WP-Safety

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Security & Risk Analysis

wordpress.org/plugins/getsitecontrol

Complete email marketing toolset with a powerful popup builder on board. Generate leads with email opt-in forms, send professional newsletters, build …

1K active installs v3.0.0 PHP + WP 3.0.1+ Updated Dec 19, 2025
email-marketingemail-marketing-pluginpopup-builderpopup-makerpopup-contact-form
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Safe to Use in 2026?

Generally Safe

Score 100/100

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The getsitecontrol v3.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL query sanitization, using prepared statements exclusively, and it has no recorded vulnerabilities (CVEs) or identified taint flows. This suggests a developer who is aware of common security pitfalls in database interactions and has a history of producing secure code.

However, significant concerns arise from the attack surface analysis. The plugin exposes three AJAX handlers, all of which lack authentication checks. This is a critical weakness as it allows any unauthenticated user to trigger these handlers, potentially leading to unintended actions or information disclosure if the handlers perform sensitive operations or access restricted data. The absence of nonces further exacerbates this risk, as it leaves the AJAX endpoints vulnerable to Cross-Site Request Forgery (CSRF) attacks.

While the plugin's vulnerability history is clean, this should not be interpreted as a guarantee of future security. The current code analysis highlights a clear and present danger with the unprotected AJAX endpoints. Therefore, while the plugin has strengths in SQL handling and a clean history, the unauthenticated AJAX endpoints represent a substantial risk that needs immediate attention.

Key Concerns

  • AJAX handlers without auth checks
  • AJAX handlers without nonce checks
  • Insufficient capability checks on AJAX
  • Unescaped output (35% of outputs)
Vulnerabilities
None known

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
9
17 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

65% escaped26 total outputs
Attack Surface
3 unprotected

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_gsc_post_site_selectincludes\get-site-control-wordpress.php:86
authwp_ajax_gsc_post_clear_api_keyincludes\get-site-control-wordpress.php:87
authwp_ajax_gsc_post_sign_inincludes\get-site-control-wordpress.php:88
WordPress Hooks 6
actionadmin_initincludes\get-site-control-wordpress.php:81
actionadmin_menuincludes\get-site-control-wordpress.php:83
actionadmin_menuincludes\get-site-control-wordpress.php:84
actionadmin_enqueue_scriptsincludes\get-site-control-wordpress.php:90
actionwp_enqueue_scriptsincludes\get-site-control-wordpress.php:92
filterscript_loader_tagincludes\get-site-control-wordpress.php:200
Maintenance & Trust

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedDec 19, 2025
PHP min version
Downloads115K

Community Trust

Rating82/100
Number of ratings23
Active installs1K
Alternatives

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Alternatives

Popup Builder – Create highly converting, mobile friendly marketing popups.

Popup Builder – Create highly converting, mobile friendly marketing popups.

popup-builder

B
76

Increase Sales, Lead Generation, Conversion rates and receive good Call to Action rates with smart WordPress popup plugin.

200K 23 CVEs
Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers

Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers

popup-builder-block

C
60

Powerful Popup Builder Block for Gutenberg block editor.

60K 1 unpatched
WP Popups – WordPress Popup builder

WP Popups – WordPress Popup builder

wp-popups-lite

A
95

WP Popups is the best popup maker for WordPress. Easy but powerful plugin with display filters, scroll-triggered popups, and Gutenberg block editor.

30K 6 CVEs
CM Pop-Up – Create engaging popups to capture attention and boost interaction

CM Pop-Up – Create engaging popups to capture attention and boost interaction

cm-pop-up-banners

A
94

Create and customize popups. Display messages, Call to actions, promotions, or announcements to engage visitors and boost interaction.

9K 5 CVEs
WP Popup Builder – Popup Forms and Marketing Lead Generation

WP Popup Builder – Popup Forms and Marketing Lead Generation

wp-popup-builder

C
61

WP Popup Builder is a powerful tool to create amazing popup for your site. Its drag and drop feature help to create form in very easy step without hav …

3K 1 unpatched
Developer Profile

Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters Developer Profile

Getsitecontrol

1 plugin · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/getsitecontrol/templates/css/get-site-control-admin.css/wp-content/plugins/getsitecontrol/templates/js/get-site-control-admin.js
Script Paths
https://dash.getsitecontrol.com/api/v1/users/registerhttps://dash.getsitecontrol.com/api/v1/users/login?dual=1https://dash.getsitecontrol.com/api/v1/socialauth-begin/google-oauth2/?mode=signin-popup&dual=1https://dash.getsitecontrol.com/api/v1/socialauth-begin/google-oauth2/?mode=signup-popuphttps://{{API_DOMAIN}}/api/v1/sites/ownhttps://{{API_DOMAIN}}/api/v1/users/autologin
Version Parameters
get-site-control.php?ver=get-site-control-admin.css?ver=get-site-control-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
gsc-popup-overlaygsc-popup-contentgsc-close-buttongsc-widget-container
Data Attributes
data-gsc-iddata-gsc-settings
JS Globals
GSCWidgetgetSiteControlSettings
REST Endpoints
/wp-json/getsitecontrol/v1/settings/wp-json/getsitecontrol/v1/widgets
Shortcode Output
[getsitecontrol]
FAQ

Frequently Asked Questions about Getsitecontrol — Email Marketing Plugin | Popup Maker, Automations & Newsletters