Does LH Multipart Email have any unpatched vulnerabilities?

No. All known vulnerabilities in LH Multipart Email have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LH Multipart Email compatible with WordPress 6.0.11?

According to WordPress.org data, LH Multipart Email 1.12 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

How often is LH Multipart Email updated?

LH Multipart Email was last updated on Jul 30, 2022. Frequent updates are generally a positive security signal.

What is LH Multipart Email's security score?

LH Multipart Email has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LH Multipart Email Security & Risk Analysis

wordpress.org/plugins/lh-multipart-email

Decreases the chance of your legit emails being marked as spam by providing a text alternative within the one email.

700 active installs v1.12 PHP + WP 5.5+ Updated Jul 30, 2022

emailhtml-emailmultipartspamtext-email

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LH Multipart Email Safe to Use in 2026?

Generally Safe

Score 85/100

LH Multipart Email has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the lh-multipart-email plugin v1.12 exhibits an exceptionally strong security posture. The plugin demonstrates a complete absence of exploitable attack vectors, with zero AJAX handlers, REST API routes, shortcodes, or cron events found. Furthermore, the code analysis reveals a clean bill of health, with no dangerous functions, no raw SQL queries (all use prepared statements), and all output is properly escaped. There are no file operations or external HTTP requests, and importantly, no detected vulnerabilities in taint analysis flows. This indicates a high level of secure coding practices have been employed by the developers.

The vulnerability history further solidifies this positive assessment, showing zero known CVEs of any severity. The absence of any recorded vulnerabilities, historical or current, suggests a mature and well-maintained codebase that has not presented security challenges. While the lack of explicit nonce and capability checks on potential entry points (if they existed) might be a concern in other contexts, the complete absence of any entry points negates this risk entirely.

In conclusion, the lh-multipart-email plugin v1.12 appears to be highly secure, with no identified weaknesses in its attack surface, code implementation, or historical vulnerability record. The developers have followed best practices diligently, resulting in a plugin that poses minimal to no security risk to a WordPress installation.

Vulnerabilities

None known

LH Multipart Email Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

LH Multipart Email Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

LH Multipart Email Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

filterwp_maillh-multipart-email.php:126

actionphpmailer_initlh-multipart-email.php:127

Maintenance & Trust

LH Multipart Email Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedJul 30, 2022

PHP min version

Downloads7K

Community Trust

Rating100/100

Number of ratings5

Active installs700

Alternatives

LH Multipart Email Alternatives

Add Plain-Text Email

add-plain-text-email

Adds a text/plain email to text/html emails to decrease the chance of emails being tagged as spam.

100 No CVEs

WP Mail Logging

wp-mail-logging

Log, view, and resend all emails sent from your WordPress site. Great for resolving email sending issues or keeping a copy for auditing.

300K 6 CVEs

CryptX

cryptx

No more SPAM by spiders scanning your site for email addresses!

10K 1 CVE

Stop WP Emails Going to Spam

stop-wp-emails-going-to-spam

100

Fixes WordPress emails going to spam/junk folders. The default settings often resolve the issue.

10K No CVEs

WP Mailto Links – Protect Email Addresses

wp-mailto-links

Protect & encode email addresses safely from spambots & spamming. Easy to use - encodes emails out-of-the-box.

9K 1 unpatched

Developer Profile

LH Multipart Email Developer Profile

shawfactor

77 plugins · 15K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

7 days

View full developer profile

Detection Fingerprints

How We Detect LH Multipart Email

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lh-multipart-email/includes/Html2Text.php/wp-content/plugins/lh-multipart-email/includes/Html2TextException.php

HTML / DOM Fingerprints

FAQ