Does Campaign Monitor Dual Registration have any unpatched vulnerabilities?

No. All known vulnerabilities in Campaign Monitor Dual Registration have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Campaign Monitor Dual Registration compatible with WordPress 4.1.42?

According to WordPress.org data, Campaign Monitor Dual Registration 1.0.8 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Campaign Monitor Dual Registration updated?

Campaign Monitor Dual Registration was last updated on Jan 21, 2015. Frequent updates are generally a positive security signal.

What is Campaign Monitor Dual Registration's security score?

Campaign Monitor Dual Registration has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Campaign Monitor Dual Registration Security & Risk Analysis

wordpress.org/plugins/campaign-monitor-dual-registration

Automatically add new Wordpress users to your mailing list on Campaign Monitor.

10 active installs v1.0.8 PHP + WP 3.0.1+ Updated Jan 21, 2015

add-userscampaign-monitormailing-listuser-management

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Campaign Monitor Dual Registration Safe to Use in 2026?

Generally Safe

Score 85/100

Campaign Monitor Dual Registration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

This plugin exhibits a concerning security posture primarily due to a lack of robust access control mechanisms. The static analysis reveals two AJAX handlers, both of which are unprotected, presenting a significant attack surface that could be exploited by unauthenticated users. Furthermore, the presence of the `unserialize` function is a red flag, as it can lead to Remote Code Execution (RCE) if used with untrusted user input, although the taint analysis found no such flows in this specific version. The extremely low percentage of properly escaped output (2%) indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, exposing users to malicious script injection.

Key Concerns

Unprotected AJAX handlers
Dangerous function used (unserialize)
Very low percentage of properly escaped output
No nonce checks
No capability checks

Vulnerabilities

None known

Campaign Monitor Dual Registration Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Campaign Monitor Dual Registration Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

132

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$cmdr_settings[ 'user_fields' ] = ( array ) unserialize( base64_decode( get_option( 'cmdr_user_fieldcampaign-monitor-dual-registration.php:172

SQL Query Safety

100% prepared1 total queries

Output Escaping

2% escaped135 total outputs

Attack Surface

2 unprotected

Campaign Monitor Dual Registration Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_cmdr-cm-synccampaign-monitor-dual-registration.php:24

noprivwp_ajax_cmdr-cm-synccampaign-monitor-dual-registration.php:25

WordPress Hooks 7

actionadmin_initcampaign-monitor-dual-registration.php:18

actionadmin_menucampaign-monitor-dual-registration.php:19

actioninitcampaign-monitor-dual-registration.php:20

actionprofile_updatecampaign-monitor-dual-registration.php:21

actionupdate_option_cmdr_settingscampaign-monitor-dual-registration.php:22

actionuser_registercampaign-monitor-dual-registration.php:23

filterupdate_user_metadatacampaign-monitor-dual-registration.php:27

Maintenance & Trust

Campaign Monitor Dual Registration Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedJan 21, 2015

PHP min version

Downloads3K

Community Trust

Rating94/100

Number of ratings3

Active installs10

Alternatives

Campaign Monitor Dual Registration Alternatives

Campaign Monitor Synchronization

campaign-monitor-synchronization

Use the user list in your Wordpress installation as your mailing list for Campaign Monitor.

10 No CVEs

WebCourier Plugin

webcourier

Plugin feito para envio de pesquisas de satisfação.

10 No CVEs

New User Approve

new-user-approve

WordPress user approval plugin to moderate registrations. Approve or deny real users and prevent fake signups to control who registers on site.

20K 9 CVEs

User Access Manager

user-access-manager

With the "User Access Manager"-plugin you can manage the access to your posts, pages and files.

10K 4 CVEs

Delete Me

delete-me

Allow users with specific WordPress roles to delete themselves from the Your Profile page or anywhere Shortcodes can be used.

8K 1 CVE

Developer Profile

Campaign Monitor Dual Registration Developer Profile

Carlo Roosen

5 plugins · 140 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Campaign Monitor Dual Registration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

name="cmdr_settings[user_fields][]"name="cmdr_settings[user_role]"name="cmdr_settings[api_key]"name="cmdr_settings[list_id]"name="cmdr_settings[cm_sync]"value="cmdr_settings[user_fields][]"+6 more

FAQ