Does Mailster Multi SMTP have any unpatched vulnerabilities?

No. All known vulnerabilities in Mailster Multi SMTP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Mailster Multi SMTP compatible with WordPress 6.5.8?

According to WordPress.org data, Mailster Multi SMTP 1.3.1 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is Mailster Multi SMTP updated?

Mailster Multi SMTP was last updated on May 27, 2024. Frequent updates are generally a positive security signal.

What is Mailster Multi SMTP's security score?

Mailster Multi SMTP has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mailster Multi SMTP Security & Risk Analysis

wordpress.org/plugins/mailster-multi-smtp

Allows to use multiple SMTP connection for the Mailster Newsletter Plugin

400 active installs v1.3.1 PHP + WP 6.0+ Updated May 27, 2024

deliverydeliverymethodemailmailsternewsletter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mailster Multi SMTP Safe to Use in 2026?

Generally Safe

Score 92/100

Mailster Multi SMTP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The static analysis of mailster-multi-smtp v1.3.1 reveals a generally good security posture with no identified critical vulnerabilities or direct entry points like AJAX handlers, REST API routes, or shortcodes that lack authentication. The code demonstrates strong adherence to secure SQL practices by exclusively using prepared statements, and it avoids file operations and external HTTP requests, which are common sources of vulnerabilities. However, a significant concern arises from the output escaping, where only 39% of outputs are properly escaped, indicating a potential risk of Cross-Site Scripting (XSS) vulnerabilities if user-controlled data is displayed without sufficient sanitization. Additionally, the taint analysis shows 2 flows with unsanitized paths, and while no critical or high severity was reported, this warrants further investigation for potential information disclosure or path traversal issues. The plugin's vulnerability history is clean, with no recorded CVEs, suggesting a history of responsible development. Despite the positive aspects, the insufficient output escaping and the unsanitized paths identified in taint analysis are notable weaknesses that could be exploited.

Key Concerns

Poor output escaping
Unsanitized paths in taint flows

Vulnerabilities

None known

Mailster Multi SMTP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Mailster Multi SMTP Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

39% escaped33 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

metabox (classes\multismtp.class.php:412)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Mailster Multi SMTP Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 13

actioninitclasses\multismtp.class.php:18

actionadmin_noticesclasses\multismtp.class.php:94

filtermailster_delivery_methodsclasses\multismtp.class.php:98

actionmailster_deliverymethod_tab_multismtpclasses\multismtp.class.php:99

filtermailster_verify_optionsclasses\multismtp.class.php:101

filtermailster_testsclasses\multismtp.class.php:104

actionadd_meta_boxesclasses\multismtp.class.php:105

actionsave_postclasses\multismtp.class.php:106

actionmailster_initsendclasses\multismtp.class.php:107

actionmailster_presendclasses\multismtp.class.php:108

actionmailster_dosendclasses\multismtp.class.php:109

filterpre_set_transient__mailster_send_periodclasses\multismtp.class.php:110

filterpre_set_transient__mailster_send_periodclasses\multismtp.class.php:342

Maintenance & Trust

Mailster Multi SMTP Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedMay 27, 2024

PHP min version

Downloads16K

Community Trust

Rating60/100

Number of ratings1

Active installs400

Alternatives

Mailster Multi SMTP Alternatives

Mailster Gmail Integration

mailster-gmail

Uses Gmail to deliver emails for the Mailster Newsletter Plugin for WordPress.

1K No CVEs

Mailster SendGrid Integration

mailster-sendgrid

Uses SendGrid to deliver emails for the Mailster Newsletter Plugin for WordPress.

1K No CVEs

Mailster Mailgun Integration

mailster-mailgun

Uses Mailgun to deliver emails for the Mailster Newsletter Plugin for WordPress.

600 No CVEs

Mailster Mailjet

mailster-mailjet

Uses Mailjet to deliver emails for the Mailster Newsletter Plugin for WordPress.

300 No CVEs

Mailster MailerSend Integration

mailster-mailersend

Uses MailerSend to deliver emails for the Mailster Newsletter Plugin for WordPress.

200 No CVEs

Developer Profile

Mailster Multi SMTP Developer Profile

EverPress

28 plugins · 121K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

255 days

View full developer profile

Detection Fingerprints

How We Detect Mailster Multi SMTP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mailster-multi-smtp/mailster_multismtp.php

Version Parameters

mailster-multi-smtp/mailster_multismtp.php?ver=1.3.1

HTML / DOM Fingerprints

JS Globals

MailsterMultiSMTP

FAQ