WP-Safety

Mailing Manager – PN Security & Risk Analysis

wordpress.org/plugins/mailpn

Effortlessly manage your email campaigns. Schedule, send, and track emails directly from your dashboard to engage your audience like never before.

10 active installs v1.0.19 PHP 7.2+ WP 3.0+ Updated Feb 16, 2026
emailmail-addressmailingnotificationssender
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Mailing Manager – PN Safe to Use in 2026?

Generally Safe

Score 100/100

Mailing Manager – PN has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "mailpn" plugin v1.0.20 exhibits a concerning security posture due to a significant number of unprotected entry points. The static analysis reveals 3 total entry points, with all 3 lacking proper authentication or permission checks. This includes 2 AJAX handlers and 1 REST API route that are directly accessible to unauthenticated users, posing a significant risk of unauthorized actions. While the code demonstrates good practices in other areas, such as the absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and a high percentage of properly escaped output, these strengths are overshadowed by the critical flaw of unprotected endpoints. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign. However, the current static analysis findings suggest that even without past vulnerabilities, the inherent design of the accessible entry points creates a high potential for future exploits. The plugin needs immediate attention to implement robust authentication and authorization mechanisms for all identified entry points to mitigate the substantial risks.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • Unprotected entry points (all 3)
Vulnerabilities
None known

Mailing Manager – PN Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Mailing Manager – PN Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
84
822 escaped
Nonce Checks
22
Capability Checks
12
File Operations
4
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

91% escaped906 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
mailpn_welcome_management_page (includes\class-mailpn-settings.php:599)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Mailing Manager – PN Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 2

authwp_ajax_mailpn_update_cart_timestampincludes\class-mailpn-woocommerce.php:43
noprivwp_ajax_mailpn_update_cart_timestampincludes\class-mailpn-woocommerce.php:44

REST API Routes 1

GET/wp-json/mailpn/v1/track/(?P<user_id>\d+)/(?P<mail_id>\d+)includes\class-mailpn-mailing.php:561
WordPress Hooks 18
actionphpmailer_initincludes\class-mailpn-ajax.php:233
actionphpmailer_initincludes\class-mailpn-mailing.php:111
actionwp_enqueue_scriptsincludes\class-mailpn-selector.php:29
actionadmin_enqueue_scriptsincludes\class-mailpn-selector.php:30
actionwoocommerce_order_status_completedincludes\class-mailpn-woocommerce.php:33
actionwoocommerce_order_status_processingincludes\class-mailpn-woocommerce.php:34
actionwoocommerce_add_to_cartincludes\class-mailpn-woocommerce.php:37
actionwoocommerce_cart_item_removedincludes\class-mailpn-woocommerce.php:38
actionwoocommerce_cart_item_restoredincludes\class-mailpn-woocommerce.php:39
actionwoocommerce_cart_item_set_quantityincludes\class-mailpn-woocommerce.php:40
filterpll_get_post_typesincludes\class-mailpn.php:280
filterpll_get_taxonomiesincludes\class-mailpn.php:281
actioninitincludes\class-mailpn.php:377
filterquery_varsincludes\class-mailpn.php:385
actiontemplate_redirectincludes\class-mailpn.php:393
actionphpmailer_initincludes\class-mailpn.php:632
actionwp_mail_succeededincludes\class-mailpn.php:644
actioninitmailpn.php:269

Scheduled Events 3

mailpn_cron_daily
mailpn_cron_ten_minutes
mailpn_cron_weekly
Maintenance & Trust

Mailing Manager – PN Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 16, 2026
PHP min version7.2
Downloads757

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Mailing Manager – PN Alternatives

Admin Email As From Address

Admin Email As From Address

admin-email-as-from-address

A
85

Use the admin email address as the from email address

60 No CVEs
Lemme Know

Lemme Know

wp-lemme-know

A
100

Sends e-mail notification for all subscribers when a new post is published.

20 No CVEs
CN Blog Mailer

CN Blog Mailer

cn-blog-mailer

A
100

Simple automated newsletter plugin for WordPress. Automatically email your latest blog posts to subscribers with scheduled newsletters, subscription f &hellip;

0 No CVEs
Site Mailer – SMTP Replacement, Email API Deliverability & Email Log

Site Mailer – SMTP Replacement, Email API Deliverability & Email Log

site-mailer

A
98

Effortlessly manage transactional emails with Site Mailer. High deliverability, logs and statistics, and no SMTP plugins needed.

200K 1 CVE
Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress

Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress

email-subscribers

B
76

Add subscription forms on the website and send newsletters & automatically send post notification about new blog posts once it gets published.

60K 42 CVEs
Developer Profile

Mailing Manager – PN Developer Profile

Félix Martínez

8 plugins · 20 total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Mailing Manager – PN

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mailpn/assets/css/admin/mailpn-admin.css/wp-content/plugins/mailpn/assets/css/mailpn-popups.css/wp-content/plugins/mailpn/assets/css/mailpn-style.css/wp-content/plugins/mailpn/assets/css/mailpn-frontend.css/wp-content/plugins/mailpn/assets/js/mailpn-admin.js/wp-content/plugins/mailpn/assets/js/mailpn-frontend.js/wp-content/plugins/mailpn/assets/js/mailpn-scripts.js
Script Paths
/wp-content/plugins/mailpn/assets/js/mailpn-admin.js/wp-content/plugins/mailpn/assets/js/mailpn-frontend.js/wp-content/plugins/mailpn/assets/js/mailpn-scripts.js
Version Parameters
mailpn/assets/css/admin/mailpn-admin.css?ver=mailpn/assets/css/mailpn-popups.css?ver=mailpn/assets/css/mailpn-style.css?ver=mailpn/assets/css/mailpn-frontend.css?ver=mailpn/assets/js/mailpn-admin.js?ver=mailpn/assets/js/mailpn-frontend.js?ver=mailpn/assets/js/mailpn-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
mailpn-dashboardmailpn-popupsmailpn-post-list-wrapmailpn-mail-composermailpn-rec-list-wrapmailpn-form-fieldmailpn-form-groupmailpn-settings-section+9 more
HTML Comments
<!-- mailpn_mail Custom Post Type --><!-- mailpn_rec Custom Post Type --><!-- Mailpn Admin notices --><!-- Mailpn Mail Composer Start -->+6 more
Data Attributes
data-mailpn-section-iddata-mailpn-post-iddata-mailpn-user-iddata-mailpn-copy-contentdata-mailpn-parentdata-mailpn-parent-option+3 more
JS Globals
mailpn_admin_paramsmailpn_frontend_paramsMAILPN_AJAX_URLMAILPN_PLUGIN_URLMAILPN_VERSION
REST Endpoints
/wp-json/mailpn/v1/send/wp-json/mailpn/v1/schedule/wp-json/mailpn/v1/recipients/wp-json/mailpn/v1/settings/wp-json/mailpn/v1/campaigns
Shortcode Output
[mailpn_form][mailpn_preview][mailpn_campaigns][mailpn_recipients]
FAQ

Frequently Asked Questions about Mailing Manager – PN