WP-Safety

Mass Email Notifications for Gravity Forms Security & Risk Analysis

wordpress.org/plugins/mass-email-notifications-for-gravity-forms

Mass Email Notifications for Gravity Forms allows you to send your notifications to anyone who filled out one of your forms!

0 active installs v1.3.8.1 PHP 8.0+ WP + Updated Feb 19, 2026
automationemailgravityformsnotificationstask-management
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Mass Email Notifications for Gravity Forms Safe to Use in 2026?

Generally Safe

Score 100/100

Mass Email Notifications for Gravity Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'mass-email-notifications-for-gravity-forms' plugin v1.3.8.1 exhibits a generally strong security posture with excellent practices in output escaping and a low percentage of SQL queries not using prepared statements. The absence of known CVEs and common vulnerability types in its history suggests a history of secure development. However, a significant concern arises from the static analysis results, specifically the presence of 4 taint flows flagged as high severity, indicating potential paths for malicious data to be processed without proper sanitization. Furthermore, one of the REST API routes is exposed without a permission callback, creating an unprotected entry point. While the plugin demonstrates good coding habits in most areas, these specific findings related to taint analysis and unprotected entry points represent the most critical risks and require immediate attention.

Key Concerns

  • High severity taint flows found
  • REST API route without permission callback
Vulnerabilities
None known

Mass Email Notifications for Gravity Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Mass Email Notifications for Gravity Forms Code Analysis

Dangerous Functions
0
Raw SQL Queries
8
30 prepared
Unescaped Output
2
134 escaped
Nonce Checks
4
Capability Checks
9
File Operations
1
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

79% prepared38 total queries

Output Escaping

99% escaped136 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths
handle_unsuppress (class-mass-email-notifications-for-gravity-forms.php:416)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Mass Email Notifications for Gravity Forms Attack Surface

Entry Points7
Unprotected1

AJAX Handlers 6

authwp_ajax_menfgf_toggle_cronclass-mass-email-notifications-for-gravity-forms.php:165
authwp_ajax_menfgf_update_batchclass-mass-email-notifications-for-gravity-forms.php:166
authwp_ajax_menfgf_get_suppressionsclass-mass-email-notifications-for-gravity-forms.php:167
authwp_ajax_menfgf_unsuppressclass-mass-email-notifications-for-gravity-forms.php:168
authwp_ajax_menfgf_refresh_batchesclass-mass-email-notifications-for-gravity-forms.php:170
authwp_ajax_menfgf_batches_revisionclass-mass-email-notifications-for-gravity-forms.php:171

REST API Routes 1

GET/wp-json/menfgf/v1/unsubscribeclass-mass-email-notifications-for-gravity-forms.php:2232
WordPress Hooks 12
actionsend_mass_email_notificationsclass-mass-email-notifications-for-gravity-forms.php:172
actiongform_delete_entryclass-mass-email-notifications-for-gravity-forms.php:179
actionrest_api_initclass-mass-email-notifications-for-gravity-forms.php:191
actionadmin_enqueue_scriptsclass-mass-email-notifications-for-gravity-forms.php:202
actionadmin_post_menfgf_toggle_feedclass-mass-email-notifications-for-gravity-forms.php:243
actionadmin_post_menfgf_toggle_workflow_stepclass-mass-email-notifications-for-gravity-forms.php:244
actionadmin_post_menfgf_unsuppressclass-mass-email-notifications-for-gravity-forms.php:245
actionplugins_loadedmass-email-notifications-for-gf.php:27
filterenable_cpt_advanced_menu_logicmass-email-notifications-for-gf.php:85
actionadmin_noticesmass-email-notifications-for-gf.php:86
actiongform_loadedmass-email-notifications-for-gf.php:100
actiongravityflow_loadedmass-email-notifications-for-gf.php:111

Scheduled Events 3

send_mass_email_notifications
send_mass_email_notifications
send_mass_email_notifications
Maintenance & Trust

Mass Email Notifications for Gravity Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 19, 2026
PHP min version8.0
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Mass Email Notifications for Gravity Forms Alternatives

Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress

Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress

email-subscribers

B
76

Add subscription forms on the website and send newsletters & automatically send post notification about new blog posts once it gets published.

60K 42 CVEs
Chirp – Instant Post Notifications

Chirp – Instant Post Notifications

chirp-instant-post-notifications

A
100

Chirp – Instant Post Notifications is a lightweight notification plugin that automatically notifies subscribers whenever a new post is published.

0 No CVEs
MailPoet – Newsletters, Email Marketing, and Automation

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

A
98

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs
ActiveCampaign Postmark for WordPress

ActiveCampaign Postmark for WordPress

postmark-approved-wordpress-plugin

A
92

The officially-supported ActiveCampaign Postmark plugin for Wordpress.

50K No CVEs
ActiveCampaign – The autonomous marketing platform

ActiveCampaign – The autonomous marketing platform

activecampaign-subscription-forms

A
96

Add ActiveCampaign contact forms and live chat to any post, page, or sidebar. Also enable ActiveCampaign site tracking for your WordPress blog.

40K 4 CVEs
Developer Profile

Mass Email Notifications for Gravity Forms Developer Profile

BrightLeaf Digital

4 plugins · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Mass Email Notifications for Gravity Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mass-email-notifications-for-gravity-forms/assets/css/gf_mass_email_notifications.css/wp-content/plugins/mass-email-notifications-for-gravity-forms/assets/js/gf_mass_email_notifications.js
Script Paths
/wp-content/plugins/mass-email-notifications-for-gravity-forms/assets/js/gf_mass_email_notifications.js
Version Parameters
mass-email-notifications-for-gravity-forms/assets/css/gf_mass_email_notifications.css?ver=mass-email-notifications-for-gravity-forms/assets/js/gf_mass_email_notifications.js?ver=

HTML / DOM Fingerprints

CSS Classes
gf_mass_email_notifications_wrapper
JS Globals
window.GF_MASS_EMAIL_NOTIFICATIONS_JS_OBJECT
FAQ

Frequently Asked Questions about Mass Email Notifications for Gravity Forms