WP-Safety

Campaigner Email Marketing Security & Risk Analysis

wordpress.org/plugins/campaigner-email-marketing

An easy-to-use email marketing plugin to recover abandoned carts, notify customers about back-in-stock items, and grow your contact list.

0 active installs v1.3.0 PHP 7.2+ WP 5.0+ Updated Feb 18, 2026
abandoned-cartecommerceemail-marketingmarketingwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Campaigner Email Marketing Safe to Use in 2026?

Generally Safe

Score 100/100

Campaigner Email Marketing has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "campaigner-email-marketing" plugin v1.3.0 exhibits a generally strong security posture based on the provided static analysis. The complete absence of known CVEs, critical or high-severity taint flows, raw SQL queries, and dangerous functions indicates a mature development process with a focus on security best practices. The high percentage of properly escaped output and the use of prepared statements for SQL queries are particularly commendable.

However, the plugin is not without its concerns. The presence of 12 AJAX handlers, with one lacking any authentication checks, represents a significant attack vector. While the total attack surface is relatively small, this single unprotected entry point could be exploited by unauthenticated users to potentially manipulate plugin functionality or gain unauthorized access. The limited number of capability checks also warrants attention, as it might indicate a less granular approach to authorization within the plugin's operations.

In conclusion, the plugin demonstrates excellent foundational security. The lack of historical vulnerabilities is a positive sign. The primary weakness lies in the unprotected AJAX handler, which introduces a specific, albeit isolated, risk. Addressing this single unprotected AJAX endpoint would significantly bolster the plugin's security.

Key Concerns

  • AJAX handler without authentication
Vulnerabilities
None known

Campaigner Email Marketing Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Campaigner Email Marketing Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
99 escaped
Nonce Checks
11
Capability Checks
1
File Operations
0
External Requests
8
Bundled Libraries
0

Output Escaping

98% escaped101 total outputs
Data Flows
All sanitized

Data Flow Analysis

6 flows
campemma_handle_feature_activation (includes\helper\feature-activation-helper.php:27)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Campaigner Email Marketing Attack Surface

Entry Points12
Unprotected1

AJAX Handlers 12

authwp_ajax_campemma_notify_meincludes\back-in-stock\ajax-handler.php:115
noprivwp_ajax_campemma_notify_meincludes\back-in-stock\ajax-handler.php:116
authwp_ajax_campemma_activate_featureincludes\helper\feature-activation-helper.php:459
authwp_ajax_campemma_fetch_configsincludes\helper\feature-activation-helper.php:460
authwp_ajax_campemma_deactivate_featureincludes\helper\feature-activation-helper.php:461
authwp_ajax_campemma_activate_featureincludes\settings\settings-init.php:146
authwp_ajax_campemma_handle_connectincludes\settings\settings-init.php:457
authwp_ajax_campemma_auth_formincludes\settings\settings-init.php:707
authwp_ajax_campemma_handle_account_selectionincludes\settings\settings-init.php:932
noprivwp_ajax_campemma_handle_account_selectionincludes\settings\settings-init.php:933
authwp_ajax_campemma_handle_account_selection_cancelincludes\settings\settings-init.php:935
authwp_ajax_campemma_create_storeincludes\settings\settings-init.php:936
WordPress Hooks 35
actionbefore_woocommerce_initcampaigner-email-marketing.php:37
actionplugins_loadedcampaigner-email-marketing.php:68
actionadmin_initcampaigner-email-marketing.php:110
actionadmin_initcampaigner-email-marketing.php:141
actionadmin_noticescampaigner-email-marketing.php:214
actionadmin_enqueue_scriptscampaigner-email-marketing.php:302
actionadmin_enqueue_scriptscampaigner-email-marketing.php:454
actionadmin_enqueue_scriptscampaigner-email-marketing.php:456
filterwoocommerce_rest_customer_querycampaigner-email-marketing.php:471
actionplugins_loadedcampaigner-email-marketing.php:514
actioninitcampaigner-email-marketing.php:555
actionwoocommerce_product_meta_endcampaigner-email-marketing.php:558
actionwp_enqueue_scriptscampaigner-email-marketing.php:559
actionadmin_noticescampaigner-email-marketing.php:563
actionwp_enqueue_scriptscampaigner-email-marketing.php:567
actionadmin_enqueue_scriptscampaigner-email-marketing.php:716
actionrest_api_initincludes\auth\callback.php:44
actioninitincludes\back-in-stock\gutenberg-support.php:119
filterblock_categories_allincludes\back-in-stock\gutenberg-support.php:145
filterblock_categoriesincludes\back-in-stock\gutenberg-support.php:148
actionadmin_menuincludes\back-in-stock\notify-me-settings.php:16
actionadmin_initincludes\back-in-stock\notify-me-settings.php:44
actionwoocommerce_variation_set_stock_statusincludes\back-in-stock\stock-monitor-handler.php:34
actionwoocommerce_product_set_stock_statusincludes\back-in-stock\stock-monitor-handler.php:35
actionwoocommerce_variation_set_stockincludes\back-in-stock\stock-monitor-handler.php:38
actionwoocommerce_product_set_stockincludes\back-in-stock\stock-monitor-handler.php:39
actionwoocommerce_product_meta_endincludes\back-in-stock\webhook-support.php:70
actionwoocommerce_product_meta_endincludes\back-in-stock\webhook-support.php:208
actionrest_api_initincludes\deactivation\api\webhook.php:31
actionadmin_menuincludes\settings\settings-init.php:31
actionadmin_initincludes\settings\settings-init.php:64
actionwoocommerce_variation_set_stock_statusincludes\stock\stock-monitor-handler.php:34
actionwoocommerce_product_set_stock_statusincludes\stock\stock-monitor-handler.php:35
actionwoocommerce_variation_set_stockincludes\stock\stock-monitor-handler.php:38
actionwoocommerce_product_set_stockincludes\stock\stock-monitor-handler.php:39
Maintenance & Trust

Campaigner Email Marketing Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 18, 2026
PHP min version7.2
Downloads123

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Campaigner Email Marketing Alternatives

Cart Rescue – Abandoned Cart Recovery for WooCommerce

Cart Rescue – Abandoned Cart Recovery for WooCommerce

cart-rescue-abandoned-cart-recovery

A
100

A complete abandoned cart recovery solution to grow your business. Features a premium UI, email templates, and detailed reports.

0 No CVEs
MailerLite – WooCommerce integration

MailerLite – WooCommerce integration

woo-mailerlite

A
93

Powerful e-commerce email marketing tools that are easy to use. Grow your store with automated emails, pop-ups, product blocks, sales tracking + more.

30K 4 CVEs
MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics

MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics

makewebbetter-hubspot-for-woocommerce

A
98

Integrate WooCommerce with HubSpot’s free CRM, abandoned cart tracking, email marketing, marketing automation, analytics & more.

7K 1 CVE
Zoho Campaigns

Zoho Campaigns

zoho-campaigns

A
95

Zoho Campaigns

4K 4 CVEs
Retainful – WooCommerce Abandoned Cart, Newsletters, Email Marketing, Signup Forms and Automation

Retainful – WooCommerce Abandoned Cart, Newsletters, Email Marketing, Signup Forms and Automation

retainful-next-order-coupon-for-woocommerce

A
100

WooCommerce abandoned cart recovery, Newsletters, Email campaigns, Subscription forms, Popups and Email Marketing Automation plugin

2K No CVEs
Developer Profile

Campaigner Email Marketing Developer Profile

campaignerwoocommerce

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Campaigner Email Marketing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/campaigner-email-marketing/assets/css/campaigner-admin.css/wp-content/plugins/campaigner-email-marketing/assets/js/campaigner-admin.js/wp-content/plugins/campaigner-email-marketing/assets/css/campaigner-frontend.css/wp-content/plugins/campaigner-email-marketing/assets/js/campaigner-frontend.js
Script Paths
/wp-content/plugins/campaigner-email-marketing/assets/js/campaigner-admin.js/wp-content/plugins/campaigner-email-marketing/assets/js/campaigner-frontend.js
Version Parameters
campaigner-email-marketing/assets/css/campaigner-admin.css?ver=campaigner-email-marketing/assets/js/campaigner-admin.js?ver=campaigner-email-marketing/assets/css/campaigner-frontend.css?ver=campaigner-email-marketing/assets/js/campaigner-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
campaigner-settings-wrapcampemma-admin-noticecampemma-auth-pendingcampemma-auth-deniedcampemma-admin-section-titlecampemma-admin-section-contentcampemma-api-key-fieldcampemma-api-secret-field+4 more
HTML Comments
<!-- Campaigner Email Marketing settings --><!-- Campaigner authorization pending notice --><!-- Campaigner authorization denied notice --><!-- Campaigner API Settings Section -->+2 more
Data Attributes
data-campemma-api-key-inputdata-campemma-api-secret-inputdata-campemma-sync-buttondata-campemma-back-in-stock-formdata-campemma-back-in-stock-email-fielddata-campemma-back-in-stock-subscribe-button
JS Globals
window.campaignerAdminwindow.campaignerFrontend
REST Endpoints
/wp-json/campemma/v1/sync-contacts/wp-json/campemma/v1/subscribe-back-in-stock/wp-json/campemma/v1/webhook/deactivation/wp-json/campemma/v1/webhook/back-in-stock
FAQ

Frequently Asked Questions about Campaigner Email Marketing