Does ActiveCampaign Postmark for WordPress have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ActiveCampaign Postmark for WordPress compatible with WordPress 6.7.5?

According to WordPress.org data, ActiveCampaign Postmark for WordPress 1.19.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is ActiveCampaign Postmark for WordPress compatible with PHP 7.0+?

ActiveCampaign Postmark for WordPress requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ActiveCampaign Postmark for WordPress updated?

ActiveCampaign Postmark for WordPress was last updated on Nov 18, 2024. Frequent updates are generally a positive security signal.

What is ActiveCampaign Postmark for WordPress's security score?

ActiveCampaign Postmark for WordPress has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ActiveCampaign Postmark for WordPress Security & Risk Analysis

wordpress.org/plugins/postmark-approved-wordpress-plugin

The officially-supported ActiveCampaign Postmark plugin for Wordpress.

50K active installs v1.19.1 PHP 7.0+ WP 5.3+ Updated Nov 18, 2024

emailnotificationspostmarksmtpwp_mail

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ActiveCampaign Postmark for WordPress Safe to Use in 2026?

Generally Safe

Score 92/100

ActiveCampaign Postmark for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The Postmark Approved WordPress Plugin v1.19.1 exhibits a generally strong security posture, with no recorded vulnerabilities or critical findings in taint analysis. The codebase shows good practices such as a high percentage of prepared SQL statements and proper output escaping. However, a significant concern arises from the presence of an unprotected AJAX handler, which represents a direct attack vector if exploited. While the plugin has a clean vulnerability history, the lack of authentication on one of its entry points is a notable weakness. The limited attack surface, with only four entry points and one cron event, is a positive attribute. Despite the absence of critical flaws, the unprotected AJAX handler necessitates attention to mitigate potential security risks.

Key Concerns

Unprotected AJAX handler
Moderate percentage of unescaped output

Vulnerabilities

None known

ActiveCampaign Postmark for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ActiveCampaign Postmark for WordPress Release Timeline

v1.20.0

v1.19.1Current

v1.19.0

v1.18.1

v1.18.0

v1.17.2

v1.17.1

v1.17.0

v1.16.1

v1.16.0

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.15.0

v1.14.0

v1.13.7

Code Analysis

Analyzed Mar 16, 2026

ActiveCampaign Postmark for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

82% prepared11 total queries

Output Escaping

68% escaped19 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

postmark_load_more_logs (postmark.php:156)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

ActiveCampaign Postmark for WordPress Attack Surface

Entry Points4

Unprotected1

AJAX Handlers 4

authwp_ajax_postmark_savepostmark.php:91

authwp_ajax_postmark_testpostmark.php:92

authwp_ajax_postmark_load_more_logspostmark.php:93

authwp_ajax_postmark_test_pluginpostmark.php:94

WordPress Hooks 5

filterdebug_informationincludes\class-postmark-debug.php:12

filterinitpostmark.php:79

actionadmin_menupostmark.php:90

actionpm_log_cron_jobpostmark.php:412

actionupgrader_process_completepostmark.php:520

Scheduled Events 1

pm_log_cron_job

Maintenance & Trust

ActiveCampaign Postmark for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 18, 2024

PHP min version7.0

Downloads765K

Community Trust

Rating94/100

Number of ratings30

Active installs50K

Alternatives

ActiveCampaign Postmark for WordPress Alternatives

PostmarkApp Email Integrator

postmarkapp-email-integrator

Enables your WordPress site to send emails via PostMarkApp API.

60 1 unpatched

SMTP2GO for WordPress – Email Made Easy

smtp2go

Resolve email delivery issues, increase inbox placement, track sent email, get 24/7 support, and real-time reporting.

30K 2 CVEs

WPO365 | MICROSOFT 365 GRAPH MAILER

wpo365-msgraphmailer

Send WordPress emails from a M365 / Exchange Online Mailbox using Microsoft Graph, leveraging OAuth for authentication which is more secure than SMTP

10K 1 CVE

YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP Service

yaysmtp

Send WordPress emails successfully with WP Mail SMTP via your favorite mailer

10K 8 CVEs

Swift SMTP (formerly Welcome Email Editor)

welcome-email-editor

Swift SMTP is a free & simple SMTP Plugin for WordPress.

8K 2 CVEs

Developer Profile

ActiveCampaign Postmark for WordPress Developer Profile

alexknowshtml

1 plugin · 50K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ActiveCampaign Postmark for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/postmark-approved-wordpress-plugin/assets/css/main.css/wp-content/plugins/postmark-approved-wordpress-plugin/assets/js/dist/main.js/wp-content/plugins/postmark-approved-wordpress-plugin/assets/js/vendors/cropper.min.js/wp-content/plugins/postmark-approved-wordpress-plugin/assets/js/vendors/jquery.repeater.min.js/wp-content/plugins/postmark-approved-wordpress-plugin/assets/js/vendors/select2.min.js/wp-content/plugins/postmark-approved-wordpress-plugin/assets/css/vendors/select2.min.css/wp-content/plugins/postmark-approved-wordpress-plugin/assets/css/vendors/cropper.min.css

Script Paths

/wp-content/plugins/postmark-approved-wordpress-plugin/assets/js/dist/main.js

Version Parameters

postmark-approved-wordpress-plugin/assets/css/main.css?ver=postmark-approved-wordpress-plugin/assets/js/dist/main.js?ver=postmark-approved-wordpress-plugin/assets/js/vendors/cropper.min.js?ver=postmark-approved-wordpress-plugin/assets/js/vendors/jquery.repeater.min.js?ver=postmark-approved-wordpress-plugin/assets/js/vendors/select2.min.js?ver=postmark-approved-wordpress-plugin/assets/css/vendors/select2.min.css?ver=postmark-approved-wordpress-plugin/assets/css/vendors/cropper.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

postmark-template-selectorpostmark-template-editpostmark-template-addpostmark-templates-tablepostmark-logs-tablepostmark-settings-formpostmark-test-email-formpostmark-menu-page+1 more

Data Attributes

data-postmark-template-iddata-postmark-template-namedata-postmark-template-content

JS Globals

postmark_ajax_objectpostmark_vars

REST Endpoints

/wp-json/postmark/v1/templates/wp-json/postmark/v1/templates/(?P<id>\d+)/wp-json/postmark/v1/logs

FAQ