Does Mailsure have any unpatched vulnerabilities?

No. All known vulnerabilities in Mailsure have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Mailsure compatible with WordPress 6.5.8?

According to WordPress.org data, Mailsure 1.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Mailsure compatible with PHP 7.1+?

Mailsure requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Mailsure updated?

Mailsure was last updated on Jul 12, 2024. Frequent updates are generally a positive security signal.

What is Mailsure's security score?

Mailsure has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mailsure Security & Risk Analysis

wordpress.org/plugins/mailsure

Test email sending, SPF, DKIM & DMARC

50 active installs v1.0 PHP 7.1+ WP 6.0+ Updated Jul 12, 2024

dkimdmarcemailemail-authenticationtest-email

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mailsure Safe to Use in 2026?

Generally Safe

Score 92/100

Mailsure has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'mailsure' v1.0 plugin exhibits a generally positive security posture with several good practices in place, such as the complete absence of dangerous functions, file operations, and external HTTP requests. The use of prepared statements for all SQL queries and a high percentage of properly escaped output are strong indicators of secure coding. However, a significant concern arises from its attack surface. With a total of two entry points, one of which is an AJAX handler that lacks authentication checks, there is a clear vulnerability present. This unprotected entry point could be exploited by unauthenticated users to interact with the plugin in unintended ways, potentially leading to various security issues depending on the AJAX handler's functionality. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign suggesting a history of secure development. Nevertheless, the presence of an unprotected AJAX handler is a critical oversight that outweighs the lack of past vulnerabilities and requires immediate attention.

Key Concerns

AJAX handler without authentication

Vulnerabilities

None known

Mailsure Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Mailsure Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

41 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

95% escaped43 total outputs

Attack Surface

1 unprotected

Mailsure Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_mailsure_refresh_when_result_receivedmailsure.php:446

REST API Routes 1

POST/wp-json/mailsure/v2/on-demand-result/mailsure.php:399

WordPress Hooks 7

actionadmin_initmailsure.php:47

actionadmin_menumailsure.php:80

actionadmin_print_scriptsmailsure.php:112

actionadmin_enqueue_scriptsmailsure.php:117

actionwp_mail_failedmailsure.php:183

actionrest_api_initmailsure.php:395

actionwp_mail_failedmailsure.php:504

Maintenance & Trust

Mailsure Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 12, 2024

PHP min version7.1

Downloads786

Community Trust

Rating100/100

Number of ratings1

Active installs50

Alternatives

Mailsure Alternatives

Deliverability – pass DKIM, SPF, DMARC & more

deliverability

100

Check and improve your Email Deliverability. Pass DMARC by DKIM-signing your emails without an external SMTP. Comply with Google & Yahoo requirements!

800 No CVEs

DMARCREPORT Domain Auth Checker

dmarcreport-domain-auth-checker

100

Check SPF, DMARC, BIMI, MTA-STS and TLS-RPT records for any domain. Embed email authentication checkers with a shortcode.

0 No CVEs

WP Test Email

wp-test-email

WP Test Email is allows you to test if your WordPress installation is sending mail or not.

20K 1 unpatched

Automatic Email Testing for WP

automatic-email-testing-for-wp

100

[UPDATED!] Automatic Email Testing for WP plugin allows you to set up a system inside wordpress to test your email server every day.

300 No CVEs

WP SMTP Mailer

wp-smtp-mailer

WP SMTP Mailer is a simple and flexible plugin to configure SMTP settings in WordPress. It allows you to set up SMTP credentials, test email sending, …

50 No CVEs

Developer Profile

Mailsure Developer Profile

corytrevor

1 plugin · 50 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Mailsure

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mailsure/assets/admin-style.css

Version Parameters

mailsure-admin-style?ver=

HTML / DOM Fingerprints

CSS Classes

nav-tabnav-tab-activewrapwp-core-ui

Data Attributes

data-nonce-actiondata-nonce-field

JS Globals

mailsure_mail_error_messageajaxurl

FAQ