The reason why professional developers send emails via the backend isn't that they can't do it on the frontend or they aren't aware of these kinds of hacks. The reason is that you are exposing your SMTP credentials or API keys in your frontend Javascript codes when you do this.
It doesn't take an inexperienced hacker anything to place breakpoints in your codes are obtain these credentials even if the codes are obsfucated.
This is highly unrecommended and should never be done even in a non-critical application like a blog or portfolio page.