Is "WP HTML Mail – Email Designer" safe?

WP HTML Mail – Email Designer: Plugin Details

---

Type:	Plugin
Author:	Hannes Etzelstorfer // codemiq
URL:	https://wordpress.org/plugins/wp-html-mail/
Latest Version:	3.4.9

 

WP HTML Mail – Email Designer: Security Information

---

Insecure versions:	Up To 3.1.2
Known since:	2022-06-07 12:08:37

Insecure versions:	Up To 3.0.9
Known since:	2022-01-19 16:49:47

Insecure versions:	Up To 3.0.6
Known since:	2021-07-08 10:08:26
Description:	The plugin did not have any CSRF protections in place when saving its options, which could allow attacker to trick a logged in administrator change them. Due to the lack of sanitisation in some of the options, Stored XSS could also be achieved

Insecure versions:	Up To 3.0.6
Known since:	2021-07-08 10:08:26
Description:	The plugin did not have any CSRF protections in place when saving its options, which could allow attacker to trick a logged in administrator change them. Due to the lack of sanitisation in some of the options, Stored XSS could also be achieved

 

WP HTML Mail – Email Designer: Safety Recommendations

---

We have rated WP HTML Mail – Email Designer as Good (current version safe) which means that we have found vulnerabilities in older versions.

We recommend that you only use the latest version of WP HTML Mail – Email Designer.

WP HTML Mail – Email Designer: Keeping Safe

---

If you're running a business, ecommerce, news, or other critical website, Jetpack also provides additional indispensable services:

• Automated Backups
  Full backup of your entire site with unlimited storage space.
• Restores & Migrations
  Restore or migrate your site from a backup with one click.
• Security Scanning
  Regular, automated scans of your site for malware, threats, and hacks.
• Expert Support
  Fast, priority support for any WordPress security issue.

Choose Your Plan