Click to Call or Chat Buttons Security & Risk Analysis
wordpress.org/plugins/click-to-call-or-chat-buttonsThis plugin adds Phone Call and WhatsApp button on your webpage.
Is Click to Call or Chat Buttons Safe to Use in 2026?
Generally Safe
Score 92/100Click to Call or Chat Buttons has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The "click-to-call-or-chat-buttons" plugin, version 1.6.0, exhibits a generally positive security posture based on the static analysis. The absence of any identified dangerous functions, raw SQL queries, file operations, or external HTTP requests is a significant strength. Furthermore, the plugin appears to have no identified attack surface through AJAX, REST API, shortcodes, or cron events, indicating a well-contained design. However, the static analysis does reveal a concern regarding output escaping, with only 5% of outputs being properly escaped. This suggests a potential for cross-site scripting (XSS) vulnerabilities, especially if any user-supplied data is rendered without adequate sanitization.
Key Concerns
- Low percentage of properly escaped output
- No capability checks detected
- No nonce checks detected
Click to Call or Chat Buttons Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Click to Call or Chat Buttons <= 1.4.0 - Authenticated(Admin+) Stored Cross-Site Scripting
Click to Call or Chat Buttons Release Timeline
Click to Call or Chat Buttons Code Analysis
Output Escaping
Click to Call or Chat Buttons Attack Surface
WordPress Hooks 7
Maintenance & Trust
Click to Call or Chat Buttons Maintenance & Trust
Maintenance Signals
Community Trust
Click to Call or Chat Buttons Alternatives
Call Now Button – The #1 Click to Call Button for WordPress
call-now-button
The web's #1 click to call button for your website! A simple and powerful plugin that adds a Call Now Button to your website.
All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements
mystickyelements
Get leads with a floating contact form tab, chat & social buttons like Facebook Messenger, WhatsApp, Viber, Telegram, Twitter, Instagram & more 🎉
WP Call Button – Easy Click to Call Button for WordPress
wp-call-button
The best WordPress call now button plugin. We help you add a clickable phone link (quick call button), so people can easily call your business phone.
Really Simple Click To Call Bar
really-simple-click-to-call
A simple plugin that adds a click to call bar/call now button for mobile visitors.
Call Now and Chat Buttons
call-now-and-chat-buttons
Add instant "Call Now" and "Chat" buttons to your website, allowing visitors to seamlessly contact you with a single click.
Click to Call or Chat Buttons Developer Profile
1 plugin · 1K total installs
How We Detect Click to Call or Chat Buttons
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/click-to-call-or-chat-buttons/css/ctcocb-style.css/wp-content/plugins/click-to-call-or-chat-buttons/js/ctcocb-script.js/wp-content/plugins/click-to-call-or-chat-buttons/js/ctcocb-admin.js/wp-content/plugins/click-to-call-or-chat-buttons/js/ctcocb-script.js/wp-content/plugins/click-to-call-or-chat-buttons/js/ctcocb-admin.jsclick-to-call-or-chat-buttons/css/ctcocb-style.css?ver=click-to-call-or-chat-buttons/js/ctcocb-script.js?ver=click-to-call-or-chat-buttons/js/ctcocb-admin.js?ver=HTML / DOM Fingerprints
ctcocb-color-fieldctcocb-container<!-- Require Phone icon color to be set -->name="ctcocb[activePlugin]"name="ctcocb[numberPhone]"name="ctcocb[textPhone]"name="ctcocb[numberWapp]"name="ctcocb[textWapp]"name="ctcocb[text]"+14 morectcocb_options