MailRush.io Forms Security & Risk Analysis
wordpress.org/plugins/mailrush-io-formsAdd Subscription Forms to WordPress. Send transactional Emails and Automate your email marketing efforts.
Is MailRush.io Forms Safe to Use in 2026?
Generally Safe
Score 85/100MailRush.io Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The mailrush-io-forms plugin v1.3 exhibits a generally positive security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs and the complete lack of identified taint flows are strong indicators of a secure codebase. Furthermore, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and avoiding dangerous functions, file operations, and external HTTP requests that could be exploited. The limited attack surface, with no exposed AJAX handlers, REST API routes, or shortcodes, also contributes to its security.
However, there are significant areas for improvement that introduce risk. The most glaring concern is the extremely low percentage of properly escaped output (18%). This suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data could be injected and executed in the browser. The complete absence of nonce and capability checks on any entry points, while the attack surface is reported as zero, is a contradiction that needs clarification. If there were any hidden entry points, this would be a critical oversight. The presence of external HTTP requests, while only two, introduces a potential for request forgery or other related attacks if not handled securely.
Key Concerns
- Very low output escaping (18%)
- No nonce checks on entry points
- No capability checks on entry points
- Presence of external HTTP requests
MailRush.io Forms Security Vulnerabilities
MailRush.io Forms Release Timeline
MailRush.io Forms Code Analysis
Output Escaping
MailRush.io Forms Attack Surface
WordPress Hooks 6
Maintenance & Trust
MailRush.io Forms Maintenance & Trust
Maintenance Signals
Community Trust
MailRush.io Forms Alternatives
Hostinger Reach – AI-Powered Email Marketing for WordPress
hostinger-reach
Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.
MC4WP: Mailchimp for WordPress
mailchimp-for-wp
The #1 Mailchimp plugin for WordPress. Allows you to add a multitude of newsletter sign-up methods to your site.
MailPoet – Newsletters, Email Marketing, and Automation
mailpoet
Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more
Creative Mail – Easier WordPress & WooCommerce Email Marketing
creative-mail-by-constant-contact
Creative Mail was designed specifically for WordPress and WooCommerce. Our intelligent (and super fun) email editor simplifies email marketing campaig …
Newsletter – Send awesome emails from WordPress
newsletter
An email marketing tool for your blog: subscription forms to create your lists with unlimited subscribers and newsletters.
MailRush.io Forms Developer Profile
2 plugins · 10 total installs
How We Detect MailRush.io Forms
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/mailrush-io-forms/css/mailrush_ui.css/wp-content/plugins/mailrush-io-forms/images/dashboard_icon.svghttps://app.mailrush.io/assets/HTML / DOM Fingerprints
mailrush_ui_containermailrush_ui_contentmailrush_buttons_sectionmailrush_ui_rowmailrush_ui_groupmailrush_live_idmailrush_transactionalmailrush_ui_spa+4 moreid="mailrush_ui_container"id="mailrush_ui_content"id="mailrush_save"id="mailrush_live_id"id="mailrush_transactional"id="mailrush_ui_tgroup"+7 moremailrush/wp-json/mailrush/v1/settings