Does Mailster Piwik have any unpatched vulnerabilities?

No. All known vulnerabilities in Mailster Piwik have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Mailster Piwik compatible with WordPress 6.5.8?

According to WordPress.org data, Mailster Piwik 1.0.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is Mailster Piwik updated?

Mailster Piwik was last updated on May 27, 2024. Frequent updates are generally a positive security signal.

What is Mailster Piwik's security score?

Mailster Piwik has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mailster Piwik Security & Risk Analysis

wordpress.org/plugins/mailster-piwik

Integrates Piwik Analytics with Mailster Newsletter Plugin to track your clicks

60 active installs v1.0.0 PHP + WP 6.0+ Updated May 27, 2024

analyticsmailsterpiwiktracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mailster Piwik Safe to Use in 2026?

Generally Safe

Score 92/100

Mailster Piwik has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The plugin "mailster-piwik" v1.0.0 exhibits a strong security posture based on the provided static analysis. There are no detected AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero attack surface. Furthermore, the code shows no usage of dangerous functions, file operations, or external HTTP requests, and all SQL queries are properly prepared. This indicates a good adherence to secure coding practices in these areas.

However, the analysis does highlight a couple of concerns. The taint analysis reveals two flows with unsanitized paths. While these did not reach a critical or high severity in this instance, unsanitized paths are a potential entry point for attackers to inject malicious data or manipulate application behavior. Additionally, with 22 total outputs and 32% not properly escaped (68% properly escaped), there's a risk of cross-site scripting (XSS) vulnerabilities, particularly if the unescaped output contains user-supplied data.

The vulnerability history is clean, with no known CVEs or past vulnerabilities. This is a positive indicator, suggesting the plugin has been developed with security in mind or has a minimal attack surface that has avoided past exploits. Overall, the plugin is well-developed from a security perspective, with its strengths lying in its minimal attack surface and secure handling of database operations. The primary areas for improvement are addressing the unsanitized paths identified in the taint analysis and ensuring all output is properly escaped to mitigate XSS risks.

Key Concerns

Flows with unsanitized paths
Unescaped output detected

Vulnerabilities

None known

Mailster Piwik Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Mailster Piwik Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

68% escaped22 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

metabox (mailster-piwik.php:197)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Mailster Piwik Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actioninitmailster-piwik.php:28

actionadmin_noticesmailster-piwik.php:42

actionadd_meta_boxesmailster-piwik.php:48

filtermailster_setting_sectionsmailster-piwik.php:49

actionmailster_section_tab_piwikmailster-piwik.php:50

actionsave_postmailster-piwik.php:51

actionmailster_wpfootermailster-piwik.php:55

filtermailster_redirect_tomailster-piwik.php:56

Maintenance & Trust

Mailster Piwik Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedMay 27, 2024

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

Mailster Piwik Alternatives

Mailster Google Analytics

mailster-google-analytics

Integrates Google Analytics with Mailster Newsletter Plugin to track your clicks with the popular Analytics service.

1K No CVEs

Mailster Live

mailster-live

See who opens your newsletter campaigns in real time.

600 No CVEs

GA Google Analytics – Connect Google Analytics to WordPress

ga-google-analytics

100

Adds Google Analytics tracking code to your WordPress site. Supports many tracking features.

400K No CVEs

Metricool

metricool

100

Metricool is the first tool designed to measure #Blog impact and #SocialMedia activity.

80K 1 CVE

SlimStat Analytics

wp-slimstat

The leading web analytics plugin for WordPress

80K 24 CVEs

Developer Profile

Mailster Piwik Developer Profile

EverPress

28 plugins · 121K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

255 days

View full developer profile

Detection Fingerprints

How We Detect Mailster Piwik

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

/wp-content/plugins/mailster-piwik/js/mailster-piwik.js

Version Parameters

mailster-piwik/js/mailster-piwik.js?ver=

HTML / DOM Fingerprints

CSS Classes

mailster_text

Data Attributes

name="mailster_piwik[pk_campaign]"name="mailster_piwik[pk_kwd]"name="mailster_options[piwik_siteid]"name="mailster_options[piwik_domain]"name="mailster_options[piwik_setdomains]"name="mailster_options[piwik][pk_campaign]"+1 more

JS Globals

jQuery

FAQ