WP-Safety

Miix Laposta Campaigns Lite Security & Risk Analysis

wordpress.org/plugins/miix-laposta-campaigns-lite

Display your Laposta email campaigns within WordPress with shortcode functionality.

0 active installs v1.2.0 PHP 7.4+ WP 5.8+ Updated Feb 21, 2026
campaignsemailemail-marketinglapostanewsletter
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Miix Laposta Campaigns Lite Safe to Use in 2026?

Generally Safe

Score 100/100

Miix Laposta Campaigns Lite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The miix-laposta-campaigns-lite plugin v1.2.0 exhibits a mixed security posture. On the positive side, there are no recorded vulnerabilities (CVEs), no critical or high-severity taint flows, and no dangerous functions or file operations. The majority of SQL queries use prepared statements and a good percentage of output is properly escaped. However, a significant concern is the presence of 2 AJAX handlers that lack authentication checks. This creates direct entry points into the plugin's functionality that could be exploited by unauthenticated users, potentially leading to unauthorized actions or information disclosure. While taint analysis shows no unsanitized paths, the lack of authorization on AJAX endpoints is a notable weakness that requires attention.

Overall, the plugin demonstrates some good security practices, particularly in its handling of SQL and output. The absence of past vulnerabilities is also a positive indicator. However, the unprotected AJAX endpoints represent a clear and present risk. If these endpoints perform sensitive operations or expose sensitive data, they could be exploited. The plugin's total entry points are low, but the proportion of unprotected entry points is concerning. This warrants a security improvement focused on implementing proper authentication and authorization checks for all AJAX handlers.

Key Concerns

  • Unprotected AJAX handlers found
  • AJAX handlers without auth checks
  • SQL queries not using prepared statements
  • Output not properly escaped
Vulnerabilities
None known

Miix Laposta Campaigns Lite Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Miix Laposta Campaigns Lite Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
2 prepared
Unescaped Output
49
118 escaped
Nonce Checks
2
Capability Checks
12
File Operations
0
External Requests
6
Bundled Libraries
0

SQL Query Safety

67% prepared3 total queries

Output Escaping

71% escaped167 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<class-miix-laposta-campaigns-lite-settings> (includes\class-miix-laposta-campaigns-lite-settings.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Miix Laposta Campaigns Lite Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

authwp_ajax_miix_laposta_campaigns_lite_fetch_campaign_detailsmiix-laposta-campaigns-lite.php:57
authwp_ajax_miix_laposta_campaigns_lite_clear_campaign_cachemiix-laposta-campaigns-lite.php:58

Shortcodes 1

[miix_laposta_campaigns_lite] miix-laposta-campaigns-lite.php:169
WordPress Hooks 12
actionadmin_menuincludes\class-miix-laposta-campaigns-lite-settings.php:38
actionadmin_initincludes\class-miix-laposta-campaigns-lite-settings.php:39
actionadmin_enqueue_scriptsincludes\class-miix-laposta-campaigns-lite-settings.php:40
actionadmin_initincludes\class-miix-laposta-campaigns-lite-settings.php:44
actionadmin_noticesincludes\class-miix-laposta-campaigns-lite-settings.php:45
actioninitincludes\class-miix-laposta-campaigns-lite.php:77
actionmiix_laposta_campaigns_lite_process_campaign_queuemiix-laposta-campaigns-lite.php:62
actionadmin_noticesmiix-laposta-campaigns-lite.php:65
actionplugins_loadedmiix-laposta-campaigns-lite.php:138
actioninitmiix-laposta-campaigns-lite.php:171
actionwp_enqueue_scriptsmiix-laposta-campaigns-lite.php:497
filterplugin_row_metamiix-laposta-campaigns-lite.php:512
Maintenance & Trust

Miix Laposta Campaigns Lite Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 21, 2026
PHP min version7.4
Downloads203

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Miix Laposta Campaigns Lite Alternatives

Virfice – Self-hosted Email Marketing for WordPress, Newsletter, WooCommerce Emails, Automation, and More

Virfice – Self-hosted Email Marketing for WordPress, Newsletter, WooCommerce Emails, Automation, and More

emails-for-woocommerce

A
100

Design emails, send targeted campaigns, automate workflows, and manage WordPress system & WooCommerce emails — all directly from your dashboard.

60 No CVEs
Email Marketing for WordPress and WooCommerce – Retainful

Email Marketing for WordPress and WooCommerce – Retainful

retainful

A
100

Email marketing, newsletters for WordPress and WooCommerce. Send newsletters and campaigns, recover abandoned carts, signup forms, and more

60 No CVEs
Bens Email Marketing & Automation

Bens Email Marketing & Automation

bens-email-marketing-automation

A
100

Fast and simple Email Marketing, Newsletters, Automation & CRM for WordPress.

0 No CVEs
Hostinger Reach – AI-Powered Email Marketing for WordPress

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

A
100

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M No CVEs
MailPoet – Newsletters, Email Marketing, and Automation

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

A
98

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs
Developer Profile

Miix Laposta Campaigns Lite Developer Profile

Fred Klopper

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Miix Laposta Campaigns Lite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/miix-laposta-campaigns-lite/css/campaigns-lite-admin.css/wp-content/plugins/miix-laposta-campaigns-lite/css/campaigns-lite-public.css/wp-content/plugins/miix-laposta-campaigns-lite/js/campaigns-lite-admin.js
Script Paths
/wp-content/plugins/miix-laposta-campaigns-lite/js/campaigns-lite-admin.js
Version Parameters
miix-laposta-campaigns-lite/css/campaigns-lite-admin.css?ver=miix-laposta-campaigns-lite/css/campaigns-lite-public.css?ver=miix-laposta-campaigns-lite/js/campaigns-lite-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
laposta-spinmiix-laposta-campaigns-lite-settings
HTML Comments
<!-- Only show on our plugin pages or dashboard --><!-- Used for page identification only, not processing form data --><!-- Used for tab identification only, not processing form data --><!-- Check if we have campaigns being processed -->+1 more
Data Attributes
data-current-pagedata-current-tab
JS Globals
miix_laposta_campaigns_lite_current_screenmiix_laposta_campaigns_lite_current_pagemiix_laposta_campaigns_lite_current_tabmiix_laposta_campaigns_lite_queuemiix_laposta_campaigns_lite_queue_count
Shortcode Output
[miix_laposta_campaigns_lite]
FAQ

Frequently Asked Questions about Miix Laposta Campaigns Lite