Does ChatBot for Telegram have any unpatched vulnerabilities?

No. All known vulnerabilities in ChatBot for Telegram have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ChatBot for Telegram compatible with WordPress 5.8.13?

According to WordPress.org data, ChatBot for Telegram 0.9.8 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is ChatBot for Telegram compatible with PHP 5.6+?

ChatBot for Telegram requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ChatBot for Telegram updated?

ChatBot for Telegram was last updated on Jul 4, 2025. Frequent updates are generally a positive security signal.

What is ChatBot for Telegram's security score?

ChatBot for Telegram has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ChatBot for Telegram Security & Risk Analysis

wordpress.org/plugins/chatbot-for-telegram

Telegram ChatBot. Create a Chat Bot for Telegram with the power of the WPBot. Supports Simple text Responses, conversational forms and more

10 active installs v0.9.8 PHP 5.6+ WP 4.6+ Updated Jul 4, 2025

bot-telegramchatbottelegramtelegram-bottelegram-chatbot

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ChatBot for Telegram Safe to Use in 2026?

Generally Safe

Score 100/100

ChatBot for Telegram has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "chatbot-for-telegram" plugin v0.9.8 exhibits a mixed security posture. On one hand, the static analysis shows a surprisingly small attack surface, with no apparent AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication or permission checks. The absence of any recorded vulnerabilities in its history is also a positive sign, suggesting diligent maintenance or a lack of past exploitable flaws.

However, the code analysis reveals significant areas of concern. The use of the `create_function` is a dated and potentially insecure practice that can lead to code injection vulnerabilities. Furthermore, the fact that 100% of its SQL queries are not using prepared statements is a critical vulnerability, opening the door to SQL injection attacks. The moderate percentage of properly escaped output also indicates a risk of cross-site scripting (XSS) vulnerabilities.

While the plugin has no known CVEs, the identified code quality issues, particularly the lack of prepared statements for SQL queries and the use of `create_function`, present clear and present risks. A balanced conclusion would be that the plugin has a low external attack surface, but internally, it harbors significant vulnerabilities that require immediate attention to prevent potential exploitation.

Key Concerns

SQL queries without prepared statements
Use of create_function
Output escaping not fully implemented
No nonce checks
No capability checks

Vulnerabilities

None known

ChatBot for Telegram Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ChatBot for Telegram Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_function$compute = create_function('', 'return '.$input.';');includes\functions.php:924

SQL Query Safety

0% prepared10 total queries

Output Escaping

66% escaped29 total outputs

Attack Surface

ChatBot for Telegram Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_menuincludes\admin\menu.php:16

actionadmin_initincludes\admin\menu.php:17

actionadmin_enqueue_scriptsincludes\admin\menu.php:18

actionadmin_post_qc_tg_connectincludes\admin\menu.php:19

actionrest_api_initincludes\class-webhook.php:30

actioninitinit.php:130

actioninitinit.php:131

actionadmin_noticesinit.php:136

Maintenance & Trust

ChatBot for Telegram Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedJul 4, 2025

PHP min version5.6

Downloads1K

Community Trust

Rating20/100

Number of ratings1

Active installs10

Alternatives

ChatBot for Telegram Alternatives

Bot for Telegram on WooCommerce

bot-for-telegram-on-woocommerce

Bot for Telegram on WooCommerce is a plugin that allows you to create a telegram online store based on your website with WooCommerce.

300 1 unpatched

Site Chat on Telegram

site-chat-on-telegram

Integrate a support chat on your website with Telegram. Customers message via chat widget; admins reply in Telegram.

100 1 CVE

Đẩy Thông Báo Woocommerce tới Telegram

wc-telegram-bot

Đây là plugin giúp đẩy thông báo đơn hàng Woocommerce qua Telegram BOT. Phát triển bởi Tám Tinh Tế.

100 No CVEs

Channeller – Telegram Channel Administrator

channeller-telegram-channel-administrator

Send Text, Link, Photo, Video and Audio Files from Wordpress to Telegram Channels and Groups using bots.

40 No CVEs

Teletter Telegram Newsletter

teletter-telegram-newsletter

Send Newsletter from Telegram Bot, user can subscribe to your site from Telegram Bot.

10 No CVEs

Developer Profile

ChatBot for Telegram Developer Profile

QuantumCloud

29 plugins · 26K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

255 days

View full developer profile

Detection Fingerprints

How We Detect ChatBot for Telegram

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/chatbot-for-telegram/js/admin-script.js

Version Parameters

chatbot-for-telegram/js/admin-script.js?ver=

HTML / DOM Fingerprints

REST Endpoints

/wp-json/wpbot/v2/telegram

FAQ