WP-Safety

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Security & Risk Analysis

wordpress.org/plugins/wp-subscribe-form

Use Subscribe Forms to grow your email subscriber lists with Subscribe Forms built-in email forms templates and integrations 📧

2K active installs v1.6.2 PHP + WP 4.0+ Updated Mar 11, 2026
contact-formformform-builderformsmailchimp-form
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Safe to Use in 2026?

Generally Safe

Score 100/100

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "wp-subscribe-form" v1.6.2 plugin exhibits a generally good security posture, with a strong emphasis on proper authentication and authorization checks across its defined entry points. The absence of unpatched CVEs and any recorded past vulnerabilities is a significant positive indicator of the plugin's maintenance and developer attention to security. The extensive use of nonce and capability checks, coupled with a high percentage of properly escaped output, further bolsters its defensive measures against common web attacks.

Key Concerns

  • Use of unserialize
  • Flows with unsanitized paths
  • SQL queries not using prepared statements
  • Bundled libraries (Select2)
Vulnerabilities
None known

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Release Timeline

v1.6.2Current
v1.6.1
v1.6
v1.5.9
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
Code Analysis
Analyzed Mar 16, 2026

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Code Analysis

Dangerous Functions
1
Raw SQL Queries
10
14 prepared
Unescaped Output
89
945 escaped
Nonce Checks
9
Capability Checks
21
File Operations
12
External Requests
9
Bundled Libraries
1

Dangerous Functions Found

unserialize$serial = unserialize($response);includes\MCAPI.class.php:2904

Bundled Libraries

Select2

SQL Query Safety

58% prepared24 total queries

Output Escaping

91% escaped1034 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

8 flows1 with unsanitized paths
<sfba_support_process> (includes\sfba_support_process.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Attack Surface

Entry Points11
Unprotected0

AJAX Handlers 10

authwp_ajax_sfba_ajaxincludes\sfba-ajax-handler.php:168
noprivwp_ajax_sfba_ajaxincludes\sfba-ajax-handler.php:169
authwp_ajax_sfba_delete_db_recordincludes\sfba-ajax-handler.php:171
noprivwp_ajax_sfba_delete_db_recordincludes\sfba-ajax-handler.php:172
authwp_ajax_sfba_delete_db_dataincludes\sfba-ajax-handler.php:175
noprivwp_ajax_sfba_delete_db_dataincludes\sfba-ajax-handler.php:176
noprivwp_ajax_subscribe_form_send_message_to_ownerindex.php:249
authwp_ajax_subscribe_form_send_message_to_ownerindex.php:250
authwp_ajax_subscribe_forms_update_statussubscribe.class.php:8
authwp_ajax_subscribe_form_plugin_deactivatesubscribe.class.php:11

Shortcodes 1

[arrow_forms] includes\sfba-shortcode.php:6
WordPress Hooks 28
actionadmin_enqueue_scriptsclass-review-box.php:85
actionadmin_noticesclass-review-box.php:86
filtermanage_sfba_subscribe_form_posts_columnsincludes\sfba-custom-columns.php:4
actionmanage_sfba_subscribe_form_posts_custom_columnincludes\sfba-custom-columns.php:7
actionadmin_enqueue_scriptsincludes\sfba-enqueue-scripts.php:4
actionadmin_enqueue_scriptsincludes\sfba-enqueue-scripts.php:5
actionwp_print_scriptsincludes\sfba-enqueue-scripts.php:60
actionadd_meta_boxesincludes\sfba-post-meta-boxes.php:4
filtergettextincludes\sfba-post-meta-boxes.php:364
actioninitincludes\sfba-post-type.php:5
actionadmin_menuincludes\sfba-post-type.php:6
actionadmin_initincludes\sfba-post-type.php:7
actionadmin_enqueue_scriptsincludes\sfba-post-type.php:97
filterenter_title_hereincludes\sfba-post-type.php:162
actionsave_postincludes\sfba-save-post-meta.php:4
filterwidget_textincludes\sfba-shortcode.php:5
actionadmin_footerincludes\sfba-subscription-ajax.php:4
actionactivated_pluginindex.php:58
actionadmin_initindex.php:80
actionadmin_initindex.php:105
actionmanage_posts_extra_tablenavindex.php:177
actionadmin_initindex.php:184
actionadmin_footerindex.php:239
actionwp_loadedindex.php:349
actionadmin_initindex.php:438
actionadmin_footerindex.php:487
actionadmin_enqueue_scriptssubscribe.class.php:7
actionadmin_footersubscribe.class.php:10
Maintenance & Trust

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 11, 2026
PHP min version
Downloads103K

Community Trust

Rating94/100
Number of ratings60
Active installs2K
Alternatives

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Alternatives

WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More

WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More

wpforms-lite

A
88

The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.

6.0M 16 CVEs
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder

Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder

fluentform

B
82

Get a fast contact form plugin. Create advanced forms using drag and drop form builder with all smart features.

700K 33 CVEs
Ninja Forms – The Contact Form Builder That Grows With You

Ninja Forms – The Contact Form Builder That Grows With You

ninja-forms

B
76

The 100% beginner friendly WordPress form builder. Drag & drop form fields to build beautiful, professional contact forms in minutes.

600K 75 CVEs
SureForms – Contact Form, Payment Form & Other Custom Form Builder

SureForms – Contact Form, Payment Form & Other Custom Form Builder

sureforms

A
88

The most beginner-friendly AI Form Builder for WordPress. Create contact, payment, quiz & custom forms with advanced features in minutes.

500K 16 CVEs
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder

everest-forms

B
77

The best WordPress form builder. Create contact forms, payment forms, conversational forms, custom forms, surveys, & quizzes using drag and drop.

100K 15 CVEs
Developer Profile

Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form Developer Profile

Premio

9 plugins · 651K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
168 days
View full developer profile
Detection Fingerprints

How We Detect Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-subscribe-form/assets/css/admin-style.css/wp-content/plugins/wp-subscribe-form/assets/css/style.css/wp-content/plugins/wp-subscribe-form/assets/css/font-awesome.css/wp-content/plugins/wp-subscribe-form/assets/js/jquery.validate.min.js/wp-content/plugins/wp-subscribe-form/assets/js/admin-script.js/wp-content/plugins/wp-subscribe-form/assets/js/front-script.js
Script Paths
/wp-content/plugins/wp-subscribe-form/assets/js/jquery.validate.min.js/wp-content/plugins/wp-subscribe-form/assets/js/admin-script.js/wp-content/plugins/wp-subscribe-form/assets/js/front-script.js
Version Parameters
/wp-content/plugins/wp-subscribe-form/assets/css/admin-style.css?ver=/wp-content/plugins/wp-subscribe-form/assets/css/style.css?ver=/wp-content/plugins/wp-subscribe-form/assets/css/font-awesome.css?ver=/wp-content/plugins/wp-subscribe-form/assets/js/jquery.validate.min.js?ver=/wp-content/plugins/wp-subscribe-form/assets/js/admin-script.js?ver=/wp-content/plugins/wp-subscribe-form/assets/js/front-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
sfba-list-tablesfba-BlankState-ctasfba-subscribe-form
HTML Comments
/* subscribeform1 *//* subscribeform2 *//* subscribeform5 *//* subscribeform8 */+2 more
Data Attributes
sfba-form1-display-namesfba-form2-display-namesfba-form5-display-namesfba-form8-display-namesfba-form11-display-name
JS Globals
sfba_subscribe_form_params
Shortcode Output
[subscribe-form[subscribe-form
FAQ

Frequently Asked Questions about Subscribe Forms – Beautiful Email Forms, Embedded Newsletter Forms & MailChimp Form