Does GEV Email Validator have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is GEV Email Validator compatible with WordPress 5.6.17?

According to WordPress.org data, GEV Email Validator 1.0.0 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is GEV Email Validator compatible with PHP 5.6+?

GEV Email Validator requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GEV Email Validator updated?

GEV Email Validator was last updated on Feb 25, 2021. Frequent updates are generally a positive security signal.

What is GEV Email Validator's security score?

GEV Email Validator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GEV Email Validator Security & Risk Analysis

wordpress.org/plugins/gev-email-validator

The Cheapest advanced Email Address Validation to forms. Prevents typos in email address field and eliminates spam submissions with fake email address …

0 active installs v1.0.0 PHP 5.6+ WP 3.0.1+ Updated Feb 25, 2021

email-filteremail-validationemail-validatoremail-verifyform-validation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is GEV Email Validator Safe to Use in 2026?

Generally Safe

Score 85/100

GEV Email Validator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The 'gev-email-validator' plugin v1.0.0 exhibits a generally positive security posture based on static analysis, with no identified dangerous functions, SQL injection vulnerabilities through prepared statements, or file operations. The absence of known CVEs and a clean vulnerability history further suggests a robust development process concerning past security issues. The plugin also utilizes the Guzzle library, which is a common and well-maintained HTTP client.

However, significant concerns arise from the output escaping and taint analysis. A low percentage of outputs are properly escaped (17%), indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis reveals two flows with unsanitized paths, which, although not classified as critical or high severity, still represent potential avenues for malicious input to be processed without adequate cleaning. Furthermore, the absence of nonce and capability checks on any entry points, coupled with a zero-percent check on AJAX handlers and REST API routes, means that any potential vulnerabilities in these areas would be entirely unprotected.

Key Concerns

Low output escaping rate (17%)
Two flows with unsanitized paths
No nonce checks on entry points
No capability checks on entry points
0% AJAX handlers with auth checks
0% REST API routes with permission callbacks

Vulnerabilities

None known

GEV Email Validator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

GEV Email Validator Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

GEV Email Validator Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

Output Escaping

17% escaped53 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

email_test_ajax_callback (admin\class-email-validator-admin.php:306)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

GEV Email Validator Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 16

actionplugins_loadedincludes\class-email-validator.php:231

actionadmin_enqueue_scriptsincludes\class-email-validator.php:249

actionadmin_enqueue_scriptsincludes\class-email-validator.php:250

actionadmin_menuincludes\class-email-validator.php:252

actionadmin_initincludes\class-email-validator.php:253

actionwp_enqueue_scriptsincludes\class-email-validator.php:271

actionwp_enqueue_scriptsincludes\class-email-validator.php:272

filterwpcf7_validate_emailincludes\class-email-validator.php:306

filterwpcf7_validate_email*includes\class-email-validator.php:311

filterfrm_validate_entryincludes\class-email-validator.php:322

filtercaldera_forms_validate_field_emailincludes\class-email-validator.php:332

filterwppb_check_form_field_default-e-mailincludes\class-email-validator.php:342

filterinitincludes\class-email-validator.php:350

filterinitincludes\class-email-validator.php:357

filtercntctfrm_check_formincludes\class-email-validator.php:365

filteris_emailincludes\class-email-validator.php:378

Maintenance & Trust

GEV Email Validator Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedFeb 25, 2021

PHP min version5.6

Downloads827

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

GEV Email Validator Alternatives

MailboxValidator Email Validator

mailboxvalidator-email-validator

100

Email verification for WordPress forms. Block disposable, block spam, block invalid email, block free email and role-based email.

20 No CVEs

Email Validator for Contact Form 7

email-validator-for-contact-form-7

100

Email validation for Contact Form 7. Reduce registration spam with invalid email, block disposable and block free email.

500 No CVEs

TrueMail Email Validator

truemail-email-validator

TrueMail plugin can be seamlessly integrated with all forms to verify the user email address in real-time before submission.

10 No CVEs

Antideo Email Validator

antideo-email-validator

Form email validation, Email Blacklist, Domain Blacklist, Form email check, Real time email validator Requires at least: 4.7 Tested up to: 6.9.

900 1 CVE

Reoon Email Verifier

reoon-email-verifier

Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.

600 1 CVE

Developer Profile

GEV Email Validator Developer Profile

maranqz

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect GEV Email Validator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gev-email-validator/admin/css/email-validator-admin.css/wp-content/plugins/gev-email-validator/admin/js/email-validator-admin.js

Version Parameters

gev-email-validator/admin/css/email-validator-admin.css?ver=gev-email-validator/admin/js/email-validator-admin.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-plugin="gev-email-validator"data-invalid-message="This email is invalid"data-apikey-required="This field is required."data-apikey-invalid="Invalid API Key. Please check your key."data-email-error="This email address is not valid. Please try again."data-email-test-button="Email Test"

JS Globals

gevEmailValidatorAdmin

REST Endpoints

/wp-json/gev-email-validator/v1/verify/wp-json/gev-email-validator/v1/test

FAQ