Does Include Klaviyo for Elementor pro have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Include Klaviyo for Elementor pro compatible with WordPress 6.9.4?

According to WordPress.org data, Include Klaviyo for Elementor pro 5.1.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Include Klaviyo for Elementor pro updated?

Include Klaviyo for Elementor pro was last updated on Mar 4, 2026. Frequent updates are generally a positive security signal.

What is Include Klaviyo for Elementor pro's security score?

Include Klaviyo for Elementor pro has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Include Klaviyo for Elementor pro Security & Risk Analysis

wordpress.org/plugins/include-klaviyo-for-elementor-pro

Klaviyo's list API integration for Elementor pro form

2K active installs v5.1.6 PHP + WP 5.4+ Updated Mar 4, 2026

elementor-proklaviyo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Include Klaviyo for Elementor pro Safe to Use in 2026?

Generally Safe

Score 100/100

Include Klaviyo for Elementor pro has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

This plugin exhibits several concerning security practices despite a clean vulnerability history. The static analysis reveals a significant attack surface, with two AJAX handlers present and critically, both lacking any authentication checks. This means that any unauthenticated user could potentially trigger these handlers, leading to unintended actions within the WordPress site.

While the plugin demonstrates good practices regarding SQL queries (all using prepared statements) and a relatively high percentage of output escaping, the absence of nonces and capability checks on these unprotected AJAX endpoints is a major weakness. The taint analysis, although showing no critical or high severity unsanitized paths, is limited by the lack of broader security checks. The complete absence of known CVEs is positive but should not overshadow the immediate risks identified in the code's entry points.

In conclusion, while the plugin doesn't have a history of publicly disclosed vulnerabilities, the current version presents a clear risk due to its exposed AJAX endpoints. The lack of authentication, nonces, and capability checks on these points is a critical oversight. Developers should prioritize implementing proper authorization and input validation for these AJAX handlers to mitigate potential security threats.

Key Concerns

Unprotected AJAX handlers without auth checks
Missing nonce checks on AJAX handlers
Missing capability checks on AJAX handlers
File operations detected
External HTTP requests detected

Vulnerabilities

None known

Include Klaviyo for Elementor pro Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Include Klaviyo for Elementor pro Release Timeline

v5.1.6Current

v5.1.0

v5.0.1

v5.0

v4.1

v4.0

v3.3

v2.1

Code Analysis

Analyzed Mar 16, 2026

Include Klaviyo for Elementor pro Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

71% escaped7 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

init (include-elementor-klaviyo.php:161)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Include Klaviyo for Elementor pro Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_update_dismiss_statusinclude-elementor-klaviyo.php:165

noprivwp_ajax_update_dismiss_statusinclude-elementor-klaviyo.php:166

WordPress Hooks 10

actioninitinclude-elementor-klaviyo.php:126

actionplugins_loadedinclude-elementor-klaviyo.php:127

actionadmin_noticesinclude-elementor-klaviyo.php:163

actionadmin_footerinclude-elementor-klaviyo.php:174

actionadmin_noticesinclude-elementor-klaviyo.php:202

actionadmin_noticesinclude-elementor-klaviyo.php:208

actionadmin_noticesinclude-elementor-klaviyo.php:214

actionadmin_noticesinclude-elementor-klaviyo.php:219

actionelementor/widgets/widgets_registeredinclude-elementor-klaviyo.php:224

actionelementor/controls/controls_registeredinclude-elementor-klaviyo.php:225

Maintenance & Trust

Include Klaviyo for Elementor pro Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version

Downloads31K

Community Trust

Rating84/100

Number of ratings10

Active installs2K

Alternatives

Include Klaviyo for Elementor pro Alternatives

Klaviyo

klaviyo

Klaviyo for WooCommerce

100K 2 CVEs

Integration for Elementor forms – Sendinblue

integration-for-elementor-forms-sendinblue

100

Connect your Elementor Pro forms to Sendinblue/Brevo to easily capture and manage contacts from your website.

7K No CVEs

Add class to Elementor Image

add-class-to-elementor-image

100

Simple plugin to add custom CSS class to Elementor image.

1K No CVEs

Product Carousel Slider for Elementor

ecommerce-product-carousel-slider-for-elementor

Product Carousel Slider for Elementor Lets you display your WooCommerce Products as Carousel Slider. You can now display your WooCommerce Products usi …

1K 1 unpatched

Gravity Forms Klaviyo Add-On

gf-klaviyo-add-on

Gravity Forms Klaviyo Add-On seamlessly integrates Gravity Forms with Klaviyo, enabling powerful email marketing automation.

1K No CVEs

Developer Profile

Include Klaviyo for Elementor pro Developer Profile

thongnguyenminh

1 plugin · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Include Klaviyo for Elementor pro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/include-klaviyo-for-elementor-pro/klaviyo-elementor-forms.php/wp-content/plugins/include-klaviyo-for-elementor-pro/assets/js/klaviyo-elementor-forms.js/wp-content/plugins/include-klaviyo-for-elementor-pro/assets/css/klaviyo-elementor-forms.css

Script Paths

/wp-content/plugins/include-klaviyo-for-elementor-pro/assets/js/klaviyo-elementor-forms.js

Version Parameters

include-klaviyo-for-elementor-pro/klaviyo-elementor-forms.php?ver=include-klaviyo-for-elementor-pro/assets/js/klaviyo-elementor-forms.js?ver=include-klaviyo-for-elementor-pro/assets/css/klaviyo-elementor-forms.css?ver=

HTML / DOM Fingerprints

CSS Classes

tho-admin-notices

Data Attributes

data-klaviyo-form-id

JS Globals

dismissNotice

REST Endpoints

/wp-json/kvelem/v1/notice

FAQ