Why we removed the ability to unsubscribe through sign-up forms

Published on by

Version 4.12.0, released last week, removes the ability to process unsubscribe requests through Mailchimp for WordPress forms. This is a change we’ve been considering for a while, and I want to explain the reasoning.

A bit of history

In version 2.3 back in 2015, we added the ability to handle unsubscribes through the plugin’s sign-up forms. The idea was to give site owners full control over the unsubscribe experience — keeping visitors on your site rather than sending them to Mailchimp’s hosted page.

It worked, and some users relied on it. But it had a fundamental design problem that we never fully solved.

The problem: no email verification

When someone fills in an unsubscribe form, the plugin would take the submitted email address at face value and unsubscribe it from your Mailchimp audience. There was no step to verify that the person submitting the form actually owned that email address.

In practice, this meant that anyone could unsubscribe any email address from your list, just by submitting a form with that address. A competitor, a disgruntled person, or an automated script could systematically remove subscribers you’d worked hard to build. We received reports of exactly this happening.

Mailchimp’s own unsubscribe flow doesn’t have this problem because it sends a confirmation email — you can only unsubscribe an address if you can click a link delivered to that inbox.

What you should use instead

Mailchimp provides a hosted unsubscribe page for every audience. It handles email verification correctly and is the right tool for this job.

You can link to it from anywhere on your site. To find the URL, go to your Mailchimp account, open the audience, and look under Signup forms → Unsubscribe form.

If you need the unsubscribe link to appear in emails you’re sending, Mailchimp’s *|UNSUB|* merge tag generates the correct link automatically.

If you were using this feature

Existing forms with unsubscribe functionality set up will no longer process those requests after updating. Please update your forms to link to Mailchimp’s hosted unsubscribe page instead.

If you have questions or need help finding the right unsubscribe URL for your audience, get in touch.