Subscribe to Download Lite – Email Before Download Plugin Security & Risk Analysis
wordpress.org/plugins/subscribe-to-download-liteCollect email subscribers before file download and deliver your lead magnet through a secure download email.
Is Subscribe to Download Lite – Email Before Download Plugin Safe to Use in 2026?
Generally Safe
Score 97/100Subscribe to Download Lite – Email Before Download Plugin has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The "subscribe-to-download-lite" v1.3.0 plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query handling (80% prepared statements) and output escaping (83% proper), significant concerns arise from its attack surface and taint analysis. A substantial portion of its AJAX handlers (6 out of 6) lack authentication checks, creating a wide entry point for potential unauthorized actions. Furthermore, the taint analysis revealed one high-severity flow with unsanitized paths, indicating a risk of file inclusion vulnerabilities if user-controlled input is not properly validated before being used in file operations. The vulnerability history, though currently showing no unpatched CVEs, has a past of two high-severity "Improper Control of Filename for Include/Require Statement" vulnerabilities. This pattern suggests a recurring weakness in handling file-related operations, which, when combined with the static analysis findings, amplifies the risk.
Key Concerns
- All AJAX handlers lack authentication checks
- High severity unsanitized path taint flow detected
- History of critical file inclusion vulnerabilities
- Multiple entry points lack authorization checks
Subscribe to Download Lite – Email Before Download Plugin Security Vulnerabilities
CVEs by Year
Severity Breakdown
2 total CVEs
Subscribe to Download Lite <= 1.2.9 - Authenticated (Subscriber+) Local File Inclusion
Subscribe to Download Lite <= 1.2.9 - Authenticated (Contributor+) Local File Inclusion
Subscribe to Download Lite – Email Before Download Plugin Release Timeline
Subscribe to Download Lite – Email Before Download Plugin Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Subscribe to Download Lite – Email Before Download Plugin Attack Surface
AJAX Handlers 6
Shortcodes 1
WordPress Hooks 14
Maintenance & Trust
Subscribe to Download Lite – Email Before Download Plugin Maintenance & Trust
Maintenance Signals
Community Trust
Subscribe to Download Lite – Email Before Download Plugin Alternatives
Mailster WordPress Newsletter Plugin
mailster
Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & …
Zoho CRM Lead Magnet
zoho-crm-forms
Websites are one of the most important sources of leads for your business.
MailUp for WordPress – Email and Newsletter Subscription Form
mailup-email-and-newsletter-subscription-form
Il plugin permette di inserire sul proprio sito WordPress un form per l’iscrizione degli utenti a newsletter, campagne email e SMS.
Quick Download Button
quick-download-button
Add stylish download buttons to any post or page — 7 styles, countdown, popup modal, access control. Gutenberg block and shortcode.
Media Library File Download
media-download
A lightweight plugin that adds one-click download and export functionality to your Media Library.
Subscribe to Download Lite – Email Before Download Plugin Developer Profile
8 plugins · 4K total installs
How We Detect Subscribe to Download Lite – Email Before Download Plugin
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/subscribe-to-download-lite/fontawesome/css/all.min.css/wp-content/plugins/subscribe-to-download-lite/css/stdl-frontend.css/wp-content/plugins/subscribe-to-download-lite/css/stdl-preview.css/wp-content/plugins/subscribe-to-download-lite/css/stdl-custom.css/wp-content/plugins/subscribe-to-download-lite/css/stdl-backend.css/wp-content/plugins/subscribe-to-download-lite/js/stdl-frontend.js/wp-content/plugins/subscribe-to-download-lite/js/stdl-backend.jssubscribe-to-download-lite/fontawesome/css/all.min.css?ver=subscribe-to-download-lite/css/stdl-frontend.css?ver=subscribe-to-download-lite/css/stdl-preview.css?ver=subscribe-to-download-lite/css/stdl-custom.css?ver=subscribe-to-download-lite/js/stdl-frontend.js?ver=subscribe-to-download-lite/css/stdl-backend.css?ver=subscribe-to-download-lite/js/stdl-backend.js?ver=HTML / DOM Fingerprints
stdl-download-formstdl-email-fieldstdl-name-fieldstdl-submit-buttonstdl-button-primarystdl-subscriber-form-wrapperstdl-admin-wrapperdata-stdl-idstdl_frontend_objstdl_backend_obj[subscribe_to_download_form]