Does ChatSupport have any unpatched vulnerabilities?

No. All known vulnerabilities in ChatSupport have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ChatSupport compatible with WordPress 6.3.8?

According to WordPress.org data, ChatSupport 2.4 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

How often is ChatSupport updated?

ChatSupport was last updated on Sep 11, 2023. Frequent updates are generally a positive security signal.

What is ChatSupport's security score?

ChatSupport has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ChatSupport Security & Risk Analysis

wordpress.org/plugins/chatsupport

The ChatSupport plugin enables you to easily add a live chat widget to your WordPress site and start providing support to your web visitors.

60 active installs v2.4 PHP + WP + Updated Sep 11, 2023

chat-answeringchat-pluginchat-widgetfree-chatlive-chat

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is ChatSupport Safe to Use in 2026?

Generally Safe

Score 85/100

ChatSupport has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the 'chatsupport' plugin v2.4 exhibits a strong security posture with no critical or high-severity issues identified. The absence of known CVEs and a clean vulnerability history are positive indicators. The plugin also demonstrates good coding practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and having no file operations or external HTTP requests. This suggests a development team that is mindful of common security pitfalls.

However, there are areas for improvement. The most significant concern is the low percentage of properly escaped output (47%). This means that nearly half of the output within the plugin is not being properly sanitized, leaving it vulnerable to Cross-Site Scripting (XSS) attacks. While the attack surface is currently zero, this lack of output escaping on many outputs is a notable weakness. Additionally, the complete absence of nonce and capability checks across all entry points, though currently not exploitable due to the zero attack surface, indicates a potential oversight that could become a risk if any new entry points are introduced without these essential security measures.

Key Concerns

Low output escaping percentage
No nonce checks
No capability checks

Vulnerabilities

None known

ChatSupport Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ChatSupport Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

47% escaped19 total outputs

Attack Surface

ChatSupport Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadmin_menuChatSupport.php:40

actionadmin_initChatSupport.php:43

actioninitChatSupport.php:65

actionwp_enqueue_scriptsChatSupport.php:66

Maintenance & Trust

ChatSupport Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedSep 11, 2023

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

ChatSupport Alternatives

Chaport — Live Chat & Chatbots

chaport

Modern live chat plugin for WordPress. Powerful features: multi-channel, chatbots, customization, etc. Free plan. Unlimited chats & websites.

2K 1 CVE

HelpCrunch – Live Chat, Chatbot & Knowledge Base for Customer Service

helpcrunch-live-chat

100

The one-stop platform for even stronger customer relations. Bolster your customer support with its live chat, chatbot, and knowledge base software.

2K No CVEs

Chat Bro Live Group Chat

chatbro

Chat Bro - live Chat for your website. Turns your Telegram Chat or VK Chat into Live Chat on your website. Allows your visitors to Chat in live group …

200 No CVEs

LiveHelpNow Help Desk

livehelpnow-helpdesk

LiveHelpNow Help desk embed plugin facilitates real time interactions between your website visitors and your customer service via multiple channels.

60 No CVEs

AnswerForce

answerforce

100

Add the AnswerForce plugin for quick and easy customer support. Chat with visitors, build relationships and improve customer satisfaction.

10 No CVEs

Developer Profile

ChatSupport Developer Profile

chatsuppport

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ChatSupport

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/chatsupport/css/cs-wordpress-style.css/wp-content/plugins/chatsupport/css/reset.css/wp-content/plugins/chatsupport/images/ChatSupportLogo.png/wp-content/plugins/chatsupport/images/chatsupport-white-logo-icon.svg/wp-content/plugins/chatsupport/images/wordpress-logo.svg/wp-content/plugins/chatsupport/images/link-icon.svg/wp-content/plugins/chatsupport/images/chatsupport-logo.svg/wp-content/plugins/chatsupport/images/template-icon.png+2 more

Script Paths

https://app.chatsupport.co/api/client/get/script/

HTML / DOM Fingerprints

CSS Classes

wordpress-plugin-wrpwordpress-plugin-setupdisplay-nonebtn-progressingwidget-installwordpress-project-clipswidget-installwordpress-project-clips+4 more

HTML Comments

+10 more

Data Attributes

siteUrlid="cwa-login"id="widgetId"id="widgetThemeColor"id="logoUrl"id="widgetName"+3 more

JS Globals

window._lsvar _ls

FAQ