@MediaPost – Formulário de cadastro Security & Risk Analysis

wordpress.org/plugins/mediapost

O plugin @MediaPost - Formulário de cadastro permite aos usuários da ferramenta de e-mail marketing @MediaPost criarem formulários de cadastro integra …

20 active installs v1.0.3 PHP + WP 3.0+ Updated Jun 24, 2020
mediapostcadastroemailformulario
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is @MediaPost – Formulário de cadastro Safe to Use in 2026?

Generally Safe

Score 85/100

@MediaPost – Formulário de cadastro has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "mediapost" plugin v1.0.3 exhibits a mixed security posture. While it demonstrates good practices by using prepared statements for all SQL queries and generally good output escaping (77%), it has significant concerns regarding its attack surface. Specifically, 3 out of 4 entry points, including all 3 AJAX handlers, lack proper authentication checks. This is a critical weakness that could allow unauthorized users to trigger plugin functionality. The taint analysis shows 2 flows with unsanitized paths, although without critical or high severity, this still warrants attention and suggests potential for manipulation. The plugin's clean vulnerability history with zero recorded CVEs is a positive sign, indicating a lack of previously exploited weaknesses. However, the presence of unprotected AJAX handlers presents a clear and present risk that needs immediate remediation.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
  • Large attack surface without auth
Vulnerabilities
None known

@MediaPost – Formulário de cadastro Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

@MediaPost – Formulário de cadastro Release Timeline

No version history available.
Code Analysis
Analyzed Mar 16, 2026

@MediaPost – Formulário de cadastro Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
28
96 escaped
Nonce Checks
5
Capability Checks
0
File Operations
2
External Requests
1
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

77% escaped124 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
mpwpFormsUpdateSettingsCallback (includes\admin\admin.php:9)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

@MediaPost – Formulário de cadastro Attack Surface

Entry Points4
Unprotected3

AJAX Handlers 3

authwp_ajax_mpwp_forms_load_forms_modelsincludes\functions.php:11
authwp_ajax_mpwp_forms_add_new_listincludes\functions.php:29
authwp_ajax_mpwp_forms_update_listsincludes\functions.php:60

Shortcodes 1

[mpwp_form] includes\shortcode.php:4
WordPress Hooks 11
actionadmin_initincludes\admin\admin.php:8
actionadmin_initincludes\admin\form.php:18
actionadmin_initincludes\admin\forms.php:31
actionadmin_initincludes\admin\forms.php:66
actionadmin_menuincludes\admin\menus.php:4
actionadmin_footerincludes\admin\views\new-list.php:21
actionadmin_footerincludes\admin\views\settings.php:35
actionadmin_footerincludes\admin\views\update-lists.php:21
actionwidgets_initincludes\widget.php:93
actionadmin_enqueue_scriptsmediapost.php:59
actioninitmediapost.php:67
Maintenance & Trust

@MediaPost – Formulário de cadastro Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedJun 24, 2020
PHP min version
Downloads7K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Developer Profile

@MediaPost – Formulário de cadastro Developer Profile

Ademir Diniz

4 plugins · 140 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect @MediaPost – Formulário de cadastro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mediapost/assets/css/default.css/wp-content/plugins/mediapost/assets/css/colorpicker_custom.css/wp-content/plugins/mediapost/assets/js/colorpicker.js/wp-content/plugins/mediapost/assets/js/default.js
Script Paths
/wp-content/plugins/mediapost/assets/js/colorpicker.js/wp-content/plugins/mediapost/assets/js/default.js
Version Parameters
mediapost/assets/css/default.css?ver=mediapost/assets/css/colorpicker_custom.css?ver=mediapost/assets/js/colorpicker.js?ver=mediapost/assets/js/default.js?ver=

HTML / DOM Fingerprints

Shortcode Output
[mpwp_form
FAQ

Frequently Asked Questions about @MediaPost – Formulário de cadastro