[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_NalBTLE07kIuOe5e1N3mRv4czEOPnFJwQ0s1JTr3Vo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":134,"fingerprints":227},"thormail-client","ThorMail Client","1.0.3","Jose Canchila (Jodacame)","https:\u002F\u002Fprofiles.wordpress.org\u002Fjodacame\u002F","\u003Cp>\u003Cstrong>IMPORTANT:\u003C\u002Fstrong> This plugin is a \u003Cstrong>client\u003C\u002Fstrong> implementation. To use it, you must have a running instance of \u003Cstrong>ThorMail\u003C\u002Fstrong> installed on your own server.\u003C\u002Fp>\n\u003Cp>ThorMail is the Ultimate Delivery Platform. A high-performance, intelligent delivery infrastructure designed for scale, speed, and absolute reliability. This plugin seamlessly connects your WordPress site to your private ThorMail server, allowing you to bypass default wp_mail() limitations and wield sending power previously reserved for enterprise giants.\u003C\u002Fp>\n\u003Cp>For installation instructions and documentation, please visit \u003Ca href=\"https:\u002F\u002Fdocs.thormail.io\" rel=\"nofollow ugc\">docs.thormail.io\u003C\u002Fa>.\u003Cbr \u002F>\nTo learn more about the project, visit \u003Ca href=\"https:\u002F\u002Fthormail.io\" rel=\"nofollow ugc\">thormail.io\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why ThorMail?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lightning Speed:\u003C\u002Fstrong> Engineered for zero latency. Process millions of messages with unparalleled efficiency using asynchronous background processing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unbreakable Uptime:\u003C\u002Fstrong> Built with automatic failover. If one provider fails (e.g., SES), ThorMail instantly switches to your backup (e.g., SMTP or SendGrid).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Radical Provider Freedom:\u003C\u002Fstrong> Break the chains of Vendor Lock-in. Switch providers with a single click without changing a line of code in WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sovereign Security:\u003C\u002Fstrong> Your data, your infrastructure. Keep your email logs and templates on your own servers. GDPR compliant by design.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Routing:\u003C\u002Fstrong> Define priority rules to route transactional emails via high-deliverability paths and marketing emails via bulk providers.\u003C\u002Fli>\n\u003C\u002Ful>\n","The Ultimate Delivery Platform. Official WordPress client for ThorMail (Self-Hosted). Connect your WordPress site to your own email infrastructure.",0,93,"2026-03-02T18:29:00.000Z","6.9.4","5.7","7.4",[18,19,20,21,22],"api","email","smtp","thormail","transactional","https:\u002F\u002Fgithub.com\u002Fthormail\u002Fthormail-ecosystem","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthormail-client.1.0.3.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"jodacame",5,330,91,30,88,"2026-04-04T12:21:51.502Z",[38,61,83,100,120],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":14,"requires_at_least":51,"requires_php":16,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":11,"last_vuln_date":60,"fetched_at":27},"site-mailer","Site Mailer – SMTP Replacement, Email API Deliverability & Email Log","1.4.3","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F1hOxkEO-22I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Has your WordPress site stopped sending emails? Are emails from your WordPress site landing in spam or not getting delivered? Are customers complaining about missing messages?\u003C\u002Fp>\n\u003Cp>With \u003Cstrong>Site Mailer\u003C\u002Fstrong>, you can say goodbye to email issues. Our easy-to-use tool ensures all emails reach their destination while providing you with a detailed email log to track and resend messages if needed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enhance your email management effortlessly\u003C\u002Fstrong>. Site Mailer eliminates the need for complex SMTP plugins, providing a streamlined solution for reliable email deliverability. Troubleshoot and monitor with ease using our intuitive interface, so you never miss another email.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch4>High Deliverability\u003C\u002Fh4>\n\u003Cp>Ensure your emails consistently reach your audience’s inbox with optimized sending methods designed to maximize deliverability and minimize spam risk.\u003C\u002Fp>\n\u003Ch4>Use Your Custom Domain\u003C\u002Fh4>\n\u003Cp>Send emails with your custom domain — or get started quickly with our default email so no email will be lost once you start working with Site Mailer.\u003C\u002Fp>\n\u003Ch4>No Integration or SMTP Plugin Needed\u003C\u002Fh4>\n\u003Cp>Site Mailer works seamlessly without the need for additional API integration or SMTP plugins. This means less hassle and more efficient email management.\u003C\u002Fp>\n\u003Ch4>Easy Setup\u003C\u002Fh4>\n\u003Cp>Get started with Site Mailer in no time. Our intuitive setup process ensures you can configure and start using the plugin quickly and effortlessly.\u003C\u002Fp>\n\u003Ch4>30-Day Log Retention\u003C\u002Fh4>\n\u003Cp>The plugin includes 30 days of email log retention, allowing you to easily track and review your email activity.\u003C\u002Fp>\n\u003Ch4>Compatibility with Popular Plugins\u003C\u002Fh4>\n\u003Cp>Site Mailer has been tested to be fully compatible with most popular WordPress plugins, including Elementor Pro, WooCommerce, Contact Form 7, WPForms and more.\u003C\u002Fp>\n\u003Ch4>Reputation Management\u003C\u002Fh4>\n\u003Cp>Safeguard your email sending reputation with intelligent features that enhance your sender score, ensuring consistent inbox placement and reducing the risk of emails being marked as spam.\u003C\u002Fp>\n\u003Ch4>Email Testing\u003C\u002Fh4>\n\u003Cp>Send a test email to confirm your site is properly configured for seamless transactional email delivery.\u003C\u002Fp>\n\u003Ch4>Resend Failed Emails\u003C\u002Fh4>\n\u003Cp>Did an email fail to deliver? Easily resend it with a single click to ensure your message reaches its intended recipient.\u003C\u002Fp>\n\u003Ch4>Suppression List\u003C\u002Fh4>\n\u003Cp>Enable easy unsubscribe options for your emails. Track and manage all unsubscribed recipients directly in the Suppressions tab.\u003C\u002Fp>\n\u003Ch3>Benefits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>No Integration Needed\u003C\u002Fstrong>: Use Site Mailer without the need for additional plugins or integrations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Troubleshooting\u003C\u002Fstrong>: Efficiently troubleshoot and resend emails when necessary.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Spam Reduction\u003C\u002Fstrong>: Our plugin will keep your emails out of the spam folder, ensuring that your important messages reach their intended recipients.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built by the Elementor team\u003C\u002Fstrong>: Leverage the trust and reliability of a solution developed by Elementor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Get Started Today\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Transform your website’s email management with Site Mailer!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>For more information about Site Mailer, visit our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-wp-dash-sm-product-page\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa>.\u003Cbr \u002F>\nIf you have any questions or need support, feel free to \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-wp-dash-sm-contact-us\u002F\" rel=\"nofollow ugc\">contact us\u003C\u002Fa> or visit our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-wp-dash-sm-help-center\u002F\" rel=\"nofollow ugc\">help center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin requires a connection to an active Elementor account in order to identify the user and provide the user with the purchased service. This connection is triggered manually by the user via the plugin’s settings panel. Learn more our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-wp-dash-sm-term-and-conditions\u002F\" rel=\"nofollow ugc\">terms and conditions\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin uses a 3rd party service operated by Elementor, which accepts Email information including but not limited to (from, to, cc,bcc addresses, email body, subject line and attachments). This flow is triggered automatically on every email sending process utilizing the native WordPress \u003Ccode>wp_mail\u003C\u002Fcode> function.\u003C\u002Fp>\n\u003Ch3>Related Plugins\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fimage-optimization\u002F\" rel=\"ugc\">Image Optimizer\u003C\u002Fa>: Superior image compression for faster, high-quality website performance.\u003C\u002Fp>\n","Effortlessly manage transactional emails with Site Mailer. High deliverability, logs and statistics, and no SMTP plugins needed.",200000,1804250,40,13,"2026-02-17T13:35:00.000Z","6.6",[19,53,54,55,20],"email-api","email-log","sender","https:\u002F\u002Felementor.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsite-mailer.1.4.3.zip",98,1,"2025-02-27 23:34:36",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":25,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":75,"download_link":81,"security_score":82,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"connect-sendgrid-for-emails","Connect SendGrid for Emails","1.11.15","WP Zone","https:\u002F\u002Fprofiles.wordpress.org\u002Faspengrovestudios\u002F","\u003Cp>Connect SendGrid for Emails is a third-party fork of (and a drop-in replacement for) the official SendGrid plugin. This plugin is not endorsed by or affiliated with SendGrid. This plugin connects to an external service (the SendGrid API).\u003C\u002Fp>\n\u003Cp>The Connect SendGrid for Emails plugin replaces WordPress’s default wp_mail() function by using either an SMTP or API integration with SendGrid to send outgoing email from your WordPress installation. It also allows you to upload contacts directly to your SendGrid Marketing Campaigns account via a subscription widget.\u003C\u002Fp>\n\u003Cp>By using the Connect SendGrid for Emails plugin, you will be able to take advantage of improved deliverability and an expanded feature set, including tracking and analytics, to enhance user engagement on your WordPress installation.\u003C\u002Fp>\n\u003Ch4>The Subscription Widget\u003C\u002Fh4>\n\u003Cp>The WordPress Subscription Widget makes it easy for people visiting your WordPress site to subscribe to your marketing emails, such as any newsletters, announcements, or promotional offers you may send. Upon signup, they’ll automatically receive an opt-in email allowing them to confirm their desire to begin receiving your emails. This confirmation constitutes “double opt-in,” a deliverability best practice.\u003C\u002Fp>\n\u003Ch4>Multisite\u003C\u002Fh4>\n\u003Cp>If you are using the Connect SendGrid for Emails plugin in a Multisite environment, you need to Network Activate it. You can then access the settings page on the network dashboard and the configure settings will be used for all sites.\u003C\u002Fp>\n\u003Cp>You can enable access for SendGrid settings to each subsite in the Multisite Settings tab. If the checkbox is unchecked then that site will not see the SendGrid settings page and it will use the settings set on the network.\u003Cbr \u002F>\nWarning! When you activate SendGrid management for a subsite, that site will not be able to send emails until the admin updates the SendGrid settings on that subsite.\u003C\u002Fp>\n\u003Cp>If you already had the plugin installed in a Multisite environment and you update to versions after 1.9.0 you may need to reconfigure your plugin.\u003C\u002Fp>\n","Connect SendGrid to your WordPress site to send emails using SendGrid's cloud-based email platform.",900,15457,2,"2024-08-07T21:31:00.000Z","6.6.5","4.6","",[77,78,79,20,80],"email-marketing","email-templates","sendgrid","transactional-email","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fconnect-sendgrid-for-emails.1.11.15.zip",92,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":25,"num_ratings":93,"last_updated":94,"tested_up_to":14,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":75,"download_link":99,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"send-emails-with-resend","Send Emails with Resend","1.3.0","CloudCatch","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudcatch\u002F","\u003Cp>Resend for WordPress replaces the default PHPMailer in WordPress with the Resend.com API, allowing you to send emails through Resend.com’s reliable email delivery service.\u003C\u002Fp>\n\u003Ch3>Attribution\u003C\u002Fh3>\n\u003Cp>The Resend plugin utilizes the Resend.com API. Neither this plugin nor its author(s) are affiliated with, endorsed by, or sponsored by Resend.com.\u003C\u002Fp>\n","Resend for WordPress integrates the Resend.com API, replacing PHPMailer to ensure reliable email delivery through Resend.com's robust service.",400,2278,3,"2026-03-09T13:22:00.000Z","6.0.0","8.1",[18,19,98,20],"resend","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsend-emails-with-resend.1.3.0.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":25,"downloaded":108,"rating":25,"num_ratings":71,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":117,"download_link":118,"security_score":119,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"freshjet","Freshjet","0.6.6","freshforcesbd","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreshforcesbd\u002F","\u003Cp>People use SMTP or transactional email to prevent their email sent by \u003Ccode>wp_mail()\u003C\u002Fcode> fall into spam folder. And if you are using \u003Ca href=\"https:\u002F\u002Fwww.mailjet.com\u002F\" rel=\"nofollow ugc\">Mailjet\u003C\u002Fa> as your \u003Ca href=\"https:\u002F\u002Fwww.mailjet.com\u002Ftransactional-email\u002F\" rel=\"nofollow ugc\">transactional email\u003C\u002Fa>, this plugin is probably the most convenient way to use Mailjet transactional email in WordPress.\u003C\u002Fp>\n\u003Cp>Freshjet provide default \u003Ccode>wp_mail()\u003C\u002Fcode> functionality but super-power it with Mailjet. It’s a drop-in replacement for \u003Ccode>wp_mail()\u003C\u002Fcode>. If you just send email without extra customization, likely you don’t need to change your existing code.\u003C\u002Fp>\n\u003Cp>And.. Freshjet supports \u003Ca href=\"https:\u002F\u002Fapp.mailjet.com\u002Ftemplates\u002Ftransactional\" rel=\"nofollow ugc\">Mailjet Passport Template\u003C\u002Fa>. For documentation, visit \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ffreshforces-borndigital\u002Ffreshjet\u002F\" rel=\"nofollow ugc\">Freshjet GitHub repository\u003C\u002Fa>\u003C\u002Fp>\n","Send email through wp_mail() but super-powered by Mailjet transactional email. This plugin is probably the most convenient way to use Mailjet transact …",10549,"2021-08-24T05:08:00.000Z","5.8.13","5.2","7.2",[101,114,115,80,116],"mailjet","smtp-email","wp_mail-smtp","https:\u002F\u002Fgithub.com\u002Ffreshforces-borndigital\u002Ffreshjet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffreshjet.zip",85,{"slug":121,"name":122,"version":123,"author":122,"author_profile":124,"description":125,"short_description":126,"active_installs":25,"downloaded":127,"rating":11,"num_ratings":11,"last_updated":75,"tested_up_to":14,"requires_at_least":128,"requires_php":16,"tags":129,"homepage":131,"download_link":132,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":133},"lettermint","Lettermint","1.4.2","https:\u002F\u002Fprofiles.wordpress.org\u002Flettermint\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Flettermint.co\" rel=\"nofollow ugc\">Lettermint\u003C\u002Fa> is a professional email delivery plugin that seamlessly integrates with WordPress’s built-in wp_mail() function to send transactional emails through the Lettermint email service. Based in Europe, Lettermint provides reliable email delivery with excellent deliverability rates.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Seamless Integration\u003C\u002Fstrong>: Works with wp_mail() – no code changes required\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Europe-based Service\u003C\u002Fstrong>: GDPR compliant email service based in Europe\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Configuration\u003C\u002Fstrong>: Simple setup with just your API token and sender email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Logging\u003C\u002Fstrong>: Optional email activity logging with detailed information\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conflict Detection\u003C\u002Fstrong>: Automatically detects and warns about conflicting email plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test Email\u003C\u002Fstrong>: Built-in test email functionality to verify your setup\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the Lettermint plugin\u003C\u002Fli>\n\u003Cli>Get your API token from \u003Ca href=\"https:\u002F\u002Fdash.lettermint.co\u002Fprojects\" rel=\"nofollow ugc\">Lettermint Dashboard\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Configure your settings in WordPress admin under Settings > Lettermint\u003C\u002Fli>\n\u003Cli>All WordPress emails will automatically be sent through Lettermint\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>Lettermint account and API token\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Ch4>Required Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>API Token\u003C\u002Fstrong>: Your Lettermint API token from your project\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Optional Settings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>From Email Address\u003C\u002Fstrong>: Custom sender email address (uses WordPress default if empty)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Force Email Address\u003C\u002Fstrong>: Override sender addresses set by plugins with your configured email\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enable Logs\u003C\u002Fstrong>: Keep track of email activities and API responses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses an external service to deliver transactional emails via the Lettermint API.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service Name\u003C\u002Fstrong>: Lettermint API (https:\u002F\u002Flettermint.co)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: This service is used to send transactional emails generated by WordPress (e.g. password resets, contact form notifications, WooCommerce emails, etc.) through the Lettermint email infrastructure.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What Data Is Sent\u003C\u002Fstrong>: Each time an email is sent via WordPress, the following data is sent to the Lettermint API:\n\u003Cul>\n\u003Cli>Email recipient(s)\u003C\u002Fli>\n\u003Cli>Subject\u003C\u002Fli>\n\u003Cli>Email content (HTML and plain text)\u003C\u002Fli>\n\u003Cli>Sender email address\u003C\u002Fli>\n\u003Cli>Headers (optional)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When Is Data Sent\u003C\u002Fstrong>: Data is only sent when an email is triggered by WordPress and the plugin is active and properly configured.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Where\u003C\u002Fstrong>: All data is sent to Lettermint’s API endpoint: \u003Ccode>https:\u002F\u002Fapi.lettermint.co\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms and Policies\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Flettermint.co\u002Fterms-of-service\" rel=\"nofollow ugc\">Lettermint Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Flettermint.co\u002Fprivacy-policy\" rel=\"nofollow ugc\">Lettermint Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin only communicates with Lettermint’s servers when sending an email and does not transmit or collect any other data beyond what is needed to send the email.\u003C\u002Fp>\n","Professional email delivery for WordPress. Seamlessly integrates with wp_mail() to send emails through Lettermint.",916,"5.0",[19,121,20,22,130],"wp-mail","https:\u002F\u002Flettermint.co\u002Fintegrations","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flettermint.1.4.2.zip","2026-03-15T10:48:56.248Z",{"attackSurface":135,"codeSignals":171,"taintFlows":188,"riskAssessment":218,"analyzedAt":226},{"hooks":136,"ajaxHandlers":167,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":11,"unprotectedCount":11},[137,143,147,151,155,162],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_menu","add_menu_page","includes\\class-thormail-admin.php",19,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_init","register_settings",20,{"type":138,"name":148,"callback":149,"file":141,"line":150},"admin_enqueue_scripts","enqueue_scripts",21,{"type":138,"name":152,"callback":153,"file":141,"line":154},"admin_post_thormail_send_test","handle_test_email",22,{"type":156,"name":157,"callback":158,"priority":159,"file":160,"line":161},"filter","pre_wp_mail","send_email",10,"includes\\class-thormail-mailer.php",34,{"type":138,"name":163,"callback":164,"file":165,"line":166},"plugins_loaded","thormail_init","thormail.php",51,[],[],[],[],{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":175,"fileOperations":11,"externalRequests":59,"nonceChecks":59,"capabilityChecks":59,"bundledLibraries":187},[],{"prepared":11,"raw":11,"locations":174},[],{"escaped":48,"rawEcho":176,"locations":177},4,[178,181,183,185],{"file":141,"line":179,"context":180},183,"raw output",{"file":141,"line":182,"context":180},211,{"file":141,"line":184,"context":180},221,{"file":141,"line":186,"context":180},246,[],[189,208],{"entryPoint":190,"graph":191,"unsanitizedCount":59,"severity":207},"render_page (includes\\class-thormail-admin.php:237)",{"nodes":192,"edges":204},[193,198],{"id":194,"type":195,"label":196,"file":141,"line":197},"n0","source","$_GET",250,{"id":199,"type":200,"label":201,"file":141,"line":202,"wp_function":203},"n1","sink","echo() [XSS]",255,"echo",[205],{"from":194,"to":199,"sanitized":206},false,"medium",{"entryPoint":209,"graph":210,"unsanitizedCount":11,"severity":217},"\u003Cclass-thormail-admin> (includes\\class-thormail-admin.php:0)",{"nodes":211,"edges":214},[212,213],{"id":194,"type":195,"label":196,"file":141,"line":197},{"id":199,"type":200,"label":201,"file":141,"line":202,"wp_function":203},[215],{"from":194,"to":199,"sanitized":216},true,"low",{"summary":219,"deductions":220},"The \"thormail-client\" v1.0.3 plugin exhibits a generally good security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Code signals also indicate strong adherence to best practices, with 100% of SQL queries utilizing prepared statements and a high rate of output escaping. The presence of nonce and capability checks further reinforces secure development practices.  \n\nHowever, a notable concern arises from the taint analysis, which identified one flow with an unsanitized path. While no critical or high severity issues were flagged, this single unsanitized path presents a potential avenue for unexpected behavior or vulnerabilities if an attacker can control the input feeding this flow. Additionally, the plugin makes one external HTTP request, which, while not inherently a vulnerability, warrants careful review to ensure the target is trustworthy and the request is handled securely.  \n\nThe vulnerability history is clean, with no known CVEs, which is a very positive sign. This suggests a history of responsible development and patching. In conclusion, while the plugin demonstrates strong security fundamentals and a clean vulnerability record, the single unsanitized path in the taint analysis is the primary area of concern and should be addressed to further strengthen its security.",[221,224],{"reason":222,"points":223},"Flow with unsanitized path detected",8,{"reason":225,"points":71},"External HTTP request made by plugin","2026-03-17T06:44:01.112Z",{"wat":228,"direct":235},{"assetPaths":229,"generatorPatterns":231,"scriptPaths":232,"versionParams":233},[230],"\u002Fwp-content\u002Fplugins\u002Fthormail-client\u002Fassets\u002Fcss\u002Fadmin.css",[],[],[234],"thormail-client\u002Fassets\u002Fcss\u002Fadmin.css?ver=",{"cssClasses":236,"htmlComments":238,"htmlAttributes":239,"restEndpoints":241,"jsGlobals":242,"shortcodeOutput":243},[237],"thormail-input",[],[240],"pPlaceholder",[],[],[]]