Does BROSH CRM have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is BROSH CRM compatible with WordPress 6.4.8?

According to WordPress.org data, BROSH CRM 1.0 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is BROSH CRM compatible with PHP 5.6+?

BROSH CRM requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BROSH CRM updated?

BROSH CRM was last updated on Jun 13, 2024. Frequent updates are generally a positive security signal.

What is BROSH CRM's security score?

BROSH CRM has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BROSH CRM Security & Risk Analysis

wordpress.org/plugins/brosh-crm

BROSH - THE ALL-IN-ONE BUSINESS SUITE, THE ULTIMATE SOLUTION FOR SME!

0 active installs v1.0 PHP 5.6+ WP 4.5+ Updated Jun 13, 2024

bulk-emailscrmlead-trackingmarketing-automationsales-pipeline

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BROSH CRM Safe to Use in 2026?

Generally Safe

Score 92/100

BROSH CRM has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The static analysis of the "brosh-crm" v1.0 plugin reveals an exceptionally secure codebase from a technical standpoint. There are no identified entry points (AJAX handlers, REST API routes, shortcodes, cron events) that are exposed or unprotected. The code demonstrates excellent security practices by utilizing prepared statements for all SQL queries and properly escaping all output. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests contributes to a low-risk profile. The plugin also has no known vulnerabilities or a history of past security issues, suggesting a well-maintained and secure development process.

While the current technical assessment is highly positive, the complete lack of any entry points is unusual for a functional plugin. This could indicate either a very specialized plugin with no user interaction, or potentially that the analysis missed certain integration points. The absence of nonce and capability checks, while not a direct issue given the zero attack surface, would be a critical concern if any entry points were present. Overall, the plugin exhibits strong code hygiene, but the minimal attack surface warrants a note of caution in the absence of deeper understanding of its intended functionality and integration.

Key Concerns

No nonce checks identified
No capability checks identified

Vulnerabilities

None known

BROSH CRM Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

BROSH CRM Release Timeline

v2.0

Code Analysis

Analyzed Mar 17, 2026

BROSH CRM Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared3 total queries

Output Escaping

100% escaped19 total outputs

Attack Surface

BROSH CRM Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_initbroshcrm.php:49

actionadmin_enqueue_scriptsmain.php:19

actionadmin_menumain.php:20

Maintenance & Trust

BROSH CRM Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedJun 13, 2024

PHP min version5.6

Downloads719

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

BROSH CRM Alternatives

Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation

zero-bs-crm

The CRM for small businesses. Manage leads, invoicing, billing, email marketing, clients, contacts, quotes, automation. Works with WooCommerce too.

30K 8 CVEs

WP Fusion Lite – Marketing Automation and CRM Integration for WordPress

wp-fusion-lite

WP Fusion Lite synchronizes your WordPress users with contact records in your CRM or marketing automation system.

5K 4 CVEs

Groundhogg — CRM, Newsletters, and Marketing Automation

groundhogg

Groundhogg is the best WordPress CRM & Marketing Automation plugin. Create flows, email campaigns, and have a CRM all within your WordPress site.

2K 25 CVEs

SALESmanago & Leadoo

salesmanago

AI-powered Customer Engagement Platform for impact-hungry eCommerce marketing teams

1K 4 CVEs

Integration with HubSpot for WooCommerce

hubwoo-integration

A very powerful plugin to integrate your WooCommerce store with HubSpot seemlesly.

100 No CVEs

Developer Profile

BROSH CRM Developer Profile

Ben Ford

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BROSH CRM

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/brosh-crm/main.css/wp-content/plugins/brosh-crm/main.js

HTML / DOM Fingerprints

JS Globals

broshcrm_isDev

FAQ