CAUTION: major bug may lead to illegal signups

Caution to users of this plugin: There is a MAJOR bug in this plugin that was reported on GitHub in December 2016 and has not yet been addressed. Judging by the last commit, this bug has been present in this plugin since at least December 29, 2015.

This bug is major in that it signs people up even if they haven’t opted in by ticking the checkbox before submitting a form. This behavior potentially causes all US residents who have this plugin installed and operating on their server to be in violation of the CAN-SPAM Act of 2003 which requires people actively subscribe before receiving solicitation. In extreme cases this may result in litigation, but even on the lesser end of the spectrum, your server will certainly get reported to a number of blacklists – potentially hurting your business down the road.

I will be happy to change my review once this bug has been addressed – otherwise it seems pretty solid. But this is a big one.