Does Scramble Email have any unpatched vulnerabilities?

No. All known vulnerabilities in Scramble Email have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Scramble Email compatible with WordPress 4.9.29?

According to WordPress.org data, Scramble Email 1.2.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Scramble Email updated?

Scramble Email was last updated on Feb 27, 2018. Frequent updates are generally a positive security signal.

What is Scramble Email's security score?

Scramble Email has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Scramble Email Security & Risk Analysis

wordpress.org/plugins/scramble-email

Simple shortcode to scramble (hide) email addresses to email bot harvesters.

10 active installs v1.2.1 PHP + WP 4.4+ Updated Feb 27, 2018

anti-spamemailshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Scramble Email Safe to Use in 2026?

Generally Safe

Score 85/100

Scramble Email has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "scramble-email" v1.2.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and the proper escaping of all output are excellent practices. Furthermore, the plugin demonstrates proper use of capability checks, indicating that sensitive operations are likely protected. The attack surface is minimal and appears to be well-managed, with no unprotected entry points identified.

The lack of any identified taint flows, even with zero flows analyzed, combined with a clean vulnerability history, suggests a well-developed and secure plugin. There are no known CVEs, and no common vulnerability types have been recorded. This history indicates a consistent focus on security by the developers.

While the plugin is performing exceptionally well in all measured areas, the absence of nonce checks on the single shortcode is a minor concern. Although the overall attack surface is small and well-protected by capability checks, a missing nonce check could theoretically be exploited in conjunction with other potential vulnerabilities or social engineering tactics. This, however, is a very low-risk observation given the plugin's otherwise robust security implementation.

Key Concerns

Missing nonce checks on shortcode

Vulnerabilities

None known

Scramble Email Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Scramble Email Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped2 total outputs

Attack Surface

Scramble Email Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[scem] scramble-email.php:134

WordPress Hooks 11

actionadmin_initadmin\class-scramble-email-admin.php:81

actionadmin_initadmin\class-scramble-email-admin.php:82

filterthe_contentadmin\class-scramble-email-admin.php:85

actionplugin_action_links_scramble-email/scramble-email.phpadmin\class-scramble-email-admin.php:88

filtermce_buttonsadmin\class-scramble-email-admin.php:123

filtermce_external_pluginsadmin\class-scramble-email-admin.php:124

actionadmin_initadmin\class-scramble-email-settings.php:68

actionadmin_menuadmin\class-scramble-email-settings.php:69

actionadmin_enqueue_scriptsadmin\class-scramble-email-settings.php:70

actioninitscramble-email.php:123

actionwp_enqueue_scriptsscramble-email.php:124

Maintenance & Trust

Scramble Email Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedFeb 27, 2018

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Scramble Email Alternatives

Email addon for CF7

cf7-email-add-on

Email addon for CF7 plugin provides the responsive Email templates to admin and users.

3K 1 CVE

Email Address Obfuscation

email-address-obfuscation

Email Address Obfuscation prevents email harvesting by hiding email address appearing in your pages, while remaining visible to your site visitors.

2K 1 CVE

CM E-Mail Blacklist – Simple email filtering for safer registration

cm-email-blacklist

Block unwanted email registrations on your site with this email blacklist plugin. Protect your site by preventing spam sign-ups.

800 3 CVEs

Essential Form – The lightest plugin for contact forms, ultra lightweight and no spam

essential-form

100

The lightest contact form for WordPress. It's so essential you'll either love it or hate it. Ultra lightweight and no spam.

500 No CVEs

MailChimp Campaign Archive

mailchimp-campaign-archive

Adds a [mailchimp_campaigns] shortcode that lists your latest MailChimp email campaigns

200 No CVEs

Developer Profile

Scramble Email Developer Profile

Kuuak

2 plugins · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Scramble Email

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/scramble-email/js/scem.js

Script Paths