Does WP Mailing Status have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Mailing Status have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Mailing Status compatible with WordPress 6.1.10?

According to WordPress.org data, WP Mailing Status 1.0.4 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is WP Mailing Status updated?

WP Mailing Status was last updated on Jan 27, 2023. Frequent updates are generally a positive security signal.

What is WP Mailing Status's security score?

WP Mailing Status has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Mailing Status Security & Risk Analysis

wordpress.org/plugins/wp-mail-manager

The WP Mailing Status plugin provides features to track & manually check mail server status on your server - php mail function and SMTP mailing.

30 active installs v1.0.4 PHP + WP 5.0+ Updated Jan 27, 2023

mailphpserver-settingssmtp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP Mailing Status Safe to Use in 2026?

Generally Safe

Score 85/100

WP Mailing Status has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The static analysis of wp-mail-manager v1.0.4 indicates a generally good security posture, with no detected dangerous functions, SQL queries using prepared statements exclusively, and no file operations or external HTTP requests. The absence of critical or high-severity taint flows further supports this. However, a significant concern arises from the low percentage of properly escaped output (6%). This suggests a risk of Cross-Site Scripting (XSS) vulnerabilities, especially if any of the 17 output points are user-controllable. Additionally, the lack of nonce checks on any of the entry points (although there are zero entry points listed) could become a concern if the plugin's functionality expands or if new entry points are introduced without adequate protection. The vulnerability history shows no known CVEs, which is a positive indicator of the plugin's past security, but it's crucial to remember that this doesn't guarantee future security. The plugin's strengths lie in its minimal attack surface and secure handling of database operations. The primary weakness is the output escaping, which requires immediate attention to mitigate potential XSS risks.

Key Concerns

Low output escaping rate
No nonce checks on entry points

Vulnerabilities

None known

WP Mailing Status Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Mailing Status Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

6% escaped17 total outputs

Attack Surface

WP Mailing Status Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_enqueue_scriptsenqueue.php:11

actionwp_enqueue_scriptsenqueue.php:18

actioninitsource\class-setup.php:28

actionadmin_menusource\class-setup.php:30

actionadmin_bar_menusource\class-setup.php:32

actionrest_api_initsource\class-setup.php:36

actionbda_run_background_mail_status_checksource\class-setup.php:38

actionphpmailer_initsource\class-setup.php:40

Maintenance & Trust

WP Mailing Status Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedJan 27, 2023

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs30

Alternatives

WP Mailing Status Alternatives

SMTP Mailer

smtp-mailer

100

Configure a SMTP server to send email from your WordPress site. Configure the wp_mail() function to use SMTP instead of the PHP mail() function.

70K No CVEs

WPO365 | MICROSOFT 365 GRAPH MAILER

wpo365-msgraphmailer

Send WordPress emails from a M365 / Exchange Online Mailbox using Microsoft Graph, leveraging OAuth for authentication which is more secure than SMTP

10K 1 CVE

WP SMTP Mailer – SMTP7

wp-mail-smtp-mailer

100

WP SMTP Mailer Plugin - SMTP7. Make email delivery easy from WordPress. It is easy to configure.

9K No CVEs

Configure SMTP

configure-smtp

Configure SMTP mailing in WordPress, including support for sending email via SSL/TLS (such as Gmail).

7K 1 CVE

MailerSend – Official SMTP Integration

mailersend-official-smtp-integration

100

Improve your deliverability and avoid the spam box with MailerSend’s SMTP server. Check your analytics to improve your emails for better conversion!

2K No CVEs

Developer Profile

WP Mailing Status Developer Profile

THE BELOV

7 plugins · 1K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Mailing Status

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-mail-manager/admin/css/wp-mail-manager-admin.css/wp-content/plugins/wp-mail-manager/app/build/static/css/main.css/wp-content/plugins/wp-mail-manager/app/build/static/js/main.js

Script Paths

/wp-content/plugins/wp-mail-manager/app/build/static/js/main.js/wp-content/plugins/wp-mail-manager/admin/js/wp-mail-manager-admin.js

Version Parameters

wp-mail-manager/app/build/static/css/wp-mail-manager/admin/css/wp-mail-manager-admin.csswp-mail-manager/app/build/static/js/wp-mail-manager/admin/js/wp-mail-manager-admin.js

HTML / DOM Fingerprints

JS Globals

wpMailManagerI18n

REST Endpoints

/wp-json/bda-cli/v2/mail-extension/get-mail-status

FAQ