Does ClientHub have any unpatched vulnerabilities?

No. All known vulnerabilities in ClientHub have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ClientHub compatible with WordPress 6.9.4?

According to WordPress.org data, ClientHub 1.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ClientHub compatible with PHP 7.4+?

ClientHub requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ClientHub updated?

ClientHub was last updated on Dec 4, 2025. Frequent updates are generally a positive security signal.

What is ClientHub's security score?

ClientHub has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ClientHub Security & Risk Analysis

wordpress.org/plugins/clienthub

Professional client management hub with customizable dashboards, project tracking, and secure customer portal for WordPress.

10 active installs v1.0.1 PHP 7.4+ WP 6.2+ Updated Dec 4, 2025

client-managementcrmcustomer-portaldashboardproject-tracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ClientHub Safe to Use in 2026?

Generally Safe

Score 100/100

ClientHub has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The clienthub v1.0.1 plugin exhibits a generally strong security posture, with no recorded historical vulnerabilities (CVEs) and a commitment to secure coding practices in its static analysis. The complete absence of SQL injection vulnerabilities due to 100% prepared statement usage and a significant number of nonce and capability checks are commendable strengths. The plugin also avoids common pitfalls like file operations and external HTTP requests.

However, the taint analysis reveals a concerning area: 4 flows with unsanitized paths and 3 of these being of high severity. While the static analysis doesn't classify them as 'critical', the presence of unsanitized paths in 50% of the analyzed flows indicates a potential risk for path traversal or other file-related vulnerabilities if not handled with extreme care. The high percentage of properly escaped outputs (87%) is good, but the remaining 13% could still pose a cross-site scripting (XSS) risk if they handle user-controlled data. The limited attack surface of 1 shortcode is a positive, especially with no identified unprotected entry points.

In conclusion, clienthub v1.0.1 demonstrates good security foundations, particularly in database interaction and authentication. The primary area for immediate concern is the high severity taint flows related to unsanitized paths, which warrants further investigation and potential remediation. The lack of past vulnerabilities is a positive indicator, but the taint analysis suggests that developers should remain vigilant.

Key Concerns

High severity unsanitized paths in taint analysis
Flows with unsanitized paths (4/8)
13% of outputs not properly escaped

Vulnerabilities

None known

ClientHub Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ClientHub Code Analysis

Dangerous Functions

Raw SQL Queries

51 prepared

Unescaped Output

305 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared51 total queries

Output Escaping

87% escaped351 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

8 flows4 with unsanitized paths

clienthub_render_dashboard (cpp_admin.php:216)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ClientHub Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[clienthub] clienthub.php:233

WordPress Hooks 17

actionadmin_initclienthub.php:157

actionplugins_loadedclienthub.php:171

actionadmin_noticesclienthub.php:213

actioninitclienthub.php:236

actionadmin_menucpp_admin.php:17

actionadmin_initcpp_admin.php:20

actionadmin_menucpp_admin.php:101

actionadmin_initcpp_admin.php:693

actionadmin_initcpp_admin.php:1215

actionadmin_initcpp_admin.php:1339

actionadmin_noticescpp_admin.php:2211

actionadmin_enqueue_scriptscpp_admin.php:2284

actionadmin_noticescpp_admin.php:2348

actionadmin_initcpp_admin.php:2362

actionadmin_menucpp_admin.php:2723

actionwp_enqueue_scriptscpp_frontend.php:17

actioninitcpp_frontend.php:19

Maintenance & Trust

ClientHub Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version7.4

Downloads215

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

ClientHub Alternatives

Sprout Clients – CRM and Lead Management

sprout-clients

Properly leveraging your contact lists isn’t sending out a single email to the entire list asking for work — instead you need to build business relati …

70 3 CVEs

Trusty Studio – Project Tracking

trusty-studio-suivi-de-projet

Project management tracking for TrustyStudio clients.

10 No CVEs

Digital Service Provider CRM

digital-service-provider-crm

100

Optimize client management with Digital Service Provider CRM, an essential WordPress plugin for streamlined invoicing.

0 No CVEs

SWELLEnterprise

swellenterprise

A plugin that connects your website to the SWELLEnterprise services.

0 No CVEs

MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy)

google-analytics-for-wordpress

The best free Google Analytics plugin for WordPress. See how visitors find and use your website so you can grow your business with powerful analytics.

2.0M 10 CVEs

Developer Profile

ClientHub Developer Profile

NETT.PRO

3 plugins · 430 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ClientHub

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/clienthub/css/clienthub-admin.css/wp-content/plugins/clienthub/css/clienthub-frontend.css/wp-content/plugins/clienthub/js/clienthub-admin.js/wp-content/plugins/clienthub/js/clienthub-frontend.js/wp-content/plugins/clienthub/js/clienthub-vendor.js

Script Paths

/wp-content/plugins/clienthub/js/clienthub-admin.js/wp-content/plugins/clienthub/js/clienthub-frontend.js/wp-content/plugins/clienthub/js/clienthub-vendor.js

Version Parameters

clienthub/css/clienthub-admin.css?ver=clienthub/css/clienthub-frontend.css?ver=clienthub/js/clienthub-admin.js?ver=clienthub/js/clienthub-frontend.js?ver=clienthub/js/clienthub-vendor.js?ver=

HTML / DOM Fingerprints

CSS Classes

clienthub-dashboard-wrapperclienthub-client-portal-wrapperclienthub-client-listclienthub-project-detailsclienthub-message-compose

HTML Comments

+1 more

Data Attributes

data-clienthub-iddata-clienthub-project-iddata-clienthub-user-iddata-clienthub-actiondata-clienthub-nonce

JS Globals

clienthub_admin_paramsclienthub_frontend_paramsclienthubAjaxClientHub

REST Endpoints

/wp-json/clienthub/v1/clients/wp-json/clienthub/v1/projects/wp-json/clienthub/v1/messages/wp-json/clienthub/v1/settings

Shortcode Output

[clienthub][clienthub_dashboard][clienthub_client_portal]

FAQ