WP-Safety

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Security & Risk Analysis

wordpress.org/plugins/chat-viber

Unlimited customer support tool that allows visitors to engage using Viber.

300 active installs v1.7.10 PHP + WP 5.0+ Updated Mar 12, 2026
chatcustomermessagingsupportviber
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 6, 2025
Plugin page Download
Safety Verdict

Is Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Safe to Use in 2026?

Generally Safe

Score 99/100

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jan 6, 2025Updated 2mo ago
Risk Assessment

The 'chat-viber' plugin version 1.7.10 demonstrates a generally good security posture with robust implementation of access controls and output sanitization. The static analysis reveals a significant number of capability checks and nonce checks, indicating a proactive approach to securing entry points. The high percentage of properly escaped outputs further mitigates the risk of Cross-Site Scripting (XSS) vulnerabilities. Taint analysis shows no identified flows with unsanitized paths, which is a very positive sign regarding the handling of potentially malicious input.

However, the presence of the `unserialize` function is a notable concern. While not directly flagged as vulnerable in the static or taint analysis, `unserialize` is inherently risky when processing untrusted data, as it can lead to object injection vulnerabilities if not handled with extreme care. The plugin's history includes one medium-severity CVE related to XSS, which, although currently patched, highlights a past weakness in input sanitization or output encoding. The fact that the last vulnerability was in early 2025 suggests it's a relatively recent issue and might indicate a pattern of previously overlooked vulnerabilities.

Overall, the plugin has a strong foundation in security best practices. The primary area of caution lies in the `unserialize` function, which should be carefully reviewed for potential misuse. The historical CVE, while patched, serves as a reminder to maintain vigilance, especially concerning input handling and output escaping.

Key Concerns

  • Presence of 'unserialize' function
  • One past medium CVE (XSS)
Vulnerabilities
1 published

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-12457medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode <= 1.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jan 6, 2025 Patched in 1.7.4 (11d)
Version History

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Release Timeline

v1.7.10Current
v1.7.9
v1.7.8
v1.7.7
v1.7.6
v1.7.5
v1.7.4
v1.7.31 CVE
CVE-2024-12457
v1.7.21 CVE
CVE-2024-12457
v1.7.11 CVE
CVE-2024-12457
v1.7.01 CVE
CVE-2024-12457
Code Analysis
Analyzed Mar 16, 2026

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Code Analysis

Dangerous Functions
1
Raw SQL Queries
1
2 prepared
Unescaped Output
86
1040 escaped
Nonce Checks
13
Capability Checks
5
File Operations
0
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugins = unserialize($response['body']);admin\HelpPage\Help.php:139

SQL Query Safety

67% prepared3 total queries

Output Escaping

92% escaped1126 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

5 flows
csf_export (admin\csf\functions\actions.php:62)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 7

authwp_ajax_csf-get-iconsadmin\csf\functions\actions.php:50
authwp_ajax_csf-exportadmin\csf\functions\actions.php:87
authwp_ajax_csf-importadmin\csf\functions\actions.php:123
authwp_ajax_csf-resetadmin\csf\functions\actions.php:150
authwp_ajax_csf-chosenadmin\csf\functions\actions.php:189
authwp_ajax_themeatelier_dismiss_offer_banneradmin\Helpers\ThemeAtelier_Offer_Banner.php:37
authwp_ajax_vchat-never-show-review-noticeadmin\HelpPage\ReviewNotice.php:28

Shortcodes 1

[vchat] view\shortcodes\custom-shortcode.php:13
WordPress Hooks 53
actionadmin_footeradmin\appsero\Insights.php:122
actionadmin_noticesadmin\appsero\Insights.php:141
actionadmin_initadmin\appsero\Insights.php:144
filtercron_schedulesadmin\appsero\Insights.php:150
actionwp_enqueue_scriptsadmin\csf\classes\abstract.class.php:20
actionadmin_menuadmin\csf\classes\admin-options.class.php:111
actionadmin_bar_menuadmin\csf\classes\admin-options.class.php:112
actionnetwork_admin_menuadmin\csf\classes\admin-options.class.php:116
filteradmin_footer_textadmin\csf\classes\admin-options.class.php:481
actioncustomize_registeradmin\csf\classes\customize-options.class.php:44
actioncustomize_save_afteradmin\csf\classes\customize-options.class.php:45
actionwp_enqueue_scriptsadmin\csf\classes\customize-options.class.php:49
actionadd_meta_boxesadmin\csf\classes\metabox-options.class.php:50
actionsave_postadmin\csf\classes\metabox-options.class.php:51
actionedit_attachmentadmin\csf\classes\metabox-options.class.php:52
actionafter_setup_themeadmin\csf\classes\setup.class.php:73
actioninitadmin\csf\classes\setup.class.php:74
actionswitch_themeadmin\csf\classes\setup.class.php:75
actionadmin_enqueue_scriptsadmin\csf\classes\setup.class.php:76
actionwp_enqueue_scriptsadmin\csf\classes\setup.class.php:77
actionwp_headadmin\csf\classes\setup.class.php:78
filteradmin_body_classadmin\csf\classes\setup.class.php:79
actionadmin_footeradmin\csf\fields\icon\icon.php:41
actioncustomize_controls_print_footer_scriptsadmin\csf\fields\icon\icon.php:42
actionadmin_print_footer_scriptsadmin\csf\fields\link\link.php:65
actionprint_default_editor_scriptsadmin\csf\fields\wp_editor\wp_editor.php:62
actionadmin_menuadmin\csf\views\welcome.php:19
filterplugin_action_linksadmin\csf\views\welcome.php:20
filterplugin_row_metaadmin\csf\views\welcome.php:21
actionadmin_noticesadmin\Helpers\ThemeAtelier_Offer_Banner.php:36
actionadmin_noticesadmin\HelpPage\ReviewNotice.php:27
actionadmin_enqueue_scriptsadmin\TADiscountPage\TADiscountNotice.php:7
actionadmin_noticesadmin\TADiscountPage\TADiscountNotice.php:8
actionadmin_initadmin\TADiscountPage\TADiscountNotice.php:9
actionadmin_enqueue_scriptsadmin\TADiscountPage\TADiscountPageWithMenu.php:7
actionadmin_noticesadmin\TADiscountPage\TADiscountPageWithMenu.php:8
actionadmin_initadmin\TADiscountPage\TADiscountPageWithMenu.php:9
actionplugins_loadedchat-viber-lite.php:46
filterkses_allowed_protocolschat-viber-lite.php:60
actioninitchat-viber-lite.php:71
actionblock_categories_allchat-viber-lite.php:88
actionafter_setup_themechat-viber-lite.php:100
actionadmin_menuchat-viber-lite.php:145
actionwp_enqueue_scriptsinc\class-enqueue.php:22
actionadmin_enqueue_scriptsinc\class-enqueue.php:23
actioninitview\elementor-widgets\elementor-widget.php:153
actionadmin_noticesview\elementor-widgets\elementor-widget.php:178
actionadmin_noticesview\elementor-widgets\elementor-widget.php:185
actionelementor/elements/categories_registeredview\elementor-widgets\elementor-widget.php:190
actionelementor/widgets/widgets_registeredview\elementor-widgets\elementor-widget.php:194
actionwp_enqueue_scriptsview\elementor-widgets\elementor-widget.php:197
actionwp_enqueue_scriptsview\elementor-widgets\elementor-widget.php:360
actionwp_footerview\single-chat-bubble\single-chat-bubble.php:11
Maintenance & Trust

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version
Downloads11K

Community Trust

Rating0/100
Number of ratings0
Active installs300
Alternatives

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Alternatives

Chat Floating Button BY XD

Chat Floating Button BY XD

chat-floating-button-by-xd

A
100

Floating button for chatting with your visitors via WhatsApp.

300 No CVEs
TalkJS

TalkJS

talkjs

A
99

Launch production-ready chat in minutes with a powerful API, feature-rich SDKs, and a fully customizable design.

50 1 CVE
Paldesk – Live Chat & Helpdesk

Paldesk – Live Chat & Helpdesk

paldesk-live-chat-helpdesk

A
85

Powerful live chat & helpdesk plugin made for your WordPress website. Convert leads to sales & help customers in real time - it's free!

30 No CVEs
RingQ Free Live Chat, Calls & Messaging

RingQ Free Live Chat, Calls & Messaging

ringq-chat-app

A
100

Connect your WordPress website to the RingQ platform with our lightweight, real-time customer chat widget.

20 No CVEs
Simple Chat Bot

Simple Chat Bot

simple-chat-bot

A
100

A user-friendly chatbot plugin for WordPress that enables seamless communication with your visitors via WhatsApp.

0 No CVEs
Developer Profile

Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode Developer Profile

Foysal Imran

8 plugins · 780 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
21 days
View full developer profile
Detection Fingerprints

How We Detect Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/chat-viber/admin/assets/css/style.css/wp-content/plugins/chat-viber/admin/assets/js/script.js/wp-content/plugins/chat-viber/inc/assets/css/chat-viber-style.css/wp-content/plugins/chat-viber/inc/assets/js/chat-viber.js
Script Paths
/wp-content/plugins/chat-viber/admin/assets/js/script.js/wp-content/plugins/chat-viber/inc/assets/js/chat-viber.js
Version Parameters
chat-viber/inc/assets/css/chat-viber-style.css?ver=chat-viber/inc/assets/js/chat-viber.js?ver=chat-viber/admin/assets/css/style.css?ver=chat-viber/admin/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
viber-chat-supportchat-viber-get-pro-text
HTML Comments
Cannot access directly.
Data Attributes
data-viber-chat-support
FAQ

Frequently Asked Questions about Chat Support for Viber – Chat Bubble and Chat Button for Gutenberg, Elementor and Shortcode