Does N-letters. Send newsletters to your website's users have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is N-letters. Send newsletters to your website's users compatible with WordPress 6.3.8?

According to WordPress.org data, N-letters. Send newsletters to your website's users 1.1 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

What is N-letters. Send newsletters to your website's users's security score?

N-letters. Send newsletters to your website's users has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

N-letters. Send newsletters to your website's users Security & Risk Analysis

wordpress.org/plugins/n-letters-send-newsletters-to-your-websites-users

N-letters - plugin for sending newsletters to your website's users.

0 active installs v1.1 PHP + WP 5.3+ Updated Aug 28, 2023

emailnewsletter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is N-letters. Send newsletters to your website's users Safe to Use in 2026?

Generally Safe

Score 85/100

N-letters. Send newsletters to your website's users has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The 'n-letters-send-newsletters-to-your-websites-users' plugin v1.1 exhibits a mixed security posture. On the positive side, there are no reported vulnerabilities in its history, and the static analysis reveals a contained attack surface with all entry points having some form of authentication or capability check. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests are good indicators. However, significant concerns arise from the SQL query handling and output escaping. All three SQL queries are executed without prepared statements, creating a high risk of SQL injection if any user-supplied data is incorporated into these queries. Additionally, only 16% of output operations are properly escaped, leaving a substantial portion vulnerable to Cross-Site Scripting (XSS) attacks. While the plugin has no known CVEs, the identified code weaknesses could be exploited if not addressed, potentially leading to data breaches or site compromise.

Key Concerns

SQL queries without prepared statements
Low percentage of properly escaped output

Vulnerabilities

None known

N-letters. Send newsletters to your website's users Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

N-letters. Send newsletters to your website's users Release Timeline

v1.1Current

v1.0

Code Analysis

Analyzed Mar 17, 2026

N-letters. Send newsletters to your website's users Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared3 total queries

Output Escaping

16% escaped25 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

update_subsc_data (includes\admin\models\MXSMS_Main_Page_Model.php:25)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

N-letters. Send newsletters to your website's users Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_mxsms_update_subsc_settingsincludes\admin\models\MXSMS_Main_Page_Model.php:18

authwp_ajax_mxsms_can_send_emailincludes\frontend\classes\update-email-send-ability.php:12

Shortcodes 1

[mxsms_unsubscribe_page] includes\frontend\classes\shortcode-unsubscribe.php:9

WordPress Hooks 12

actioninitincludes\admin\classes\cpt.php:23

actionadd_meta_boxesincludes\admin\classes\cpt.php:33

actionsave_post_mxsms_subscriptionsincludes\admin\classes\cpt.php:36

actionadmin_enqueue_scriptsincludes\admin\classes\enqueue-scripts.php:24

actionsave_post_mxsms_subscriptionsincludes\admin\classes\send-email.php:13

filterwp_mail_content_typeincludes\admin\classes\send-email.php:59

filterwp_mail_content_typeincludes\admin\classes\send-email.php:77

actionadmin_noticesincludes\core\error_handle\Display-Error.php:27

actionadmin_noticesincludes\core\error_handle\Display_Error.php:26

actionadmin_menuincludes\core\Route-Registrar.php:165

actionwp_enqueue_scriptsincludes\frontend\classes\enqueue-scripts.php:24

actionplugins_loadedn-letters-send-newsletters.php:116

Maintenance & Trust

N-letters. Send newsletters to your website's users Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedAug 28, 2023

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

N-letters. Send newsletters to your website's users Alternatives

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M 1 CVE

MC4WP: Mailchimp for WordPress

mailchimp-for-wp

The #1 Mailchimp plugin for WordPress. Allows you to add a multitude of newsletter sign-up methods to your site.

1.0M 11 CVEs

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs

Creative Mail – Easier WordPress & WooCommerce Email Marketing

creative-mail-by-constant-contact

Creative Mail was designed specifically for WordPress and WooCommerce. Our intelligent (and super fun) email editor simplifies email marketing campaig …

300K 1 unpatched

Newsletter – Send awesome emails from WordPress

newsletter

An email marketing tool for your blog: subscription forms to create your lists with unlimited subscribers and newsletters.

200K 20 CVEs

Developer Profile

N-letters. Send newsletters to your website's users Developer Profile

Maksym Marko

12 plugins · 1K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

881 days

View full developer profile

Detection Fingerprints

How We Detect N-letters. Send newsletters to your website's users

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/n-letters-send-newsletters-to-your-websites-users/assets/font-awesome-4.6.3/css/font-awesome.min.css/wp-content/plugins/n-letters-send-newsletters-to-your-websites-users/includes/admin/assets/css/style.css/wp-content/plugins/n-letters-send-newsletters-to-your-websites-users/includes/admin/assets/js/script.js/wp-content/plugins/n-letters-send-newsletters-to-your-websites-users/includes/frontend/assets/js/script.js

Script Paths

/wp-content/plugins/n-letters-send-newsletters-to-your-websites-users/includes/admin/assets/js/script.js/wp-content/plugins/n-letters-send-newsletters-to-your-websites-users/includes/frontend/assets/js/script.js

Version Parameters

n-letters-send-newsletters-to-your-websites-users/includes/admin/assets/css/style.css?ver=n-letters-send-newsletters-to-your-websites-users/includes/admin/assets/js/script.js?ver=n-letters-send-newsletters-to-your-websites-users/includes/frontend/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

mx-receive-email

HTML Comments

+10 more

Data Attributes

id="mx-receive-email-input"type="checkbox"

JS Globals

mxsms_data_obj

Shortcode Output

<div class="mx-receive-email"><input type="checkbox" id="mx-receive-email-input"<label for="mx-receive-email-input">Send the emails from this website to my email.</label></div>

FAQ