Does Get a Newsletter have any unpatched vulnerabilities?

No. All known vulnerabilities in Get a Newsletter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Get a Newsletter compatible with WordPress 6.9.4?

According to WordPress.org data, Get a Newsletter 4.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Get a Newsletter compatible with PHP 7.2+?

Get a Newsletter requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Get a Newsletter updated?

Get a Newsletter was last updated on Feb 12, 2026. Frequent updates are generally a positive security signal.

What is Get a Newsletter's security score?

Get a Newsletter has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Get a Newsletter Security & Risk Analysis

wordpress.org/plugins/getanewsletter

Turn visitors into subscribers. Eliminate manual entry of subscribers with signup forms that sync directly with your Get a Newsletter account.

400 active installs v4.1.0 PHP 7.2+ WP 5.2.0+ Updated Feb 12, 2026

email-marketingformsmailing-listnewsletterpopup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Get a Newsletter Safe to Use in 2026?

Generally Safe

Score 100/100

Get a Newsletter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "getanewsletter" plugin version 4.1.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices with 100% of its SQL queries utilizing prepared statements and a significant number of outputs being properly escaped. The absence of any recorded vulnerabilities, including critical or high severity ones, and no known CVEs, suggests a history of relatively secure development.

However, several concerns warrant attention. The presence of 7 AJAX handlers, with 4 of them lacking authentication checks, significantly expands the attack surface and presents a direct risk of unauthorized actions. Furthermore, the taint analysis revealed 2 flows with unsanitized paths, indicating a potential for vulnerabilities that could lead to unexpected or malicious behavior, even if no critical or high severity issues were found in this specific analysis.

In conclusion, while the plugin has a clean vulnerability history and employs some secure coding practices, the unprotected AJAX endpoints and unsanitized paths identified in the taint analysis represent notable weaknesses. These areas require immediate attention to mitigate potential security risks and strengthen the plugin's overall security posture. The lack of logged past vulnerabilities is a positive indicator, but the identified code-level weaknesses are still significant.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths
Large attack surface without auth
Moderate unescaped output

Vulnerabilities

None known

Get a Newsletter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Get a Newsletter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

92 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped183 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

newsletter_subscription_forms (getanewsletter.php:86)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Get a Newsletter Attack Surface

Entry Points8

Unprotected4

AJAX Handlers 7

authwp_ajax_newsletter_get_formgetanewsletter.php:1352

authwp_ajax_getanewsletter_subscribegetanewsletter.php:1677

noprivwp_ajax_getanewsletter_subscribegetanewsletter.php:1678

authwp_ajax_gan_register_admin_api_keygetanewsletter.php:1778

authwp_ajax_gan_get_subscription_forms_listgetanewsletter.php:2118

authwp_ajax_gan_get_subscription_formgetanewsletter.php:2144

authwp_ajax_gan_test_connectiongetanewsletter.php:2176

Shortcodes 1

[gan-form] getanewsletter.php:1350

WordPress Hooks 14

actionadmin_initgetanewsletter.php:22

actionadmin_enqueue_scriptsgetanewsletter.php:34

actionadmin_menugetanewsletter.php:1044

actionadmin_noticesgetanewsletter.php:1046

actionwidgets_initgetanewsletter.php:1605

actionadmin_footergetanewsletter.php:1622

actionplugins_loadedgetanewsletter.php:1673

actionwp_headgetanewsletter.php:1684

actionadmin_initgetanewsletter.php:1824

actionplugins_loadedgetanewsletter.php:1832

actionwp_headgetanewsletter.php:1865

actionupdate_option_newsletter_passgetanewsletter.php:1903

actionupdate_option_newsletter_passgetanewsletter.php:1917

actioninitgetanewsletter.php:1929

Maintenance & Trust

Get a Newsletter Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 12, 2026

PHP min version7.2

Downloads11K

Community Trust

Rating0/100

Number of ratings0

Active installs400

Alternatives

Get a Newsletter Alternatives

Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce

sender-net-automated-emails

Sender is an all-in-one email & SMS marketing platform designed keeping the challenges of ecommerce and small businesses in mind.

5K 2 CVEs

Email Marketing for WordPress and WooCommerce – Retainful

retainful

100

Email marketing, newsletters for WordPress and WooCommerce. Send newsletters and campaigns, recover abandoned carts, signup forms, and more

60 No CVEs

Newsletter – Send awesome emails from WordPress

newsletter

An email marketing tool for your blog: subscription forms to create your lists with unlimited subscribers and newsletters.

200K 20 CVEs

Brevo – Email, SMS, Web Push, Chat, and more.

mailin

Turn your WordPress site into a marketing powerhouse. Grow your audience, boost engagement, and drive more sales with Brevo.

100K 9 CVEs

Constant Contact Forms by MailMunch

constant-contact-forms-by-mailmunch

The #1 Constant Contact plugin to get more email subscribers. Easily add Constant Contact sign-up forms as popup, embedded widget or sticky top bar.

3K 3 CVEs

Developer Profile

Get a Newsletter Developer Profile

getanewsletter

1 plugin · 400 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Get a Newsletter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/getanewsletter/assets/admin/css/styles.css/wp-content/plugins/getanewsletter/assets/admin/js/scripts.js

HTML / DOM Fingerprints

CSS Classes

gan-create-subscription-formgan-subscription-form-wrappergan-subscription-formgan-input-group

HTML Comments

+1 more

Data Attributes

data-form-iddata-gan-form-wrapper

JS Globals

gan_ajax_urlgan_noncegan_admin_params

Shortcode Output

[getanewsletter][getanewsletter_form]

FAQ