Does Cart66 to Mailchimp have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Cart66 to Mailchimp compatible with WordPress 3.5.2?

According to WordPress.org data, Cart66 to Mailchimp 1.4 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Cart66 to Mailchimp updated?

Cart66 to Mailchimp was last updated on Aug 10, 2013. Frequent updates are generally a positive security signal.

What is Cart66 to Mailchimp's security score?

Cart66 to Mailchimp has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cart66 to Mailchimp Security & Risk Analysis

wordpress.org/plugins/cart66-to-mailchimp

Send customer emails to a Mailchimp list at the completion of a Cart66 transaction. Customer will receive a confirmation email from Mailchimp.

10 active installs v1.4 PHP + WP 2.8.2+ Updated Aug 10, 2013

cart66emailintegrationmailchimpnewsletter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cart66 to Mailchimp Safe to Use in 2026?

Generally Safe

Score 85/100

Cart66 to Mailchimp has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The cart66-to-mailchimp plugin v1.4 exhibits a generally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant positive. Furthermore, the code demonstrates good practices with 100% of SQL queries using prepared statements and all detected outputs being properly escaped. The lack of any known vulnerabilities in its history also suggests a history of secure development. However, a critical concern arises from the presence of the `unserialize` function, which, without proper sanitization or input validation, can lead to severe security vulnerabilities such as Remote Code Execution (RCE) if untrusted data is processed. The absence of nonce checks and capability checks on any potential entry points (though none were identified in the static analysis) is also a weakness. While the current static analysis shows no direct exploitable paths, the `unserialize` function represents a latent risk that requires careful attention and input validation to mitigate.

Key Concerns

Use of unserialize() without validation
Lack of nonce checks
Lack of capability checks

Vulnerabilities

None known

Cart66 to Mailchimp Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Cart66 to Mailchimp Release Timeline

v1.3

v1.2

v1.1

Code Analysis

Analyzed Mar 17, 2026

Cart66 to Mailchimp Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$serial = unserialize($response);mcinc\MCAPI.class.php:2464

Output Escaping

100% escaped4 total outputs

Attack Surface

Cart66 to Mailchimp Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actioncart66_after_order_savedcart66_to_mailchimp.php:56

actionadmin_initcart66_to_mailchimp.php:64

actionadmin_menucart66_to_mailchimp.php:93

Maintenance & Trust

Cart66 to Mailchimp Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedAug 10, 2013

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Cart66 to Mailchimp Alternatives

MC4WP: Mailchimp for WordPress

mailchimp-for-wp

The #1 Mailchimp plugin for WordPress. Allows you to add a multitude of newsletter sign-up methods to your site.

1.0M 11 CVEs

Mailchimp List Subscribe Form

mailchimp

Add a Mailchimp signup form block, widget, or shortcode to your WordPress site.

60K 1 CVE

CleverReach® WP

cleverreach-wp

Connect your WordPress account with our easy-to-use email software and increase the success of your website or blog with newsletter marketing!

4K 2 CVEs

Block for Mailchimp – Add Email Subscription Forms and Collect Leads

block-for-mailchimp

Add a custom email newsletter or subscription form to your WordPress site and connect it with Mailchimp to quickly grow your audience.

2K 1 CVE

Newsletter Sign-Up for CleverReach

cleverreach

100

Easily integrate a CleverReach Sign-Up form in your website. Supports widget, shortcode, comment integration and template function

2K No CVEs

Developer Profile

Cart66 to Mailchimp Developer Profile

johndaskovsky

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cart66 to Mailchimp

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

id="cart66-to-mailchimp-options-form"

FAQ