
Newsletter subscription optin module Security & Risk Analysis
wordpress.org/plugins/newsletter-subscription-widget-for-sendblasterPlugin for managing subscriptions to a mailing list. It provides a simple form for subscription to your mailing list through single or double opt-in.
Is Newsletter subscription optin module Safe to Use in 2026?
Use With Caution
Score 63/100Newsletter subscription optin module has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.
The plugin "newsletter-subscription-widget-for-sendblaster" v1.2.9 exhibits a mixed security posture. On the positive side, the static analysis reveals no dangerous functions, all SQL queries are prepared, and there are no file operations or external HTTP requests. The absence of a significant attack surface with entry points is also a good sign. However, there are notable concerns.
The taint analysis indicates a significant issue with 6 flows having unsanitized paths, with 4 of these being of high severity. This suggests that user-supplied data is not being properly validated or sanitized before being used in potentially sensitive operations, creating a risk of injection or other path traversal vulnerabilities. The lack of nonce checks and capability checks in general, especially given the presence of high-severity taint flows, means that even if an entry point were discovered, there are no built-in protections against unauthorized actions.
The vulnerability history shows a medium severity CVE that is currently unpatched. This, combined with the medium severity of the last vulnerability type (CSRF), indicates a pattern of potential security weaknesses that, while not critical, still require attention. The overall conclusion is that while the plugin has some good security fundamentals, the unpatched CVE and the high-severity unsanitized taint flows present clear and present risks that need to be addressed.
Key Concerns
- Unpatched CVE
- High severity taint flows with unsanitized paths
- Output not properly escaped (16% of outputs)
- Missing nonce checks
- Missing capability checks
Newsletter subscription optin module Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Newsletter subscription optin module <= 1.2.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Newsletter subscription optin module Release Timeline
Newsletter subscription optin module Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Newsletter subscription optin module Attack Surface
WordPress Hooks 2
Maintenance & Trust
Newsletter subscription optin module Maintenance & Trust
Maintenance Signals
Community Trust
Newsletter subscription optin module Alternatives
Mailjet Email Marketing
mailjet-for-wordpress
Includes WooCommerce automated and order emails. Design, send and track engaging marketing and transactional emails from your WordPress admin.
Newsletters
newsletters-lite
Newsletter plugin for WordPress to capture subscribers and send beautiful, bulk newsletter emails.
Email Subscription Popup
email-subscribe
This plugin shows you a beautiful newsletter subscription popup when someone enter to your site. You can even use widget that allow email subscription …
Newsletter Subscription Form – User Subscriptions Form, Capture Email
newsletter-subscription-form
Newsletter Subscription Form for WordPress is the ultimate lead generation, customer acquisition and email marketing plugin to grow and engage your ma …
Mailchimp Widget by ProteusThemes
proteusthemes-mailchimp-widget
Capture your visitor's email address and subscribe them to your newsletter campaign with this simple Mailchimp widget plugin!
Newsletter subscription optin module Developer Profile
1 plugin · 60 total installs
How We Detect Newsletter subscription optin module
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/newsletter-subscription-widget-for-sendblaster/style.cssnewsletter-subscription-widget-for-sendblaster/style.css?ver=HTML / DOM Fingerprints
wpsb_form_labelwpsb_form_txtwpsb_form_radiowpsb_form_btnwidgetmoduleMade by www.sendblaster.com Newsletter Software Opt-inid="wpsb_email"id="wpsb_fld_onclick="wpsb_toggle_custom_fields(1)"onclick="wpsb_toggle_custom_fields(0)"id="wpsb_form_submit"wpsb_toggle_custom_fields<form action="#wpsbw" method="post"><h6>Get this <a href="https://wordpress.org/plugins/newsletter-subscription-widget-for-sendblaster/" title="Wordpress newsletter plugin">newsletter subscription widget</a> for your own WP project.<br /> <a href="//www.sendblaster.com/newsletter-software-no-recurring-fees/" title="Powered by: Sendblaster.com" rel="nofollow">Powered by: Sendblaster.com</a></h6>