Does PersonalizeWP have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is PersonalizeWP compatible with WordPress 6.9.4?

According to WordPress.org data, PersonalizeWP 3.5.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is PersonalizeWP compatible with PHP 7.4+?

PersonalizeWP requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is PersonalizeWP updated?

PersonalizeWP was last updated on Apr 15, 2026. Frequent updates are generally a positive security signal.

What is PersonalizeWP's security score?

PersonalizeWP has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PersonalizeWP Security & Risk Analysis

wordpress.org/plugins/personalizewp

Add powerful personalization features to your WordPress site. Show different content to visitors based on their behavior, profile, location, and more.

10 active installs v3.5.2 PHP 7.4+ WP 6.4.0+ Updated Apr 15, 2026

conversiondisplay-conditionsdynamic-contentpersonalizesegment

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PersonalizeWP Safe to Use in 2026?

Generally Safe

Score 100/100

PersonalizeWP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "personalizewp" v3.4.2 plugin exhibits a generally good security posture, with a high percentage of properly escaped outputs and the absence of dangerous functions or critical taint analysis findings. The extensive use of prepared statements for SQL queries and a substantial number of nonce and capability checks further indicate a commitment to secure coding practices. However, the presence of three AJAX handlers without authentication checks represents a significant security concern, potentially exposing sensitive functionality to unauthorized users. While the plugin has no recorded vulnerability history, this does not guarantee future safety, and the identified attack surface without proper authorization warrants careful consideration. The plugin's strengths lie in its robust output escaping and SQL handling, but the unprotected AJAX endpoints introduce a notable risk that should be addressed.

Key Concerns

Unprotected AJAX handlers

Vulnerabilities

None known

PersonalizeWP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

PersonalizeWP Release Timeline

v3.5.2Current

v3.5.1

v3.5.0

v3.4.2

v3.4.1

v3.4.0

v3.3.0

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.0

v3.0.2

v3.0.1

v3.0.0

v2.9.0

v2.8.0

v2.7.0

v2.6.0

v2.5.0

Code Analysis

Analyzed Mar 16, 2026

PersonalizeWP Code Analysis

Dangerous Functions

Raw SQL Queries

135 prepared

Unescaped Output

887 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

77% prepared176 total queries

Output Escaping

98% escaped901 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

21 flows

add_form_actions (admin\class-listtableactivity.php:711)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

PersonalizeWP Attack Surface

Entry Points6

Unprotected3

AJAX Handlers 6

authwp_ajax_pwp_dismiss_onboarding_messageadmin\class-admin.php:158

authwp_ajax_pwp_newsletter_signupadmin\class-admin.php:161

authwp_ajax_pwp_add_url_api_authenticationadmin\class-admin.php:162

authwp_ajax_pwp_revoke_url_api_authenticationadmin\class-admin.php:163

authwp_ajax_pwp_onboarding_wizardadmin\class-onboarding-wizard.php:41

authwp_ajax_pwp_onboarding_closeadmin\class-onboarding-wizard.php:42

WordPress Hooks 148

actionwp_insert_post_dataadmin\class-admin-blocks.php:68

actionsave_postadmin\class-admin-blocks.php:71

actiondelete_postadmin\class-admin-blocks.php:73

actionadmin_enqueue_scriptsadmin\class-admin.php:112

actionenqueue_block_assetsadmin\class-admin.php:115

actionenqueue_block_editor_assetsadmin\class-admin.php:118

actionadmin_menuadmin\class-admin.php:120

actionadmin_print_scriptsadmin\class-admin.php:125

filterremovable_query_argsadmin\class-admin.php:128

actionadmin_print_footer_scriptsadmin\class-admin.php:146

actionadmin_noticesadmin\class-admin.php:176

filterafter_plugin_row_metaadmin\class-admin.php:179

filteradmin_body_classadmin\class-admin.php:269

actioninitadmin\class-data-export.php:68

actionpersonalizewp_activity_filter_fieldsadmin\class-listtableactivity.php:58

actionadmin_initadmin\class-onboarding-wizard.php:38

actionadmin_action_pwp_onboarding_completeadmin\class-onboarding-wizard.php:39

actionpersonalizewp_footeradmin\class-onboarding-wizard.php:44

actionadmin_initadmin\class-pageactivities.php:69

filterset-screen-optionadmin\class-pageactivities.php:70

actionadmin_initadmin\class-pagecategories.php:98

filterset-screen-optionadmin\class-pagecategories.php:99

filterparent_fileadmin\class-pagecategories.php:100

actionadmin_initadmin\class-pagecontacts.php:85

filterset-screen-optionadmin\class-pagecontacts.php:86

filterparent_fileadmin\class-pagecontacts.php:87

filterpersonalizewp_activity_delete_redirectadmin\class-pagecontacts.php:89

filterpersonalizewp_activity_row_actionsadmin\class-pagecontacts.php:90

filterpersonalizewp_activity_sortable_columnsadmin\class-pagecontacts.php:91

filterpersonalizewp_activity_table_columnsadmin\class-pagecontacts.php:92

filterpersonalizewp_activity_request_clausesadmin\class-pagecontacts.php:308

filterpersonalizewp_activity_filter_fieldsadmin\class-pagecontacts.php:309

filterpersonalizewp_activity_filter_fieldsadmin\class-pagecontacts.php:339

actionadmin_initadmin\class-pagedataexport.php:79

filterparent_fileadmin\class-pagedataexport.php:80

filterset-screen-optionadmin\class-pagedataexport.php:81

actionadmin_initadmin\class-pagerules.php:89

filterset-screen-optionadmin\class-pagerules.php:90

actionadmin_initadmin\class-pagescoringrules.php:112

filterset-screen-optionadmin\class-pagescoringrules.php:113

actionadmin_initadmin\class-pagesegments.php:105

filterset-screen-optionadmin\class-pagesegments.php:106

filterpersonalizewp_contacts_row_actionsadmin\class-pagesegments.php:322

filterpersonalizewp_contacts_clauses_requestadmin\class-pagesegments.php:323

actionpersonalizewp_contacts_search_fieldsadmin\class-pagesegments.php:324

actionpersonalizewp_rule_condition_custom_fieldsadmin\class-ruleformextension.php:51

actionpersonalizewp_rule_condition_template_custom_fieldsadmin\class-ruleformextension.php:52

actionadmin_enqueue_scriptsadmin\class-ruleformextension.php:53

actionactivated_pluginincludes\class-activator.php:29

actionrest_api_initincludes\class-api.php:80

actionrest_api_initincludes\class-api.php:81

actionwp_loadedincludes\class-api.php:82

filterrest_pre_dispatchincludes\class-api.php:85

filterrest_allowed_cors_headersincludes\class-api.php:86

filterrest_exposed_cors_headersincludes\class-api.php:87

actionwpincludes\class-block-renderer.php:57

filterpre_render_blockincludes\class-block-renderer.php:61

filterrender_blockincludes\class-block-renderer.php:62

filterrender_block_personalizewp-pro/variations-blockincludes\class-block-renderer.php:65

filterrender_block_personalizewp-pro/variationincludes\class-block-renderer.php:67

filterrender_block_personalizewp-pro/variation-fallbackincludes\class-block-renderer.php:68

filterpersonalizewp_block_render_placeholderincludes\class-block-renderer.php:73

filterpersonalizewp_block_render_legacy_placeholderincludes\class-block-renderer.php:74

filterpersonalizewp_check_render_block_logicincludes\class-block-renderer.php:82

actionpersonalizewp_batch_user_memberships_team_backfillincludes\class-db-manager.php:69

filterpersonalizewp_pro_disable_loadingincludes\class-personalizewp.php:219

filterregister_block_type_argsincludes\class-personalizewp.php:222

actioninitincludes\class-personalizewp.php:224

actionwpincludes\class-personalizewp.php:285

actionpersonalizewp_daily_purge_expired_activity_logsincludes\class-personalizewp.php:287

actionpersonalizewp_daily_purge_expired_anonymous_profilesincludes\class-personalizewp.php:288

actionpersonalizewp_daily_purge_expired_known_profilesincludes\class-personalizewp.php:289

actionpersonalizewp_daily_cleanup_export_filesincludes\class-personalizewp.php:290

filterblock_categories_allincludes\class-personalizewp.php:469

actionwp_enqueue_scriptsincludes\class-publicfacing.php:54

actionwp_enqueue_scriptsincludes\class-publicfacing.php:55

actionadmin_initincludes\class-settings.php:60

actionpersonalizewp_profile_extended_fieldsincludes\class-settings.php:61

actionpersonalizewp_after_settingsincludes\class-settings.php:710

actionpersonalizewp_after_settingsincludes\class-settings.php:816

filtergform_pre_renderincludes\integrations\gravityforms\class-gravityforms.php:87

filtergform_entry_post_saveincludes\integrations\gravityforms\class-gravityforms.php:89

actionwp_footerincludes\integrations\gravityforms\class-gravityforms.php:306

actiongform_loadedincludes\integrations\gravityforms.php:34

actionpersonalizewp_register_integrationsincludes\integrations\gravityforms.php:47

actioninitincludes\integrations\ninjaforms\class-ninjaforms.php:77

filterninja_forms_loadedincludes\integrations\ninjaforms\class-ninjaforms.php:78

actionninja_forms_before_form_displayincludes\integrations\ninjaforms\class-ninjaforms.php:104

actionninja_forms_after_submissionincludes\integrations\ninjaforms\class-ninjaforms.php:107

actionwp_footerincludes\integrations\ninjaforms\class-ninjaforms.php:308

actionninja_forms_register_actionsincludes\integrations\ninjaforms.php:33

actionpersonalizewp_register_integrationsincludes\integrations\ninjaforms.php:41

filterpersonalizewp_activity_table_columnsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:53

filterpersonalizewp_activity_table_custom_columnincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:54

actionpersonalizewp_activity_filter_fieldsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:57

filterpersonalizewp_activity_request_clausesincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:58

actionpersonalizewp_activity_filter_fieldsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:61

filterpersonalizewp_activity_request_clausesincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:62

filterpersonalizewp_contacts_table_columnsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:65

filterpersonalizewp_contacts_table_custom_columnincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:66

actionpersonalizewp_contacts_filter_fieldsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:69

filterpersonalizewp_contacts_clauses_requestincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:70

filterpersonalizewp_contact_profile_fieldsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:73

filterpersonalizewp_export_data_typesincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:76

filterpersonalizewp_export_default_export_typeincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:77

actionpersonalizewp_export_after_select_data_typesincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:78

filterpersonalizewp_export_paramsincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:81

filterpersonalizewp_export_request_clausesincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:82

filterpersonalizewp_export_csv_headersincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:83

filterpersonalizewp_export_csv_rowincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:84

actionpersonalizewp_added_contact_metaincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:87

actionpersonalizewp_updated_contact_metaincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:88

actionpersonalizewp_deleted_contact_metaincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:89

actionwc_memberships_for_teams_add_team_memberincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:92

actionwc_memberships_for_teams_after_remove_team_memberincludes\integrations\woocommerce\class-woocommerce-memberships-teams.php:93

actionpersonalizewp_loadedincludes\integrations\woocommerce.php:31

actionpersonalizewp_register_integrationsincludes\integrations\woocommerce.php:54

actioninitincludes\integrations\wsform\class-wsform.php:55

filterwsf_config_meta_keysincludes\integrations\wsform\class-wsform.php:58

filterwsf_submit_hidden_fieldsincludes\integrations\wsform\class-wsform.php:61

actionwsf_plugins_loadedincludes\integrations\wsform.php:33

filterwsf_enqueue_scriptsincludes\integrations\wsform.php:43

actionwp_footerincludes\integrations\wsform.php:47

actionpersonalizewp_register_integrationsincludes\integrations\wsform.php:51

filterpre_render_blockincludes\rest\class-blocks-controller.php:495

filterpre_render_blockincludes\rest\class-blocks-controller.php:707

filterpersonalizewp_activity_record_dataincludes\scoring-rules\class-base.php:95

actionpersonalizewp_contact_update_scoreincludes\segments\class-lead-score.php:43

actionpersonalizewp_activity_recordincludes\segments\class-location.php:45

actionpersonalizewp_activity_recordincludes\segments\class-query.php:38

actionpersonalizewp_activity_recordincludes\segments\class-referer.php:38

actionwp_footerincludes\tracking\class-base.php:69

actionwp_insert_commentincludes\tracking\class-comments.php:32

actioncomment_formincludes\tracking\class-comments.php:33

filterpersonalizewp_pre_record_activityincludes\tracking\class-exclusions.php:26

actionlogin_formincludes\tracking\class-user.php:32

actionwoocommerce_login_form_endincludes\tracking\class-user.php:33

actionwp_loginincludes\tracking\class-user.php:34

actionlogin_footerincludes\tracking\class-user.php:36

actionshow_user_profileincludes\tracking\class-user.php:40

actionshow_user_profileincludes\tracking\class-user.php:42

actionprofile_updateincludes\tracking\class-user.php:43

actionwp_footerincludes\tracking\class-woocommerce.php:38

actionwp_footerincludes\tracking\class-woocommerce.php:39

actionpersonalizewp_pre_record_activityincludes\tracking\class-woocommerce.php:42

actionwoocommerce_store_api_checkout_update_order_metaincludes\tracking\class-woocommerce.php:45

actionwoocommerce_checkout_order_createdincludes\tracking\class-woocommerce.php:48

actionwoocommerce_order_status_completedincludes\tracking\class-woocommerce.php:51

Scheduled Events 5

personalizewp_weekly_scheduled_events

personalizewp_daily_purge_expired_anonymous_profiles

personalizewp_daily_purge_expired_known_profiles

personalizewp_daily_purge_expired_activity_logs

personalizewp_daily_cleanup_export_files

Maintenance & Trust

PersonalizeWP Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 15, 2026

PHP min version7.4

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

PersonalizeWP Alternatives

Clerk

clerkio

Clerk.io is a software that helps your customers buy more from your webshop, through 4 amazing feature:

300 1 CVE

Convesio Convert – WooCommerce Email Marketing Automation with Website Personalization, Popups and Forms

marketing-automation-and-personalization

100

Sell more with less effort using personalized marketing automation, email, popups, forms, dynamic webpages, and advanced customer segmentation.

100 No CVEs

NEEED – Dynamic Websites

neeed-dynamic-websites

NEEED helps you to individually communicate with your visitors. Show dynamic content based on the situation, history and behavior of each visitor.

20 No CVEs

DXP ToolKit

dxp-toolkit

100

Boost conversions by engaging your audience with DXP ToolKit's no-code personalization for digital experiences!

10 No CVEs

TargetAudience

targetaudience

TargetAudience helps you to address your website audience more precisely.

0 No CVEs

Developer Profile

PersonalizeWP Developer Profile

Filter

2 plugins · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PersonalizeWP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/personalizewp/dist/css/personalizewp-admin.css/wp-content/plugins/personalizewp/dist/js/personalizewp-admin.js/wp-content/plugins/personalizewp/dist/css/personalizewp-editor.css/wp-content/plugins/personalizewp/dist/js/personalizewp-editor.js/wp-content/plugins/personalizewp/dist/js/personalizewp-frontend.js/wp-content/plugins/personalizewp/dist/css/personalizewp-frontend.css/wp-content/plugins/personalizewp/dist/js/vendors.js/wp-content/plugins/personalizewp/dist/css/vendors.css

Script Paths

/wp-content/plugins/personalizewp/dist/js/personalizewp-admin.js/wp-content/plugins/personalizewp/dist/js/personalizewp-editor.js/wp-content/plugins/personalizewp/dist/js/personalizewp-frontend.js/wp-content/plugins/personalizewp/dist/js/vendors.js

Version Parameters

personalizewp/dist/css/personalizewp-admin.css?ver=personalizewp/dist/js/personalizewp-admin.js?ver=personalizewp/dist/css/personalizewp-editor.css?ver=personalizewp/dist/js/personalizewp-editor.js?ver=personalizewp/dist/js/personalizewp-frontend.js?ver=personalizewp/dist/css/personalizewp-frontend.css?ver=personalizewp/dist/js/vendors.js?ver=personalizewp/dist/css/vendors.css?ver=

HTML / DOM Fingerprints

CSS Classes

personalizewp-admin-pagepersonalizewp-editor-stylespersonalizewp-frontend-styles

HTML Comments

Data Attributes

data-personalizewp-noncedata-personalizewp-ajax-url

JS Globals

personalizewp_admin_paramspersonalizewp_editor_paramspersonalizewp_frontend_paramsPersonalizeWP

REST Endpoints

/wp-json/personalizewp/v1/settings/wp-json/personalizewp/v1/rules/wp-json/personalizewp/v1/segments

Shortcode Output

[personalizewp_content][personalizewp_segment]

FAQ