Does EmailVerify.io have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is EmailVerify.io compatible with WordPress 6.9.4?

According to WordPress.org data, EmailVerify.io 1.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is EmailVerify.io compatible with PHP 7.0+?

EmailVerify.io requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is EmailVerify.io updated?

EmailVerify.io was last updated on Dec 16, 2025. Frequent updates are generally a positive security signal.

What is EmailVerify.io's security score?

EmailVerify.io has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

EmailVerify.io Security & Risk Analysis

wordpress.org/plugins/emailverify

Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.

0 active installs v1.3.1 PHP 7.0+ WP 4.7+ Updated Dec 16, 2025

email-validatoremail-verifierform-validationspam-protectionuser-registration

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is EmailVerify.io Safe to Use in 2026?

Generally Safe

Score 100/100

EmailVerify.io has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The 'emailverify' plugin v1.3.1 exhibits a generally strong security posture based on the provided static analysis. The code demonstrates excellent practices regarding SQL queries, exclusively using prepared statements, and a very high rate of output escaping, minimizing the risk of cross-site scripting vulnerabilities. The absence of file operations and critical/high severity taint flows is also a positive indicator. Furthermore, the plugin has no known historical vulnerabilities, suggesting a commitment to security by its developers. However, there are potential areas for improvement. The presence of 5 AJAX handlers, while currently all protected by authentication checks, still represents an attack surface that, if misconfigured or if future updates introduce vulnerabilities, could be exploited. While the analysis shows no unsanitized paths in taint flows, the fact that all 11 analyzed flows were flagged as 'unsanitized' warrants further investigation to understand the nature of these sanitization requirements and ensure they don't represent latent risks.

Key Concerns

AJAX handlers present attack surface
All 11 taint flows flagged as unsanitized

Vulnerabilities

None known

EmailVerify.io Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

EmailVerify.io Release Timeline

v1.3.1Current

v1.3.0

v1.2.9

Code Analysis

Analyzed Apr 16, 2026

EmailVerify.io Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

92 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

99% escaped93 total outputs

Data Flows · Security

11 unsanitized

Data Flow Analysis

11 flows11 with unsanitized paths

emailverifyio_validate_email (includes/ajax-class.php:99)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

EmailVerify.io Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_emailverifyio_apiincludes/ajax-class.php:14

authwp_ajax_emailverifyio_emailincludes/ajax-class.php:15

authwp_ajax_emailverifyio_remove_api_keyincludes/ajax-class.php:16

authwp_ajax_emailverifyio_debug_optionsincludes/ajax-class.php:17

authwp_ajax_emailverifyio_validate_emailincludes/ajax-class.php:18

WordPress Hooks 19

actionadmin_menuemailverify.php:64

actionadmin_initemailverify.php:65

actionadmin_enqueue_scriptsemailverify.php:66

actionplugins_loadedemailverify.php:69

filterplugin_action_links_emailverify/emailverify.phpemailverify.php:76

filtergform_validationemailverify.php:136

filterfrm_validate_field_entryemailverify.php:142

filterwpcf7_validate_email*emailverify.php:148

filterregistration_errorsemailverify.php:152

actionwoocommerce_checkout_processemailverify.php:158

filterninja_forms_submit_dataemailverify.php:164

actionelementor_pro/forms/validation/emailemailverify.php:170

actionwpforms_process_validate_emailemailverify.php:177

filterfluentform/validate_input_item_input_emailemailverify.php:183

filterforminator_custom_form_submit_errorsemailverify.php:189

filterhappyforms_validate_part_submissionemailverify.php:194

filtercntctfrm_check_formemailverify.php:199

filterpreprocess_commentemailverify.php:204

actionmailmint_before_form_submitemailverify.php:209

Maintenance & Trust

EmailVerify.io Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 16, 2025

PHP min version7.0

Downloads345

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

EmailVerify.io Alternatives

Reoon Email Verifier

reoon-email-verifier

Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.

600 1 CVE

Email Validator for Contact Form 7

email-validator-for-contact-form-7

100

Email validation for Contact Form 7. Reduce registration spam with invalid email, block disposable and block free email.

500 No CVEs

Emailable – Premium Email Verification & Validation

emailable

Verify emails in real-time with Emailable.

40 No CVEs

User Registration Email Validator

user-registration-email-validator

100

Validate and Verify any email using is_email() and stop spam comments spam logins and registration.

40 No CVEs

TrueMail Email Validator

truemail-email-validator

TrueMail plugin can be seamlessly integrated with all forms to verify the user email address in real-time before submission.

10 No CVEs

Developer Profile

EmailVerify.io Developer Profile

EmailVerify.io

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect EmailVerify.io

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/emailverify/includes/js/admin-script.js/wp-content/plugins/emailverify/includes/js/frontend-script.js

Version Parameters

emailverify/includes/js/admin-script.js?ver=emailverify/includes/js/frontend-script.js?ver=

HTML / DOM Fingerprints

JS Globals

EmailVerifyIO_AJAX_URL

FAQ