WP-Safety

Chat Bro Live Group Chat Security & Risk Analysis

wordpress.org/plugins/chatbro

Chat Bro - live Chat for your website. Turns your Telegram Chat or VK Chat into Live Chat on your website. Allows your visitors to Chat in live group …

200 active installs v4.1.0 PHP + WP + Updated May 22, 2024
chatchat-pluginchat-widgetlive-chattelegram-chat
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Chat Bro Live Group Chat Safe to Use in 2026?

Generally Safe

Score 92/100

Chat Bro Live Group Chat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The Chatbro plugin version 4.1.0 exhibits a mixed security posture with significant areas of concern despite a clean vulnerability history. The static analysis reveals a substantial attack surface, with all five AJAX handlers lacking authentication checks, posing a high risk of unauthorized execution of plugin functionalities. The near absence of proper output escaping (only 1% of 190 outputs) is a critical flaw, leaving the plugin highly susceptible to Cross-Site Scripting (XSS) vulnerabilities across various output points. The presence of the dangerous `create_function` function, while not a direct vulnerability in itself, is a poor coding practice that can lead to security issues if not handled with extreme care. Despite these concerning findings, the plugin's use of prepared statements for all SQL queries and a lack of recorded CVEs or taint analysis findings suggest a potential strength in data handling and a historical lack of exploited vulnerabilities.

Key Concerns

  • AJAX handlers without authentication checks
  • Severely lacking output escaping (1%)
  • Use of dangerous create_function
Vulnerabilities
None known

Chat Bro Live Group Chat Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Chat Bro Live Group Chat Release Timeline

v4.1.0Current
v4.0.5
v4.0.4
v4.0.3
v4.0.2
v4.0.1
v4.0.0
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.3.0
v2.2.10
v2.2.9
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
Code Analysis
Analyzed Mar 16, 2026

Chat Bro Live Group Chat Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
188
2 escaped
Nonce Checks
5
Capability Checks
7
File Operations
12
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

create_functionreturn create_function('$n', $func_body);common\Core\l10n\pomo\translations.php:208

Output Escaping

1% escaped190 total outputs
Attack Surface
5 unprotected

Chat Bro Live Group Chat Attack Surface

Entry Points6
Unprotected5

AJAX Handlers 5

authwp_ajax_chatbro_save_settingsinit.php:121
authwp_ajax_chatbro_create_chatinit.php:122
authwp_ajax_chatbro_update_chatinit.php:123
authwp_ajax_chatbro_delete_chatinit.php:124
authwp_ajax_chatbro_get_chatsinit.php:125

Shortcodes 1

[chatbro] common\Shortcodes\CbroShortCode.php:24
WordPress Hooks 5
filterload_textdomain_mofileinit.php:115
actioninitinit.php:117
actionadmin_menuinit.php:118
actionwp_footerinit.php:119
actionwidgets_initinit.php:127
Maintenance & Trust

Chat Bro Live Group Chat Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedMay 22, 2024
PHP min version
Downloads38K

Community Trust

Rating88/100
Number of ratings20
Active installs200
Alternatives

Chat Bro Live Group Chat Alternatives

Chaport — Live Chat & Chatbots

Chaport — Live Chat & Chatbots

chaport

A
99

Modern live chat plugin for WordPress. Powerful features: multi-channel, chatbots, customization, etc. Free plan. Unlimited chats & websites.

2K 1 CVE
HelpCrunch – Live Chat, Chatbot & Knowledge Base for Customer Service

HelpCrunch – Live Chat, Chatbot & Knowledge Base for Customer Service

helpcrunch-live-chat

A
100

The one-stop platform for even stronger customer relations. Bolster your customer support with its live chat, chatbot, and knowledge base software.

2K No CVEs
WPChat – Live Chat & Messaging Widget for Customer Support

WPChat – Live Chat & Messaging Widget for Customer Support

smashballoon-wpchat-livechat-customer-support

A
100

WordPress WhatsApp chat plugin with a live chat widget for WhatsApp, Messenger, Telegram & Instagram. Includes smart FAQs and chat funnels.

200 No CVEs
ChatSupport

ChatSupport

chatsupport

A
85

The ChatSupport plugin enables you to easily add a live chat widget to your WordPress site and start providing support to your web visitors.

60 No CVEs
LiveHelpNow Help Desk

LiveHelpNow Help Desk

livehelpnow-helpdesk

A
85

LiveHelpNow Help desk embed plugin facilitates real time interactions between your website visitors and your customer service via multiple channels.

60 No CVEs
Developer Profile

Chat Bro Live Group Chat Developer Profile

ChatBro

1 plugin · 200 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Chat Bro Live Group Chat

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/chatbro/js/chatbro.js/wp-content/plugins/chatbro/css/chatbro.css
Script Paths
chatbro/js/chatbro.js
Version Parameters
chatbro/js/chatbro.js?ver=chatbro/css/chatbro.css?ver=

HTML / DOM Fingerprints

Data Attributes
data-chatbro-id
JS Globals
cBroGlobals
REST Endpoints
/wp-json/chatbro/v1/chat
Shortcode Output
[chatbro id="%s" static="true"][chatbro id="%s" child="true" title="Child chat %s"]
FAQ

Frequently Asked Questions about Chat Bro Live Group Chat