.\u003C\u002Fp>\n","Design and customize email templates, control your SMTP email deliverability, track your emails clicks and openings, and send them as background task.",60,2305,"2025-03-22T17:45:00.000Z","6.7.5","5.0",[21,94,95,54,23],"email-customizer","email-deliverability","https:\u002F\u002Fwww.wpmailcontrol.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmail-control.0.3.9.zip",91,1,"2023-07-10 00:00:00",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":26,"num_ratings":99,"last_updated":111,"tested_up_to":15,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":117,"download_link":118,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"oderland-smtp-postal-mailer","Oderland SMTP & Postal Mailer","1.3.2","Oderland Webbhotell AB","https:\u002F\u002Fprofiles.wordpress.org\u002Foderlandab\u002F","\u003Cp>Oderland SMTP & Postal Mailer is a plugin that allows you to send transactional emails using \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FSimple_Mail_Transfer_Protocol\" rel=\"nofollow ugc\">SMTP\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fdocs.postalserver.io\u002F\" rel=\"nofollow ugc\">Postal\u003C\u002Fa> API. Easy-to-use for e-mail logging and making sure your e-mails make it all the way to your intended target.\u003C\u002Fp>\n\u003Cp>The plugin works with any SMTP mailer you’re using, including but not limited to \u003Ca href=\"https:\u002F\u002Fwww.oderland.se\u002Fpostal\" rel=\"nofollow ugc\">Oderland Postal\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What is SMTP and why do you need it?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>SMTP (Simple Mail Transfer Protocol) is the standard that ensures that emails actually arrive at their destination. It’s a protocol that delivers your email between servers when you click “send” in your email client.\u003C\u002Fp>\n\u003Cp>You could say that with an SMTP plugin or service, you want to confirm to the email servers that what you’re sending isn’t spam, which lends authenticity to your mailings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send transactional emails via SMTP, Postal API or PHP mail()\u003C\u002Fli>\n\u003Cli>Multiple mail account support with priority-based failover\u003C\u002Fli>\n\u003Cli>Automatic retry on temporary failures with exponential backoff\u003C\u002Fli>\n\u003Cli>Comprehensive email logging with configurable retention\u003C\u002Fli>\n\u003Cli>Statistics dashboard — email volume over time, delivery success rates, per-account breakdown, failure analysis, recipient domain insights, and send time patterns\u003C\u002Fli>\n\u003Cli>CSV export of all dashboard statistics\u003C\u002Fli>\n\u003Cli>WordPress admin dashboard widget with 7-day email summary\u003C\u002Fli>\n\u003Cli>Engagement tracking (opens, clicks) for Postal accounts\u003C\u002Fli>\n\u003Cli>Postal webhook integration for delivery status tracking\u003C\u002Fli>\n\u003Cli>Per-account webhook debug logging for Postal accounts\u003C\u002Fli>\n\u003Cli>Secure credential storage with AES-256 encryption\u003C\u002Fli>\n\u003Cli>Protocol-level SMTP debugging\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Services Supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>SMTP\u003C\u002Fstrong> – Connect to any SMTP server\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.postalserver.io\u002F\" rel=\"nofollow ugc\">Postal\u003C\u002Fa>\u003C\u002Fstrong> – Integration with Postal mail delivery platform\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Local\u003C\u002Fstrong> – Fallback to PHP mail() function\u003C\u002Fli>\n\u003C\u002Ful>\n","Send transactional emails from WordPress using SMTP or Postal with logging and delivery tracking.",10,419,"2026-03-11T16:53:00.000Z","5.7","8.1",[19,21,115,116,23],"mail","postal","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foderland-smtp-postal-mailer.1.3.2.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":13,"downloaded":127,"rating":26,"num_ratings":99,"last_updated":128,"tested_up_to":129,"requires_at_least":92,"requires_php":117,"tags":130,"homepage":133,"download_link":134,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":135},"ecom-email-health-check","eCommerce Email Health Check","1.0.2","Ahmed Saeed","https:\u002F\u002Fprofiles.wordpress.org\u002Fengahmeds3ed\u002F","\u003Cp>Stop worrying about lost eCommerce emails! This free, simple plugin helps you diagnose your store’s email delivery health in minutes. It runs a series of checks to identify common issues that cause emails to end up in spam or fail to send altogether.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Email Sending Test:\u003C\u002Fstrong> A one-click test to confirm if your site can send emails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sender Address Check:\u003C\u002Fstrong> Verifies that your “From” address is configured correctly to avoid being flagged as spam.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SPF Record Validation:\u003C\u002Fstrong> Checks if your domain has a crucial SPF record to authenticate your emails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy-to-Read Health Report:\u003C\u002Fstrong> Get a clear, actionable report with a summary of your email delivery status.\u003C\u002Fli>\n\u003C\u002Ful>\n","A free, simple tool to diagnose and test your eCommerce email delivery, ensuring orders and notifications reach customers.",225,"2025-08-25T20:31:00.000Z","6.8.5",[19,131,21,23,132],"e-commerce","woocommerce","https:\u002F\u002Fgithub.com\u002Fcodesir-co\u002Fecom-email-health-check","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fecom-email-health-check.1.0.2.zip","2026-03-15T14:54:45.397Z",{"attackSurface":137,"codeSignals":143,"taintFlows":203,"riskAssessment":232,"analyzedAt":239},{"hooks":138,"ajaxHandlers":139,"restRoutes":140,"shortcodes":141,"cronEvents":142,"entryPointCount":13,"unprotectedCount":13},[],[],[],[],[],{"dangerousFunctions":144,"sqlUsage":145,"outputEscaping":151,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":201,"bundledLibraries":202},[],{"prepared":32,"raw":99,"locations":146},[147],{"file":148,"line":149,"context":150},"templates\\admin-emails.php",55,"$wpdb->get_var() with variable interpolation",{"escaped":152,"rawEcho":153,"locations":154},474,22,[155,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,191,193,195,197,199],{"file":148,"line":156,"context":157},87,"raw output",{"file":148,"line":159,"context":157},93,{"file":148,"line":161,"context":157},115,{"file":148,"line":163,"context":157},121,{"file":148,"line":165,"context":157},138,{"file":148,"line":167,"context":157},380,{"file":148,"line":169,"context":157},386,{"file":148,"line":171,"context":157},408,{"file":148,"line":173,"context":157},414,{"file":148,"line":175,"context":157},431,{"file":148,"line":177,"context":157},447,{"file":148,"line":179,"context":157},451,{"file":148,"line":181,"context":157},455,{"file":148,"line":183,"context":157},459,{"file":148,"line":185,"context":157},463,{"file":148,"line":187,"context":157},519,{"file":189,"line":190,"context":157},"templates\\admin-interface.php",387,{"file":189,"line":192,"context":157},446,{"file":189,"line":194,"context":157},686,{"file":189,"line":196,"context":157},1027,{"file":189,"line":198,"context":157},1028,{"file":189,"line":200,"context":157},1246,5,[],[204],{"entryPoint":205,"graph":206,"unsanitizedCount":13,"severity":231},"\u003Cadmin-emails> (templates\\admin-emails.php:0)",{"nodes":207,"edges":227},[208,213,218,222],{"id":209,"type":210,"label":211,"file":148,"line":212},"n0","source","$_GET (x6)",37,{"id":214,"type":215,"label":216,"file":148,"line":159,"wp_function":217},"n1","sink","echo() [XSS]","echo",{"id":219,"type":210,"label":220,"file":148,"line":221},"n2","$_GET (x2)",18,{"id":223,"type":215,"label":224,"file":148,"line":225,"wp_function":226},"n3","get_results() [SQLi]",219,"get_results",[228,230],{"from":209,"to":214,"sanitized":229},true,{"from":219,"to":223,"sanitized":229},"low",{"summary":233,"deductions":234},"The email-essentials plugin v6.0.3 demonstrates a generally strong security posture based on the provided static analysis.  The absence of identified dangerous functions, raw SQL queries, file operations, external HTTP requests, and a high percentage of properly escaped output are positive indicators.  Furthermore, the plugin has no recorded vulnerability history, suggesting a consistent track record of security. The lack of critical or high severity taint flows is also reassuring, implying that user-supplied data is not being mishandled in a way that could lead to immediate exploits.\n\nHowever, the analysis does reveal a significant area of concern: the complete lack of nonce checks and the absence of explicit capability checks on all identified entry points, even though there are some capability checks present in the code. With zero unprotected entry points and zero AJAX handlers without authentication, this suggests that these might be protected by a higher-level WordPress mechanism or that the entry points detected are not directly user-facing in a way that would typically require individual nonce checks. Nevertheless, the absence of any identified nonce checks on the 0 AJAX handlers is unusual and could indicate a missed detection or a potential gap if these handlers are indeed exposed to user interaction without proper verification.  While the overall picture is positive due to the lack of historical vulnerabilities and critical code issues, the potential for overlooked vulnerabilities due to the absence of nonce checks warrants careful consideration.",[235,237],{"reason":236,"points":201},"No nonce checks detected on AJAX handlers",{"reason":238,"points":201},"0 unprotected entry points detected, but no nonce checks","2026-03-16T22:16:03.375Z",{"wat":241,"direct":252},{"assetPaths":242,"generatorPatterns":246,"scriptPaths":247,"versionParams":248},[243,244,245],"\u002Fwp-content\u002Fplugins\u002Femail-essentials\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Femail-essentials\u002Fcss\u002Fqueue.css","\u002Fwp-content\u002Fplugins\u002Femail-essentials\u002Fjs\u002Fadmin.js",[],[245],[249,250,251],"email-essentials\u002Fcss\u002Fadmin.css?ver=","email-essentials\u002Fcss\u002Fqueue.css?ver=","email-essentials\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":253,"htmlComments":255,"htmlAttributes":256,"restEndpoints":258,"jsGlobals":259,"shortcodeOutput":260},[254],"wp-email-essentials-settings",[],[257],"data-nonce",[],[],[]]