Does Multi Vendor Campaign have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Multi Vendor Campaign compatible with WordPress 6.0.11?

According to WordPress.org data, Multi Vendor Campaign 1.0.1 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is Multi Vendor Campaign compatible with PHP 5.6+?

Multi Vendor Campaign requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Multi Vendor Campaign updated?

Multi Vendor Campaign was last updated on Jul 8, 2022. Frequent updates are generally a positive security signal.

What is Multi Vendor Campaign's security score?

Multi Vendor Campaign has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Multi Vendor Campaign Security & Risk Analysis

wordpress.org/plugins/multi-vendor-campaign

Earn more money by creating campaigns to allow vendors display their products on specific areas of your store.

10 active installs v1.0.1 PHP 5.6+ WP 4.7+ Updated Jul 8, 2022

campaignecommercemultivendormultivendor-campaignmvc

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Multi Vendor Campaign Safe to Use in 2026?

Generally Safe

Score 85/100

Multi Vendor Campaign has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "multi-vendor-campaign" v1.0.1 plugin exhibits a mixed security posture. On one hand, it demonstrates good practices in SQL query handling (98% prepared statements) and output escaping (93% properly escaped), with no known historical vulnerabilities or bundled libraries. This suggests a developer who is generally aware of secure coding principles.

However, significant concerns arise from the static analysis. The plugin has a small but completely unprotected attack surface, with all 4 AJAX handlers lacking authentication checks. Furthermore, the taint analysis reveals 10 flows with unsanitized paths, all classified as high severity. This indicates a high likelihood of vulnerabilities such as cross-site scripting (XSS) or insecure direct object references (IDOR) if these unsanitized paths are reachable by unauthenticated users, which is strongly suggested by the unprotected AJAX handlers.

The complete absence of past vulnerabilities and unpatched CVEs is a positive sign, but it could also mean that the plugin has not been subjected to thorough security auditing or that the existing vulnerabilities have not yet been discovered or exploited. The current findings, particularly the high-severity taint flows combined with unprotected entry points, present a critical risk that requires immediate attention.

Key Concerns

AJAX handlers without auth checks
High severity unsanitized taint flows
No capability checks on entry points
Unescaped output present

Vulnerabilities

None known

Multi Vendor Campaign Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Multi Vendor Campaign Release Timeline

v1.0.1Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Multi Vendor Campaign Code Analysis

Dangerous Functions

Raw SQL Queries

53 prepared

Unescaped Output

113 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

98% prepared54 total queries

Output Escaping

93% escaped121 total outputs

Data Flows · Security

10 unsanitized

Data Flow Analysis

11 flows10 with unsanitized paths

update_campaign_product_status (includes/class-multi-vendor-campaign-campaigns.php:542)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Multi Vendor Campaign Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_search_products_by_titleincludes/class-multi-vendor-campaign.php:242

authwp_ajax_subscribe_products_to_campaignincludes/class-multi-vendor-campaign.php:243

authwp_ajax_update_campaign_product_statusincludes/class-multi-vendor-campaign.php:244

authwp_ajax_unsubscribe_productincludes/class-multi-vendor-campaign.php:245

WordPress Hooks 39

actionplugins_loadedincludes/class-multi-vendor-campaign.php:154

actionadmin_enqueue_scriptsincludes/class-multi-vendor-campaign.php:170

actionadmin_enqueue_scriptsincludes/class-multi-vendor-campaign.php:171

actionadmin_menuincludes/class-multi-vendor-campaign.php:174

filterwcmp_vendor_dashboard_navincludes/class-multi-vendor-campaign.php:176

filterdokan_query_var_filterincludes/class-multi-vendor-campaign.php:180

filterdokan_get_dashboard_navincludes/class-multi-vendor-campaign.php:181

filterdokan_rewrite_rules_loadedincludes/class-multi-vendor-campaign.php:182

actiondokan_load_custom_templateincludes/class-multi-vendor-campaign.php:183

filtergettextincludes/class-multi-vendor-campaign.php:187

filteradmin_footer_textincludes/class-multi-vendor-campaign.php:191

filteradmin_footer_textincludes/class-multi-vendor-campaign.php:193

filtermanage_edit-shop_order_columnsincludes/class-multi-vendor-campaign.php:194

filtermanage_shop_order_posts_custom_columnincludes/class-multi-vendor-campaign.php:195

actionadd_meta_boxesincludes/class-multi-vendor-campaign.php:197

actionwoocommerce_payment_completeincludes/class-multi-vendor-campaign.php:204

filterwcv_commission_rate_percentincludes/class-multi-vendor-campaign.php:209

filterwcvendors_commission_argsincludes/class-multi-vendor-campaign.php:211

filterwcmp_get_commission_amountincludes/class-multi-vendor-campaign.php:214

filtervendor_commission_amountincludes/class-multi-vendor-campaign.php:215

filterdokan_get_earning_by_productincludes/class-multi-vendor-campaign.php:218

filteryith_wcmv_product_commissionincludes/class-multi-vendor-campaign.php:221

actionyith_wcmv_after_single_register_commissionincludes/class-multi-vendor-campaign.php:222

filterwoocommerce_product_get_sale_priceincludes/class-multi-vendor-campaign.php:228

filterwoocommerce_product_get_priceincludes/class-multi-vendor-campaign.php:229

filterwoocommerce_product_variation_get_priceincludes/class-multi-vendor-campaign.php:232

filterwoocommerce_product_variation_get_sale_priceincludes/class-multi-vendor-campaign.php:233

filterwoocommerce_get_sale_priceincludes/class-multi-vendor-campaign.php:238

filterwoocommerce_get_priceincludes/class-multi-vendor-campaign.php:239

actionwp_enqueue_scriptsincludes/class-multi-vendor-campaign.php:282

actionwp_enqueue_scriptsincludes/class-multi-vendor-campaign.php:283

actionwidgets_initincludes/class-multi-vendor-campaign.php:284

actionwoocommerce_product_queryincludes/class-multi-vendor-campaign.php:285

actionwoocommerce_before_shop_loop_item_titleincludes/class-multi-vendor-campaign.php:286

actionwoocommerce_before_single_product_summaryincludes/class-multi-vendor-campaign.php:287

filterthe_contentincludes/class-multi-vendor-campaign.php:289

filterposts_orderbyincludes/class-multi-vendor-campaign.php:290

filterpost_classincludes/class-multi-vendor-campaign.php:291

actionplugins_loadedmulti-vendor-campaign.php:66

Maintenance & Trust

Multi Vendor Campaign Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedJul 8, 2022

PHP min version5.6

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Multi Vendor Campaign Alternatives

ActiveCampaign for WooCommerce

activecampaign-for-woocommerce

100

Autonomous marketing to transform your store. Fuel your customer journeys with personalized experiences across email, SMS, and WhatsApp.

6K 1 CVE

Easy UTM Builder

easy-utm-builder

100

Easy to build trackable URLs with UTM parameters in Bulk (complete site or specific post type) for Google Analytics!

400 No CVEs

BayEngage: Email Marketing

bayengage-email-marketing

100

BayEngage Send email campaigns and newsletters. 250 free email templates.

40 No CVEs

GiantCampaign for WooCommerce

giantcampaign

Sync to your Audience in GiantCampaign.

0 No CVEs

JooCart – Powerful eCommerce with OpenCart and WordPress integration

joocart

100

JooCart brings OpenCart’s full-featured ecommerce system into your WordPress site for seamless selling.

0 No CVEs

Developer Profile

Multi Vendor Campaign Developer Profile

Rado Studio

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Multi Vendor Campaign

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/multi-vendor-campaign/assets/admin/css/admin.css/wp-content/plugins/multi-vendor-campaign/assets/shared/css/shared.css/wp-content/plugins/multi-vendor-campaign/assets/admin/js/admin.js/wp-content/plugins/multi-vendor-campaign/assets/shared/js/shared.js/wp-content/plugins/multi-vendor-campaign/assets/admin/images/icon.png

Script Paths

/wp-content/plugins/multi-vendor-campaign/assets/admin/js/admin.js/wp-content/plugins/multi-vendor-campaign/assets/shared/js/shared.js

Version Parameters

multi-vendor-campaign/assets/admin/css/admin.css?ver=multi-vendor-campaign/assets/shared/css/shared.css?ver=multi-vendor-campaign/assets/admin/js/admin.js?ver=multi-vendor-campaign/assets/shared/js/shared.js?ver=

HTML / DOM Fingerprints

CSS Classes

rad_mvc_campaigns

Data Attributes

data-plugin-name="multi-vendor-campaign"data-plugin-version="1.0.1"

JS Globals

rad_mvc_object

FAQ