Does One Time Email Access Guard have any unpatched vulnerabilities?

No. All known vulnerabilities in One Time Email Access Guard have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is One Time Email Access Guard compatible with WordPress 6.9.4?

According to WordPress.org data, One Time Email Access Guard 1.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is One Time Email Access Guard compatible with PHP 7.2+?

One Time Email Access Guard requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is One Time Email Access Guard updated?

One Time Email Access Guard was last updated on Feb 25, 2026. Frequent updates are generally a positive security signal.

What is One Time Email Access Guard's security score?

One Time Email Access Guard has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

One Time Email Access Guard Security & Risk Analysis

wordpress.org/plugins/one-time-email-access-guard

Protect pages and posts with email-delivered verification codes. Secure, passwordless access control with user management and customization.

0 active installs v1.1.0 PHP 7.2+ WP 5.0+ Updated Feb 25, 2026

access-controlauthenticationotppasswordlesssecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is One Time Email Access Guard Safe to Use in 2026?

Generally Safe

Score 100/100

One Time Email Access Guard has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "one-time-email-access-guard" plugin v1.1.0 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The plugin demonstrates good practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks for its entry points. Furthermore, the absence of any recorded vulnerabilities, critical taint flows, or unsanitized paths is highly encouraging.

However, a notable area for concern is the output escaping. With 71% of outputs properly escaped, there is still a significant portion (29%) that may be vulnerable to cross-site scripting (XSS) attacks if user-supplied data is directly reflected in the output without sufficient sanitization. While the attack surface is small and appears protected, this percentage of unescaped output represents a potential weakness. The plugin's clean vulnerability history and lack of dangerous functions suggest a mature and well-maintained codebase, but the output escaping issue warrants attention to achieve a more robust security profile.

Key Concerns

Unescaped output detected (29%)

Vulnerabilities

None known

One Time Email Access Guard Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

One Time Email Access Guard Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

174 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

71% escaped246 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

handle_csv_import (includes\class-oteag-access-plugin.php:1804)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

One Time Email Access Guard Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_oteag_bulk_expiry_updateincludes\class-oteag-access-plugin.php:95

authwp_ajax_oteag_bulk_status_updateincludes\class-oteag-access-plugin.php:96

Shortcodes 1

[oteag_access_form] includes\class-oteag-access-plugin.php:773

WordPress Hooks 24

actioninitincludes\class-oteag-access-plugin.php:71

actionadmin_menuincludes\class-oteag-access-plugin.php:72

actionadd_meta_boxesincludes\class-oteag-access-plugin.php:73

actionmanage_posts_extra_tablenavincludes\class-oteag-access-plugin.php:77

actionsave_postincludes\class-oteag-access-plugin.php:78

filtermanage_post_posts_columnsincludes\class-oteag-access-plugin.php:79

filtermanage_page_posts_columnsincludes\class-oteag-access-plugin.php:80

actionmanage_post_posts_custom_columnincludes\class-oteag-access-plugin.php:81

actionmanage_page_posts_custom_columnincludes\class-oteag-access-plugin.php:82

actionpre_get_postsincludes\class-oteag-access-plugin.php:84

filterenter_title_hereincludes\class-oteag-access-plugin.php:85

filtersingle_templateincludes\class-oteag-access-plugin.php:86

filterpage_templateincludes\class-oteag-access-plugin.php:87

actiontemplate_redirectincludes\class-oteag-access-plugin.php:88

actioninitincludes\class-oteag-access-plugin.php:89

actionwp_enqueue_scriptsincludes\class-oteag-access-plugin.php:90

actionwp_headincludes\class-oteag-access-plugin.php:91

filterdefault_titleincludes\class-oteag-access-plugin.php:92

actionadmin_initincludes\class-oteag-access-plugin.php:93

actionadmin_initincludes\class-oteag-access-plugin.php:94

actionadmin_noticesincludes\class-oteag-access-plugin.php:97

actionadmin_initincludes\class-oteag-access-plugin.php:98

actionadmin_initincludes\class-oteag-access-plugin.php:99

actionplugins_loadedone-time-email-access-guard.php:28

Maintenance & Trust

One Time Email Access Guard Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 25, 2026

PHP min version7.2

Downloads172

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

One Time Email Access Guard Alternatives

Two Factor

two-factor

100

Enable Two-Factor Authentication (2FA) using time-based one-time passwords (TOTP), Universal 2nd Factor (U2F), email, and backup verification codes.

100K No CVEs

Google Authenticator

google-authenticator

Google Authenticator for your WordPress blog.

20K 1 CVE

Easy Basic Authentication – Add basic auth to site or admin area

easy-basic-authentication

100

Secure your WordPress site with easy and effective basic authentication. Restrict access, monitor attempts, and enhance security.

600 No CVEs

Biometric Authentication

biometric-authentication

Passkeys are a safer and easier alternative to passwords. Simply use your fingerprint or face ID to log in with ease.

100 No CVEs

Email OTP Login

email-otp-login

100

Adds OTP (One-Time Password) verification after login for enhanced security in WordPress. OTP is sent to the user's email.

30 No CVEs

Developer Profile

One Time Email Access Guard Developer Profile

Marco Gargano

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect One Time Email Access Guard

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/one-time-email-access-guard/assets/css/frontend.css/wp-content/plugins/one-time-email-access-guard/assets/js/frontend.js

Script Paths

/wp-content/plugins/one-time-email-access-guard/assets/js/frontend.js

Version Parameters

one-time-email-access-guard/assets/css/frontend.css?ver=one-time-email-access-guard/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-oteag-modal-titledata-oteag-modal-bg-colordata-oteag-modal-text-colordata-oteag-overlay-colordata-oteag-overlay-opacitydata-oteag-modal-shadow

JS Globals

oteag_frontend_params

FAQ