Does Email Scheduling have any unpatched vulnerabilities?

No. All known vulnerabilities in Email Scheduling have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Email Scheduling compatible with WordPress 5.9.13?

According to WordPress.org data, Email Scheduling 1.0.0 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is Email Scheduling compatible with PHP 7.0+?

Email Scheduling requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Email Scheduling updated?

Email Scheduling was last updated on May 18, 2022. Frequent updates are generally a positive security signal.

What is Email Scheduling's security score?

Email Scheduling has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Email Scheduling Security & Risk Analysis

wordpress.org/plugins/email-scheduling

Send the custom email to the logged in users.

0 active installs v1.0.0 PHP 7.0+ WP 5.8+ Updated May 18, 2022

cronemail

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Email Scheduling Safe to Use in 2026?

Generally Safe

Score 85/100

Email Scheduling has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The 'email-scheduling' plugin v1.0.0 exhibits a concerning security posture primarily due to a lack of authentication checks on its AJAX handlers. With 3 AJAX handlers, all of which are unprotected, there is a significant attack surface that could be exploited by unauthenticated users. While the code signals are generally positive with no dangerous functions, 100% of SQL queries using prepared statements, and a high percentage of output escaping, the absence of nonces and capability checks on these critical entry points overshadows these strengths. The taint analysis indicates no critical or high severity unsanitized flows, which is a positive sign, and the plugin has no recorded vulnerability history, suggesting a clean past. However, the current state of unprotected AJAX handlers presents a direct and exploitable risk that requires immediate attention.

Key Concerns

Unprotected AJAX handlers detected
Missing nonce checks on AJAX handlers
Missing capability checks on AJAX handlers
Output escaping not 100% (75% escaped)

Vulnerabilities

None known

Email Scheduling Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Email Scheduling Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped4 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

emsc_email_template (email-scheduling.php:238)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Email Scheduling Attack Surface

Entry Points3

Unprotected3

AJAX Handlers 3

authwp_ajax_email_template_hookemail-scheduling.php:47

authwp_ajax_my_email_hookemail-scheduling.php:48

authwp_ajax_my_ajax_hookemail-scheduling.php:49

WordPress Hooks 6

filterwp_mail_content_typeemail-scheduling.php:32

actionadmin_menuemail-scheduling.php:36

actionadmin_enqueue_scriptsemail-scheduling.php:39

actionadmin_enqueue_scriptsemail-scheduling.php:43

filtercron_schedulesemail-scheduling.php:53

actioncustom_send_emailemail-scheduling.php:57

Scheduled Events 1

custom_send_email

Maintenance & Trust

Email Scheduling Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedMay 18, 2022

PHP min version7.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Email Scheduling Alternatives

AsynCRONous bbPress Subscriptions

asyncronous-bbpress-subscriptions

Email notifications done right. No BCC lists, no added page load time, better performance.

100 No CVEs

Tuyul Ninja

tuyul-ninja

Tuyul Ninja enables you to send wordpress post to available providers via cronjob.

10 No CVEs

WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin

wp-mail-smtp

Make email delivery easy for WordPress. Connect with SMTP, Gmail, Outlook, SendGrid, Mailgun, SES, Zoho, + more. Rated #1 WordPress SMTP Email plugin.

4.0M 2 CVEs

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

100

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M No CVEs

MC4WP: Mailchimp for WordPress

mailchimp-for-wp

The #1 Mailchimp plugin for WordPress. Allows you to add a multitude of newsletter sign-up methods to your site.

1.0M 11 CVEs

Developer Profile

Email Scheduling Developer Profile

Krunal Bhimajiyani

2 plugins · 0 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Email Scheduling

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/email-scheduling/assets/js/bulk-email.js/wp-content/plugins/email-scheduling/assets/css/bulk-email.css/wp-content/plugins/email-scheduling/assets/js/test-email.js/wp-content/plugins/email-scheduling/assets/css/test-email.css

Script Paths

assets/js/bulk-email.jsassets/js/test-email.js

Version Parameters

email_js?ver=1.0email-style?ver=1.0test_js?ver=1.0test-style?ver=1.0

HTML / DOM Fingerprints

CSS Classes

responserespemailFormfielddescloadermsg

Data Attributes

data-editor-id="mail_template_id"id="saveEmail"id="sendEmail"id="email"class="email"class="email_btn"+3 more

JS Globals

myVar

FAQ