
Display MailChimp Security & Risk Analysis
wordpress.org/plugins/display-mailchimp-shortcodeShortcode to display Mailchimp campaigns.
Is Display MailChimp Safe to Use in 2026?
Generally Safe
Score 85/100Display MailChimp has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'display-mailchimp-shortcode' plugin version 1.2.0 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and proper output escaping for all identified outputs are significant strengths. The plugin also avoids file operations and external HTTP requests, further reducing its attack surface. The lack of any known CVEs, past or present, indicates a history of responsible development or fortunate avoidance of discovered vulnerabilities.
However, there are areas that warrant caution. The plugin has one shortcode, which serves as an entry point into the application. While the static analysis reports zero unprotected entry points, the absence of explicit capability checks and nonce checks on this shortcode is a notable concern. If this shortcode handles user input or performs actions that should be restricted to authenticated users, the lack of these security measures could be exploited. The fact that there are no taint flows analyzed is neither inherently good nor bad, but it means this analysis method couldn't identify any input-related vulnerabilities, which may be due to the plugin's limited complexity or the scope of the analysis.
In conclusion, while the plugin has several positive security indicators and a clean vulnerability history, the absence of capability and nonce checks on its sole shortcode represents a potential weakness. This is a common area for vulnerabilities in WordPress plugins. The overall risk is currently low, but this specific area could be exploited if the shortcode performs sensitive operations.
Key Concerns
- Missing nonce checks on shortcode
- Missing capability checks on shortcode
Display MailChimp Security Vulnerabilities
Display MailChimp Release Timeline
Display MailChimp Code Analysis
Output Escaping
Display MailChimp Attack Surface
Shortcodes 1
WordPress Hooks 2
Maintenance & Trust
Display MailChimp Maintenance & Trust
Maintenance Signals
Community Trust
Display MailChimp Alternatives
Another Mailchimp Widget
another-mailchimp-widget
Simple Mailchimp subscription form to your lists and groups.
MailChimp Campaign Archive
mailchimp-campaign-archive
Adds a [mailchimp_campaigns] shortcode that lists your latest MailChimp email campaigns
Mailchimp Food-Cook Subscribe
mailchimp-subscribe-for-food-cook-theme
This makes easy, the setup of a website's newsletter subscription widget and modal popup. Best used in food and cook recipe theme or woothemes.
Fetch Mailchimp Fields
fetch-mailchimp-fields
This plugin looks up a Subscriber in MailChimp list and shows their merge fields.
Mailchimp subscribe for WP
zt-mailchimp-subscribe
MailChimp subscribe for WordPress by Artem Koliada. Adds ajax shortcode to your site.
Display MailChimp Developer Profile
7 plugins · 80 total installs
How We Detect Display MailChimp
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/display-mailchimp-shortcode/style.css?ver=/display-mailchimp-shortcode/script.js?ver=HTML / DOM Fingerprints
display-mailchimppage-numberspaging-navigation<ul class="display-mailchimp"><nav class="navigation paging-navigation" role="navigation"><div class="page-links"><a class="page-numbers"