OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Security Review

Safety Verdict

Is OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Safe to Use in 2026?

Generally Safe

Score 100/100

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The optinable v1.0.5 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong practices in output escaping (98% properly escaped) and largely uses prepared statements for SQL queries (83%). The absence of any recorded vulnerabilities in its history suggests a commitment to security or a lack of past discovery. However, significant concerns arise from the attack surface analysis. With 14 AJAX handlers lacking authentication checks, this presents a substantial risk of unauthorized actions being performed by unauthenticated users. Furthermore, the presence of 8 unsanitized paths in the taint analysis, flagged as high severity, directly points to potential vulnerabilities that could be exploited. The use of `unserialize` without clear sanitization or authentication controls is also a known risk vector.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Use of unserialize function

Vulnerabilities

None known

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Code Analysis

Dangerous Functions

3

Raw SQL Queries

12

58 prepared

Unescaped Output

7

407 escaped

Nonce Checks

5

Capability Checks

3

File Operations

4

External Requests

4

Bundled Libraries

1

Dangerous Functions Found

unserialize$visibility_settings = unserialize($visibility_settings);public\class-optinable-popups.php:120

unserialize$meta_value = unserialize($meta_value);public\class-optinable-popups.php:408

unserialize$campFonts = unserialize($campFonts);public\class-optinable-popups.php:453

Bundled Libraries

Select2

SQL Query Safety

83% prepared70 total queries

Output Escaping

98% escaped414 total outputs

Data Flows

8 unsanitized

Data Flow Analysis

12 flows8 with unsanitized paths

optinable_export_email_list (admin\class-optinable-admin.php:243)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

14 unprotected

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Attack Surface

Entry Points15

Unprotected14

AJAX Handlers 14

authwp_ajax_opable_create_campaign_draftincludes\class-optinable.php:184

authwp_ajax_opable_save_campaign_draftincludes\class-optinable.php:185

authwp_ajax_optinable_publish_campaignincludes\class-optinable.php:186

authwp_ajax_update_option_joining_list_optinableincludes\class-optinable.php:187

authwp_ajax_opable_select_templateincludes\class-optinable.php:188

authwp_ajax_optinable_confirm_actionincludes\class-optinable.php:189

authwp_ajax_optinable_save_settingsincludes\class-optinable.php:190

authwp_ajax_optinable_copy_campaignsincludes\class-optinable.php:191

authwp_ajax_export_email_listincludes\class-optinable.php:192

authwp_ajax_optinable_get_visibility_optionsincludes\class-optinable.php:193

authwp_ajax_track_impression_callbackincludes\class-optinable.php:236

noprivwp_ajax_track_impression_callbackincludes\class-optinable.php:237

authwp_ajax_optinable_form_entryincludes\class-optinable.php:238

noprivwp_ajax_optinable_form_entryincludes\class-optinable.php:239

Shortcodes 1

[optinable] public\class-optinable-public.php:55

WordPress Hooks 17

actionplugins_loadedincludes\class-optinable.php:168

actionadmin_enqueue_scriptsincludes\class-optinable.php:180

actionadmin_enqueue_scriptsincludes\class-optinable.php:181

actionadmin_menuincludes\class-optinable.php:182

filtersafe_style_cssincludes\class-optinable.php:194

filterwp_kses_allowed_htmlincludes\class-optinable.php:195

filtershow_admin_barincludes\class-optinable.php:196

filtertiny_mce_before_initincludes\class-optinable.php:197

actionadmin_initincludes\class-optinable.php:199

filteradmin_footer_textincludes\class-optinable.php:203

filterthe_contentincludes\class-optinable.php:227

actionwp_enqueue_scriptsincludes\class-optinable.php:234

actionwp_enqueue_scriptsincludes\class-optinable.php:235

actiontemplate_redirectincludes\class-optinable.php:241

filterexcerpt_moreincludes\class-optinable.php:242

actionwp_headincludes\class-optinable.php:243

actionadmin_menuincludes\core-functions.php:368

Maintenance & Trust

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 12, 2025

PHP min version5.6

Downloads3K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Alternatives

Popup Builder – Create highly converting, mobile friendly marketing popups.

popup-builder

B

76

Increase Sales, Lead Generation, Conversion rates and receive good Call to Action rates with smart WordPress popup plugin.

200K 23 CVEs

Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers

popup-builder-block

C

60

Powerful Popup Builder Block for Gutenberg block editor.

60K 1 unpatched

WP Popups – WordPress Popup builder

wp-popups-lite

A

95

WP Popups is the best popup maker for WordPress. Easy but powerful plugin with display filters, scroll-triggered popups, and Gutenberg block editor.

30K 6 CVEs

Brave Popup Builder – Popup, Optins, Lead Generation, Survey & Interactive Content

brave-popup-builder

A

92

The best drag-and-drop Popup Builder for WordPress. Create Popups, exit-intent popups, slide-ins, and lead generation forms & Woocommerce popups i …

20K 5 CVEs

MailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc.

mailoptin

A

94

Create popup, optin forms using easy form builder & popup maker. Send automated email to subscribers — Mailchimp, ActiveCampaign, Campaign Monitor etc

20K 5 CVEs

Developer Profile

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Developer Profile

Zeeshan Rasool

1 plugin · 10 total installs

94

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/optinable/assets/css/optinable-frontend.css/wp-content/plugins/optinable/assets/js/optinable-frontend.js/wp-content/plugins/optinable/assets/css/owl.carousel.min.css/wp-content/plugins/optinable/assets/js/owl.carousel.min.js/wp-content/plugins/optinable/assets/js/optinable-admin-script.js/wp-content/plugins/optinable/assets/css/optinable-admin.css

Script Paths

/wp-content/plugins/optinable/assets/js/optinable-frontend.js/wp-content/plugins/optinable/assets/js/owl.carousel.min.js/wp-content/plugins/optinable/assets/js/optinable-admin-script.js

Version Parameters

optinable/assets/css/optinable-frontend.css?ver=optinable/assets/js/optinable-frontend.js?ver=optinable/assets/css/owl.carousel.min.css?ver=optinable/assets/js/owl.carousel.min.js?ver=optinable/assets/js/optinable-admin-script.js?ver=optinable/assets/css/optinable-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

optinable-popup-contentoptinable-stickybaroptinable-slidein

Data Attributes

data-optinable-campaign-id

JS Globals

optinable_frontend_params

FAQ

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Security & Risk Analysis

Is OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Safe to Use in 2026?

Generally Safe

Key Concerns

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Security Vulnerabilities

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Attack Surface

AJAX Handlers 14

Shortcodes 1

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Maintenance & Trust

Maintenance Signals

Community Trust

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Alternatives

Popup Builder – Create highly converting, mobile friendly marketing popups.

Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers

WP Popups – WordPress Popup builder

Brave Popup Builder – Popup, Optins, Lead Generation, Survey & Interactive Content

MailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc.

OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building Developer Profile

How We Detect OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about OptinAble – Popup Builder, Stickybars, Slide-in, WordPress Lead Generation & Email List Building