[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_7tif3tx4ipLu_3svV58QSL3MVAlmXuXL3R22fKUnAg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":137,"fingerprints":281},"mailgun-email-validator","Mailgun Email Validator","1.2.4.1","Jesin A","https:\u002F\u002Fprofiles.wordpress.org\u002Fjesin\u002F","\u003Cp>Most email validators look for an \u003Ccode>@\u003C\u002Fcode> and a \u003Ccode>.\u003C\u002Fcode>(dot) some go further and blacklist certain domain names. But Mailgun’s Advanced email validation service goes deeper and looks for the existence of the domain name, presence of a \u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FMX_record\" rel=\"nofollow ugc\">MX record\u003C\u002Fa> and the custom ESP(Email Service Provider) grammar.\u003Cbr \u002F>\nThe grammar here is the rules defined by each email provider. For example, Yahoo Mail addresses can only contain letters, numbers, underscores, and one period.\u003Cbr \u002F>\nSo \u003Ccode>user.name.abc@yahoo.com\u003C\u002Fcode> perfectly passes the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fis_email\" rel=\"nofollow ugc\">is_email()\u003C\u002Fa> function but can never exist as it contains more than one period. Such addresses can’t escape Mailgun’s Email validation.\u003C\u002Fp>\n\u003Ch4>Why use Mailgun’s email validation service?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Performs the usual email syntax check.\u003C\u002Fli>\n\u003Cli>Checks the existence of the email domain. So \u003Ccode>user@some-random-characters.com\u003C\u002Fcode> can’t escape.\u003C\u002Fli>\n\u003Cli>Checks if the email domain has a MX record. So \u003Ccode>anything@example.com\u003C\u002Fcode> is caught.\u003C\u002Fli>\n\u003Cli>Checks if the username complies with the grammar of its ESP (Email Service provider). Eg Gmail doesn’t allow usernames less than 6 characters and hyphens so \u003Ccode>small@gmail.com\u003C\u002Fcode> and \u003Ccode>hyphen-user@gmail.com\u003C\u002Fcode> can’t get away.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why use this plugin?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Integrates with the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fis_email\" rel=\"nofollow ugc\">is_email()\u003C\u002Fa> function of WordPress. So it works seamlessly with Contact Form 7, Jetpack\u002FGrunion contact forms, WordPress registration form and any form which uses the \u003Ccode>is_email()\u003C\u002Fcode> function.\u003C\u002Fli>\n\u003Cli>Kicks spam before it is inserted into the database\u003C\u002Fli>\n\u003Cli>Ensures that the commenting process is uninterrupted even if Mailgun suffers a \u003Ca href=\"http:\u002F\u002Fstatus.mailgun.com\" rel=\"nofollow ugc\">downtime\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Works completely transparent, nothing changes in the frontend\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin requires a Mailgun Public API Key which can be obtained by \u003Ca href=\"https:\u002F\u002Fmailgun.com\u002Fsignup\" rel=\"nofollow ugc\">signing up at Mailgun\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you’re trying out this plugin on a local WAMP\u002FLAMP\u002FMAMP installation make sure your system is connected to the Internet for this plugin to contact Mailgun.\u003C\u002Fp>\n\u003Ch4>Available Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Serbo-Croatian by \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Borisa Djuraskovic\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish by \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Andrew Kurtis\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cp>Read about Mailgun’s email validation service.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.mailgun.com\u002Fpost\u002Ffree-email-validation-api-for-web-forms\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fblog.mailgun.com\u002Fpost\u002Ffree-email-validation-api-for-web-forms\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.mailgun.com\u002Fpost\u002Fweekly-product-update-improvements-to-email-validation-api\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fblog.mailgun.com\u002Fpost\u002Fweekly-product-update-improvements-to-email-validation-api\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fmailgun.github.io\u002Fvalidator-demo\u002F\" rel=\"nofollow ugc\">Mailgun Address Validator demo\u003C\u002Fa> and its \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmailgun\u002Fvalidator-demo\u002Ftree\u002Fgh-pages\" rel=\"nofollow ugc\">source code\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fwebsistent.com\u002Fwordpress-plugins\u002Fmailgun-email-validator\u002F\" rel=\"nofollow ugc\">Mailgun Email Validator Plugin\u003C\u002Fa> official homepage.\u003C\u002Fli>\n\u003C\u002Ful>\n","Kick spam with a highly advanced email validation in comment forms, user registration and contact forms using Mailgun's Email validation service.",60,11426,82,25,"2017-11-25T14:21:00.000Z","4.9.29","3.1.0","",[20,21,22,23,24],"anti-spam","comments","email-validation","spam","validation","https:\u002F\u002Fwebsistent.com\u002Fwordpress-plugins\u002Fmailgun-email-validator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmailgun-email-validator.1.2.4.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"jesin",3,670,30,84,"2026-04-04T10:46:22.317Z",[40,59,77,94,117],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":55,"homepage":57,"download_link":58,"security_score":48,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"email-validator-by-byteplant","Byteplant Email Validator","6.7","byteplant","https:\u002F\u002Fprofiles.wordpress.org\u002Fbyteplant\u002F","\u003Ch4>Real-Time Email Validation – Live Check\u003C\u002Fh4>\n\u003Cp>This plugin uses the Byteplant Email-Validator API (https:\u002F\u002Fwww.byteplant.com\u002Femail-validator\u002F) for a real-time live check to find out if an email address really exists or not.\u003C\u002Fp>\n\u003Ch4>Supported Plugins \u002F Compatible Forms\u003C\u002Fh4>\n\u003Cp>The plugin integrates seamlessly with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Jetpack\u002FGrunion\u003C\u002Fli>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>WordPress registration forms\u003C\u002Fli>\n\u003Cli>WordPress comments\u003C\u002Fli>\n\u003Cli>and with any other form which uses the is_email() function (no changes required).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin can also be easily integrated into any 3rd party forms.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>The Email-Validator API real-time validation process includes a live check with all of the following tests:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Syntax verification (IETF\u002FRFC standard conformance)\u003C\u002Fli>\n\u003Cli>DNS validation, including MX record lookup\u003C\u002Fli>\n\u003Cli>Disposable email address (DEA) detection\u003C\u002Fli>\n\u003Cli>Misspelled domain detection to prevent Typosquatting\u003C\u002Fli>\n\u003Cli>Freemail address detection\u003C\u002Fli>\n\u003Cli>SMTP connection and availability checking\u003C\u002Fli>\n\u003Cli>Temporary unavailability detection\u003C\u002Fli>\n\u003Cli>Mailbox existence checking\u003C\u002Fli>\n\u003Cli>Catch-All testing\u003C\u002Fli>\n\u003Cli>Greylisting detection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We do not send any email to the recipient address during the entire validation process. All processing is done on our servers, your IP addresses and domains are not affected in any way by the Email-Validator service – absolutely no blacklisting risk for your IPs and domains.\u003C\u002Fp>\n\u003Ch4>Data Protection and Privacy Policy\u003C\u002Fh4>\n\u003Cp>Please see the Frequently Asked Questions section.\u003C\u002Fp>\n\u003Ch4>Getting Started\u003C\u002Fh4>\n\u003Cp>The plugin requires an API Key. Please sign up for an account at\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.byteplant.com\u002Femail-validator\u002Ffree-trial-registration.html (no credit card required).\u003Cbr \u002F>\nThe trial account comes with 1,000 free credits.\u003C\u002Fp>\n","With the Byteplant Email Validator plugin you can easily verify with a real-time live check if an email address really exists and is valid (https:\u002F\u002Fww &hellip;",100,11212,76,9,"2025-09-20T10:42:00.000Z","6.8.5","3.0.1",[20,56,22,23,24],"email","https:\u002F\u002Fwww.byteplant.com\u002Femail-validator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-validator-by-byteplant.6.7.zip",{"slug":60,"name":61,"version":62,"author":61,"author_profile":63,"description":64,"short_description":65,"active_installs":48,"downloaded":66,"rating":48,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":74,"download_link":75,"security_score":76,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"usercheck","UserCheck","0.1.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fusercheck\u002F","\u003Cp>UserCheck prevents disposable or throwaway email addresses from registering or commenting on your site. This helps to protect your site from spam and maintain the quality of your user base.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically checks email addresses against a constantly updated database of disposable email domains\u003C\u002Fli>\n\u003Cli>Works out of the box with no configuration required\u003C\u002Fli>\n\u003Cli>Seamlessly integrates with WordPress registration and comment forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin uses the API provided by \u003Ca href=\"https:\u002F\u002Fwww.usercheck.com\" rel=\"nofollow ugc\">UserCheck\u003C\u002Fa>, which is constantly updated to include the latest disposable email domains. This ensures your site stays protected against new disposable email providers.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>UserCheck sends email domains to the UserCheck API for validation. No personal data or full email addresses are transmitted. For more information on how UserCheck handles data, please visit \u003Ca href=\"https:\u002F\u002Fwww.usercheck.com\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.usercheck.com\u002Fprivacy\u003C\u002Fa>.\u003C\u002Fp>\n","Protect your WordPress site from disposable email addresses using the UserCheck API.",1755,1,"2025-01-06T04:02:00.000Z","6.7.5","5.2","7.2",[20,73,22],"disposable-email","https:\u002F\u002Fwww.usercheck.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fusercheck.0.1.1.zip",92,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":28,"downloaded":85,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":69,"requires_at_least":86,"requires_php":87,"tags":88,"homepage":18,"download_link":92,"security_score":48,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":93},"noparam-email-validation","NoParam Email Validation – Email Verification & Anti-Spam Prevention","1.0.0","NoParam","https:\u002F\u002Fprofiles.wordpress.org\u002Fnoparam\u002F","\u003Cp>NoParam Email Validation & Anti-Spam Prevention is a powerful plugin designed to ensure that your website’s email list is clean, legitimate, and free from spam. By integrating advanced email verification technology and spam prevention features, this plugin helps you protect your email sender reputation, improve deliverability, and engage with real users. Keep your site free of fake or disposable email addresses and safeguard your communications from spam and invalid sign-ups.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Real-time email validation\u003C\u002Fstrong> – Ensures only valid, legitimate emails are submitted.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Email Suggestions\u003C\u002Fstrong> – Detects and suggests corrections for common typos (e.g., “gmal.com” \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> “gmail.com”).  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Spam Prevention & Fake Email Blocking\u003C\u002Fstrong>: Safeguards your site from disposable, role-based, or temporary emails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Improves Email Deliverability\u003C\u002Fstrong>: Helps protect your sender reputation and ensures higher inbox placement.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy-focused\u003C\u002Fstrong>: No tracking, no storing, no reselling  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy API integration for developers\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Contact Form 7  \u003C\u002Fli>\n\u003Cli>WPForms  \u003C\u002Fli>\n\u003Cli>WordPress Registration Page  \u003C\u002Fli>\n\u003Cli>WordPress Post Comments  \u003C\u002Fli>\n\u003Cli>More integrations coming soon!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fnoparam.com\" rel=\"nofollow ugc\">Get your API key for Free\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to NoParam’s email validation API to check the validity of email addresses submitted through forms.\u003C\u002Fp>\n\u003Cp>NoParam’s Email Validation API uses advanced algorithms to detect fake, disposable, and temporary emails, ensuring the highest level of accuracy and reducing the chances of spam or bounce-back emails.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Used:\u003C\u002Fstrong> NoParam Email Validation API – \u003Ca href=\"https:\u002F\u002Fnoparam.com\" rel=\"nofollow ugc\">Free Email Checker\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> The plugin sends email addresses entered in form fields to the NoParam API for validation.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Why:\u003C\u002Fstrong> This is required to determine whether an email address is valid, invalid, or risky.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>When:\u003C\u002Fstrong> This occurs when users submit forms that are configured to use the validation service.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy & Terms:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fnoparam.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fnoparam.com\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Documentation:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.noparam.com\" rel=\"nofollow ugc\">API Docs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","NoParam offers real-time email validation for WordPress to prevent fake signups and spam, improving email deliverability.",308,"4.4","7.0",[20,89,22,90,91],"email-checker","email-verification","email-verifier","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnoparam-email-validation.zip","2026-03-15T10:48:56.248Z",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":104,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":71,"tags":109,"homepage":112,"download_link":113,"security_score":114,"vuln_count":115,"unpatched_count":28,"last_vuln_date":116,"fetched_at":30},"akismet","Akismet Anti-spam: Spam Protection","5.6","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.\u003C\u002Fp>\n\u003Cp>Akismet checks your comments and contact form submissions against our global database of spam to prevent your site from publishing malicious content. You can review the comment spam it catches on your blog’s “Comments” admin screen.\u003C\u002Fp>\n\u003Cp>Major features in Akismet include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically checks all comments and filters out the ones that look like spam.\u003C\u002Fli>\n\u003Cli>Each comment has a status history, so you can easily see which comments were caught or cleared by Akismet and which were spammed or unspammed by a moderator.\u003C\u002Fli>\n\u003Cli>URLs are shown in the comment body to reveal hidden or misleading links.\u003C\u002Fli>\n\u003Cli>Moderators can see the number of approved comments for each user.\u003C\u002Fli>\n\u003Cli>A discard feature that outright blocks the worst spam, saving you disk space and speeding up your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: You’ll be prompted to get an Akismet.com API key to use it, once activated. Keys are free for personal blogs; paid subscriptions are available for businesses and commercial sites.\u003C\u002Fp>\n","The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.",6000000,386405930,94,1173,"2025-11-12T16:31:00.000Z","6.9.4","5.8",[20,110,21,111,23],"antispam","contact-form","https:\u002F\u002Fakismet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakismet.5.6.zip",99,2,"2015-10-13 00:00:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":53,"requires_at_least":130,"requires_php":70,"tags":131,"homepage":134,"download_link":135,"security_score":48,"vuln_count":67,"unpatched_count":28,"last_vuln_date":136,"fetched_at":30},"antispam-bee","Antispam Bee","2.11.8","pluginkollektiv","https:\u002F\u002Fprofiles.wordpress.org\u002Fpluginkollektiv\u002F","\u003Cp>Say Goodbye to comment spam on your WordPress blog or website. \u003Cem>Antispam Bee\u003C\u002Fem> blocks spam comments and trackbacks effectively, without captchas and without sending personal information to third party services. It is free of charge, ad-free and 100% GDPR compliant.\u003C\u002Fp>\n\u003Ch3>Feature\u002FSettings Overview\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Trust approved commenters.\u003C\u002Fli>\n\u003Cli>Trust commenters with a Gravatar.\u003C\u002Fli>\n\u003Cli>Consider the comment time.\u003C\u002Fli>\n\u003Cli>Allow comments only in a certain language.\u003C\u002Fli>\n\u003Cli>Block or allow commenters from certain countries.\u003C\u002Fli>\n\u003Cli>Treat BBCode links as spam.\u003C\u002Fli>\n\u003Cli>Use regular expressions.\u003C\u002Fli>\n\u003Cli>Search local spam database for commenters previously marked as spammers.\u003C\u002Fli>\n\u003Cli>Notify admins by e-mail about incoming spam.\u003C\u002Fli>\n\u003Cli>Delete existing spam after n days.\u003C\u002Fli>\n\u003Cli>Limit approval to comments\u002Fpings (will delete other comment types).\u003C\u002Fli>\n\u003Cli>Select spam indicators to send comments to deletion directly.\u003C\u002Fli>\n\u003Cli>Optionally exclude trackbacks and pingbacks from spam detection.\u003C\u002Fli>\n\u003Cli>Optionally spam-check comment forms on archive pages.\u003C\u002Fli>\n\u003Cli>Display spam statistics on the dashboard, including daily updates of spam detection rate and a total of blocked spam comments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Community support via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums on wordpress.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Read \u003Ca href=\"https:\u002F\u002Fantispambee.pluginkollektiv.org\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">the documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>We don’t handle support via e-mail, Twitter, GitHub issues etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpluginkollektiv\u002Fantispam-bee\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Pull requests for documented bugs are highly appreciated.\u003C\u002Fli>\n\u003Cli>If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fantispam-bee\" rel=\"ugc\">support forums\u003C\u002Fa> first.\u003C\u002Fli>\n\u003Cli>If you want to help us translate this plugin you can do so \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fantispam-bee\" rel=\"nofollow ugc\">on WordPress Translate\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Author: \u003Ca href=\"https:\u002F\u002Fsergejmueller.github.io\u002F\" rel=\"nofollow ugc\">Sergej Müller\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Maintainers: \u003Ca href=\"https:\u002F\u002Fpluginkollektiv.org\" rel=\"nofollow ugc\">pluginkollektiv\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.",700000,10958057,96,225,"2025-07-22T11:23:00.000Z","4.6",[20,110,21,132,133],"spam-filter","spam-protection","https:\u002F\u002Fantispambee.pluginkollektiv.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fantispam-bee.2.11.8.zip","2023-11-27 00:00:00",{"attackSurface":138,"codeSignals":177,"taintFlows":220,"riskAssessment":263,"analyzedAt":280},{"hooks":139,"ajaxHandlers":164,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":115,"unprotectedCount":115},[140,146,150,154,159],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_menu","plugin_menu","admin_options.php",12,{"type":141,"name":147,"callback":148,"file":144,"line":149},"admin_init","plugin_settings",13,{"type":141,"name":151,"callback":152,"file":144,"line":153},"admin_notices","admin_messages",14,{"type":141,"name":155,"callback":156,"file":157,"line":158},"init","plugin_init","plugin.php",34,{"type":160,"name":161,"callback":162,"file":157,"line":163},"filter","is_email","validate_email",39,[165,170],{"action":166,"nopriv":167,"callback":168,"hasNonce":167,"hasCapCheck":167,"file":144,"line":169},"mailgun_api",false,"mailgun_api_ajax_callback",47,{"action":171,"nopriv":167,"callback":172,"hasNonce":167,"hasCapCheck":167,"file":144,"line":173},"test_email","test_email_ajax_callback",48,[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":181,"fileOperations":28,"externalRequests":34,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":219},[],{"prepared":28,"raw":28,"locations":180},[],{"escaped":28,"rawEcho":182,"locations":183},17,[184,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215,217],{"file":144,"line":185,"context":186},23,"raw output",{"file":144,"line":188,"context":186},59,{"file":144,"line":190,"context":186},136,{"file":144,"line":192,"context":186},140,{"file":144,"line":194,"context":186},142,{"file":144,"line":196,"context":186},147,{"file":144,"line":198,"context":186},151,{"file":144,"line":200,"context":186},155,{"file":144,"line":202,"context":186},167,{"file":144,"line":204,"context":186},174,{"file":144,"line":206,"context":186},188,{"file":144,"line":208,"context":186},196,{"file":144,"line":210,"context":186},198,{"file":144,"line":212,"context":186},205,{"file":144,"line":214,"context":186},207,{"file":144,"line":216,"context":186},212,{"file":144,"line":218,"context":186},236,[],[221,239,249],{"entryPoint":222,"graph":223,"unsanitizedCount":67,"severity":238},"mailgun_api_ajax_callback (admin_options.php:120)",{"nodes":224,"edges":236},[225,230],{"id":226,"type":227,"label":228,"file":144,"line":229},"n0","source","$_POST",127,{"id":231,"type":232,"label":233,"file":144,"line":234,"wp_function":235},"n1","sink","wp_remote_request() [SSRF]",132,"wp_remote_request",[237],{"from":226,"to":231,"sanitized":167},"medium",{"entryPoint":240,"graph":241,"unsanitizedCount":67,"severity":238},"test_email_ajax_callback (admin_options.php:161)",{"nodes":242,"edges":247},[243,246],{"id":226,"type":227,"label":244,"file":144,"line":245},"$_POST['email_id']",184,{"id":231,"type":232,"label":233,"file":144,"line":245,"wp_function":235},[248],{"from":226,"to":231,"sanitized":167},{"entryPoint":250,"graph":251,"unsanitizedCount":34,"severity":238},"\u003Cadmin_options> (admin_options.php:0)",{"nodes":252,"edges":260},[253,255,256,258],{"id":226,"type":227,"label":254,"file":144,"line":229},"$_POST (x2)",{"id":231,"type":232,"label":233,"file":144,"line":234,"wp_function":235},{"id":257,"type":227,"label":244,"file":144,"line":245},"n2",{"id":259,"type":232,"label":233,"file":144,"line":245,"wp_function":235},"n3",[261,262],{"from":226,"to":231,"sanitized":167},{"from":257,"to":259,"sanitized":167},{"summary":264,"deductions":265},"The mailgun-email-validator plugin v1.2.4.1 exhibits a concerning security posture primarily due to a lack of proper authorization checks and output escaping. While the plugin has no recorded vulnerability history and does not utilize dangerous functions or perform raw SQL queries, its static analysis reveals significant weaknesses.  The presence of two unprotected AJAX handlers represents a direct attack vector, allowing unauthenticated users to potentially trigger plugin functionality. Furthermore, the complete absence of output escaping on all identified outputs is a critical flaw, opening the door to Cross-Site Scripting (XSS) vulnerabilities. The taint analysis, though limited in scope, did identify flows with unsanitized paths, which, combined with the lack of escaping and authorization, could lead to serious security issues if these paths interact with user-supplied input.\n\nThe plugin's strength lies in its clean vulnerability history and its avoidance of common pitfalls like raw SQL. However, these positive aspects are heavily overshadowed by the immediate and exploitable risks identified in the code analysis. The unprotected entry points and unescaped outputs are significant security concerns that require immediate attention. Without these fundamental security measures in place, the plugin is highly susceptible to various attacks.",[266,269,272,275,277],{"reason":267,"points":268},"AJAX handlers without authorization checks",10,{"reason":270,"points":271},"No output escaping on any outputs",8,{"reason":273,"points":274},"No nonce checks on AJAX handlers",7,{"reason":276,"points":274},"No capability checks on AJAX handlers",{"reason":278,"points":279},"Taint flows with unsanitized paths",5,"2026-03-16T21:47:10.125Z",{"wat":282,"direct":287},{"assetPaths":283,"generatorPatterns":284,"scriptPaths":285,"versionParams":286},[],[],[],[],{"cssClasses":288,"htmlComments":289,"htmlAttributes":290,"restEndpoints":291,"jsGlobals":292,"shortcodeOutput":293},[],[],[],[],[],[]]