Axxies,
Below is a good article for you to read up on. It explains what Cloudflare, a very well know security company uses for their own email cloaking.
https://support.cloudflare.com/hc/en-us/articles/200170016-What-is-Email-Address-Obfuscation-
The Cloak Front End Email plugin follows the same methodology. The email addresses are not in the source code of the website. Therefore any programing language that is doing a request to the site will scrape the source code of a website and since the email is not embedded in the source your emails will not be leaked.
Source code will look like this:
<span class=”cfe-jsemail”><a href=”#”>loading…</a></span>
I actually have quite a bit experience with web scraping and this is why I developed this plugin. To help protect against email harvesting.
As a side note, the cloaking methodology of [at] or [dot] can easily be scrape as you just have to tweak your regular expression that looks for @ and . to match these alternatives. These methods are actually less secure in terms of they still leak your email just in a different format. And a well versed programmer that is scraping sites for emails will just include those variations.
Im not sure if WordPress allows changing a review star count but hopefully after this information you can make a better informed review on this plugin.
