Advanced Contact Button Security & Risk Analysis
wordpress.org/plugins/advanced-contact-buttonAdd beautiful floating contact buttons (Call, Email, WhatsApp, WeChat) to your WordPress website with customizable settings.
Is Advanced Contact Button Safe to Use in 2026?
Generally Safe
Score 100/100Advanced Contact Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The advanced-contact-button plugin version 1.0.2 demonstrates a strong security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points significantly limits the plugin's attack surface. Furthermore, the code adheres to excellent security practices by using prepared statements for all SQL queries, properly escaping all output, and avoiding file operations and external HTTP requests. The presence of a capability check further reinforces secure access to its functionalities.
While the static analysis reveals no critical or high-severity issues, the lack of nonce checks is a notable concern. Although the current attack surface is zero, if any new functionalities are introduced that involve AJAX or other user-interactive components in the future, the absence of nonce checks could expose the plugin to Cross-Site Request Forgery (CSRF) vulnerabilities. The vulnerability history is also clean, with no recorded CVEs, indicating a lack of known past security issues and a potentially stable codebase.
In conclusion, the plugin is currently very secure with no apparent exploitable vulnerabilities in its existing functionality. Its strengths lie in its minimal attack surface and adherence to secure coding practices for database and output handling. The primary weakness, however, is the absence of nonce checks, which represents a potential future risk should the plugin's features expand.
Key Concerns
- Missing nonce checks
Advanced Contact Button Security Vulnerabilities
Advanced Contact Button Code Analysis
Output Escaping
Advanced Contact Button Attack Surface
WordPress Hooks 5
Maintenance & Trust
Advanced Contact Button Maintenance & Trust
Maintenance Signals
Community Trust
Advanced Contact Button Alternatives
Floating Contact Buttons
degx-floating-buttons
Add customizable WhatsApp and Phone floating buttons to your WordPress website.
Simple Contact Bar
simple-contact-bar
Simple Contact Bar: A plugin that easily adds Call Now and WhatsApp Message buttons to your site, along with customizable options and a popup feature …
All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements
mystickyelements
Get leads with a floating contact form tab, chat & social buttons like Facebook Messenger, WhatsApp, Viber, Telegram, Twitter, Instagram & more 🎉
Sticky Chat Widget – Floating Chat Icons, Contact Form, Call, Click to Chat, Email & Message Buttons
sticky-chat-widget
Social chat buttons with WhatsApp, Messenger, WeChat, Telegram, Instagram, TikTok, Zalo & more — plus SMS, Call button, Contact form, and 20+ icons.
Click to Call or Chat Buttons
click-to-call-or-chat-buttons
This plugin adds Phone Call and WhatsApp button on your webpage.
Advanced Contact Button Developer Profile
37 plugins · 10K total installs
How We Detect Advanced Contact Button
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/advanced-contact-button/css/advcntbtn-style.css/wp-content/plugins/advanced-contact-button/js/advcntbtn-script.js/wp-content/plugins/advanced-contact-button/js/advcntbtn-script.jsadvanced-contact-button/css/advcntbtn-style.css?ver=advanced-contact-button/js/advcntbtn-script.js?ver=HTML / DOM Fingerprints
advcntbtn-containeradvcntbtn-buttonadvcntbtn-iconadvcntbtn-text<!-- Advanced Contact Button Start --><!-- Advanced Contact Button End -->data-advcntbtn-positiondata-advcntbtn-styleadvcntbtn_settings_object