Does WP PGP Encrypted Emails have any unpatched vulnerabilities?

No. All known vulnerabilities in WP PGP Encrypted Emails have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP PGP Encrypted Emails compatible with WordPress 5.7.15?

According to WordPress.org data, WP PGP Encrypted Emails 0.8.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is WP PGP Encrypted Emails updated?

WP PGP Encrypted Emails was last updated on May 25, 2021. Frequent updates are generally a positive security signal.

What is WP PGP Encrypted Emails's security score?

WP PGP Encrypted Emails has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP PGP Encrypted Emails Security & Risk Analysis

wordpress.org/plugins/wp-pgp-encrypted-emails

Signs and encrypts emails using PGP/GPG keys or X.509 certificates. Provides OpenPGP and S/MIME functions via WordPress plugin API.

400 active installs v0.8.0 PHP + WP 4.4+ Updated May 25, 2021

emailencryptionpgpprivacysecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP PGP Encrypted Emails Safe to Use in 2026?

Generally Safe

Score 85/100

WP PGP Encrypted Emails has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "wp-pgp-encrypted-emails" plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices such as exclusively using prepared statements for SQL queries, a high percentage of properly escaped output, and the absence of any recorded vulnerabilities or CVEs. The taint analysis also shows no critical or high severity unsanitized flows, suggesting that common injection vulnerabilities are likely mitigated. However, the plugin presents a significant concern with its attack surface. It has four AJAX handlers, two of which lack proper authentication checks. This directly exposes potential entry points to unauthorized users, which could be exploited if the handlers perform sensitive operations or process user-supplied data without validation.

Key Concerns

AJAX handlers without authentication checks

Vulnerabilities

None known

WP PGP Encrypted Emails Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP PGP Encrypted Emails Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

115 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

82% escaped140 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<send-test-email> (templates\send-test-email.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

WP PGP Encrypted Emails Attack Surface

Entry Points4

Unprotected2

AJAX Handlers 4

noprivwp_ajax_download_pgp_signing_public_keywp-pgp-encrypted-emails.php:132

authwp_ajax_download_pgp_signing_public_keywp-pgp-encrypted-emails.php:133

authwp_ajax_openpgp_regen_keypairwp-pgp-encrypted-emails.php:134

authwp_ajax_wp_pgp_encrypted_emails_send_test_emailwp-pgp-encrypted-emails.php:135

WordPress Hooks 36

filteropenpgp_enarmorincludes\class-wp-openpgp.php:26

filteropenpgp_encryptincludes\class-wp-openpgp.php:27

filteropenpgp_keyincludes\class-wp-openpgp.php:28

filteropenpgp_signincludes\class-wp-openpgp.php:29

filteropenpgp_sign_and_encryptincludes\class-wp-openpgp.php:30

filtersmime_certificateincludes\class-wp-smime.php:37

filtersmime_certificate_pem_encodeincludes\class-wp-smime.php:38

filtersmime_pem_to_derincludes\class-wp-smime.php:39

filtersmime_encryptincludes\class-wp-smime.php:40

filterwp_mail_content_typeincludes\class-wp-smime.php:182

actionwoocommerce_edit_account_formincludes\woocommerce-functions.php:21

actionwoocommerce_save_account_detailsincludes\woocommerce-functions.php:22

actionopenpgp_sign_emailincludes\woocommerce-functions.php:24

actionplugins_loadedwp-pgp-encrypted-emails.php:127

actioninitwp-pgp-encrypted-emails.php:128

actionwp_enqueue_scriptswp-pgp-encrypted-emails.php:129

actionadmin_enqueue_scriptswp-pgp-encrypted-emails.php:130

actionadmin_menuwp-pgp-encrypted-emails.php:138

actionadmin_initwp-pgp-encrypted-emails.php:139

actionadmin_noticeswp-pgp-encrypted-emails.php:140

actionadmin_noticeswp-pgp-encrypted-emails.php:141

actionadmin_noticeswp-pgp-encrypted-emails.php:142

actionadmin_noticeswp-pgp-encrypted-emails.php:143

actionshow_user_profilewp-pgp-encrypted-emails.php:144

actionpersonal_options_updatewp-pgp-encrypted-emails.php:145

actionadmin_noticeswp-pgp-encrypted-emails.php:149

filtercomment_textwp-pgp-encrypted-emails.php:153

filtercomment_form_submit_fieldwp-pgp-encrypted-emails.php:154

filtercomment_classwp-pgp-encrypted-emails.php:155

filterpreprocess_commentwp-pgp-encrypted-emails.php:156

filterwp_openpgp_user_keywp-pgp-encrypted-emails.php:159

filterwp_smime_user_certificatewp-pgp-encrypted-emails.php:160

filterwp_user_encryption_methodwp-pgp-encrypted-emails.php:161

filterwp_mailwp-pgp-encrypted-emails.php:162

actionshutdownwp-pgp-encrypted-emails.php:1134

filterwp_mailwp-pgp-encrypted-emails.php:1356

Maintenance & Trust

WP PGP Encrypted Emails Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedMay 25, 2021

PHP min version

Downloads26K

Community Trust

Rating92/100

Number of ratings16

Active installs400

Alternatives

WP PGP Encrypted Emails Alternatives

CryptNote Secure Links

cryptnote-secure-links

100

Integrates CryptNote.pro to generate encrypted links directly from the WordPress dashboard and replace emails with secure links.

0 No CVEs

CryptX

cryptx

No more SPAM by spiders scanning your site for email addresses!

10K 1 CVE

Protect My Infos

protect-my-infos

100

Protect sensitive information like emails and phone numbers from bots with advanced obfuscation techniques.

90 No CVEs

wp2pgpmail

100

A simple PGP Mail Form Plugin. Enter your PGP public key, then visitors will be able to send you PGP encrypted messages by mail from a form.

80 No CVEs

Encrypted Post Type

encrypted-post-type

Encrypted Post Type provides a custom post type where the content of each post is encrypted.

0 No CVEs

Developer Profile

WP PGP Encrypted Emails Developer Profile

Meitar

13 plugins · 2K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP PGP Encrypted Emails

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-pgp-encrypted-emails/js/wp-pgp-encrypted-emails.js/wp-content/plugins/wp-pgp-encrypted-emails/css/wp-pgp-encrypted-emails.css

Script Paths

/wp-content/plugins/wp-pgp-encrypted-emails/js/wp-pgp-encrypted-emails.js

Version Parameters

wp-pgp-encrypted-emails/js/wp-pgp-encrypted-emails.js?ver=wp-pgp-encrypted-emails/css/wp-pgp-encrypted-emails.css?ver=

HTML / DOM Fingerprints

CSS Classes

wp-pgp-encrypted-emails-comment-notice

Data Attributes

data-wp-pgp-encrypted-emails-user-id

JS Globals

WP_PGP_ENCRYPTED_EMAILS_DATA

REST Endpoints

/wp-json/wp-pgp-encrypted-emails/v1/get-public-key

FAQ