WP-Safety

ClientSync Support – AI Powered Customer Support Ticket System Security & Risk Analysis

wordpress.org/plugins/clientsync-support

Transform your WordPress site into a professional customer support hub with elegant forms, ticket management, and seamless user experience.

0 active installs v1.0.5 PHP 7.4+ WP 6.0+ Updated Unknown
contact-formcustomer-supporthelpdesksupporttickets
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ClientSync Support – AI Powered Customer Support Ticket System Safe to Use in 2026?

Generally Safe

Score 100/100

ClientSync Support – AI Powered Customer Support Ticket System has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The clientsync-support plugin v1.0.5 demonstrates a generally strong security posture, with excellent adherence to best practices like using prepared statements for SQL queries and proper output escaping. The plugin also exhibits a clean vulnerability history, with no recorded CVEs, suggesting a mature and well-maintained codebase. This lack of historical vulnerabilities and the low number of dangerous code signals are positive indicators of a secure plugin.

However, a critical concern arises from the static analysis revealing one REST API route without a permission callback. This represents a direct attack vector where unauthorized users could potentially interact with a sensitive part of the plugin's functionality. While the overall attack surface of entry points is moderate, this single unprotected endpoint significantly elevates the risk. The limited taint analysis and absence of dangerous functions are reassuring, but this single oversight in access control for the REST API is the most prominent vulnerability identified.

Key Concerns

  • REST API route without permission callback
Vulnerabilities
None known

ClientSync Support – AI Powered Customer Support Ticket System Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

ClientSync Support – AI Powered Customer Support Ticket System Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
60 prepared
Unescaped Output
2
137 escaped
Nonce Checks
3
Capability Checks
31
File Operations
1
External Requests
3
Bundled Libraries
0

SQL Query Safety

95% prepared63 total queries

Output Escaping

99% escaped139 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
can_user_access_tickets (includes\class-admin.php:538)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

ClientSync Support – AI Powered Customer Support Ticket System Attack Surface

Entry Points20
Unprotected1

REST API Routes 18

POST/wp-json/cs-support/v1/ai/generate-replyincludes\class-ai-assistant.php:45
POST/wp-json/cs-support/v1/ticketsincludes\class-rest-api.php:38
GET/wp-json/cs-support/v1/ticketsincludes\class-rest-api.php:48
GET/wp-json/cs-support/v1/tickets/(?P<id>\d+)includes\class-rest-api.php:59
PATCH/wp-json/cs-support/v1/tickets/(?P<id>\d+)includes\class-rest-api.php:70
POST/wp-json/cs-support/v1/tickets/(?P<ticket_id>\d+)/repliesincludes\class-rest-api.php:81
GET/wp-json/cs-support/v1/tickets/(?P<ticket_id>\d+)/repliesincludes\class-rest-api.php:92
GET/wp-json/cs-support/v1/settingsincludes\class-rest-api.php:103
PATCH/wp-json/cs-support/v1/tickets/(?P<id>\d+)/assignincludes\class-rest-api.php:121
GET/wp-json/cs-support/v1/team-membersincludes\class-rest-api.php:132
GET/wp-json/cs-support/v1/team-members/statsincludes\class-rest-api.php:143
POST/wp-json/cs-support/v1/team-members/(?P<id>\d+)/assign-roleincludes\class-rest-api.php:154
GET/wp-json/cs-support/v1/debug/user-capabilitiesincludes\class-rest-api.php:165
GET/wp-json/cs-support/v1/gdpr/my-dataincludes\class-rest-api.php:177
DELETE/wp-json/cs-support/v1/gdpr/my-dataincludes\class-rest-api.php:188
GET/wp-json/cs-support/v1/gdpr/data-retentionincludes\class-rest-api.php:199
POST/wp-json/cs-support/v1/gdpr/data-retentionincludes\class-rest-api.php:210
POST/wp-json/cs-support/v1/gdpr/cleanupincludes\class-rest-api.php:221

Shortcodes 2

[cs_support] includes\class-shortcodes.php:30
[cs_support_tickets] includes\class-shortcodes.php:31
WordPress Hooks 22
actionadmin_menuincludes\class-admin.php:49
actionadmin_enqueue_scriptsincludes\class-admin.php:50
actionrest_api_initincludes\class-ai-assistant.php:37
actioninitincludes\class-db-updater.php:28
actionwp_enqueue_scriptsincludes\class-editor.php:33
actionenqueue_block_editor_assetsincludes\class-editor.php:34
filterrender_blockincludes\class-editor.php:35
actioninitincludes\class-gdpr-manager.php:24
actioncs_support_data_retention_cleanupincludes\class-gdpr-manager.php:27
filterwp_privacy_personal_data_exportersincludes\class-gdpr-manager.php:30
filterwp_privacy_personal_data_erasersincludes\class-gdpr-manager.php:31
actionwp_insert_commentincludes\class-notifications.php:37
actioncomment_postincludes\class-notifications.php:38
actioninitincludes\class-plugin.php:127
actionrest_api_initincludes\class-rest-api.php:28
actioninitincludes\class-shortcodes.php:19
filteradmin_footer_textincludes\class-shortcodes.php:22
actioninitincludes\class-team-members.php:27
actionwp_loadedincludes\class-team-members.php:28
actioninitincludes\namespace.php:58
actionwp_footerincludes\shortcode-validator.php:184
actionwp_headsrc\cs-support-frontend\render.php:13

Scheduled Events 1

cs_support_data_retention_cleanup
Maintenance & Trust

ClientSync Support – AI Powered Customer Support Ticket System Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads478

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

ClientSync Support – AI Powered Customer Support Ticket System Alternatives

Freshdesk (official)

Freshdesk (official)

freshdesk-support

A
89

Quickly embed the Freshdesk help widget, convert WordPress comments to tickets and seamlessly log your WordPress users into your support portal.

900 3 CVEs
HelpDesk Contact Form

HelpDesk Contact Form

helpdesk-contact-form

A
99

Use the WordPress contact form plugin by the HelpDesk ticket system to connect with visitors. Organize and manage messages — all without coding!

30 1 CVE
Tickzo – Support Ticket System

Tickzo – Support Ticket System

tickzo-support-ticket-system

A
100

A professional support ticket system for WordPress with email notifications and multilingual support.

0 No CVEs
Fluent Support – Helpdesk & Customer Support Ticket System

Fluent Support – Helpdesk & Customer Support Ticket System

fluent-support

A
89

Feature Rich and Super Fast Support and Customer Ticketing System for WordPress.

10K 7 CVEs
SupportCandy – Helpdesk & Customer Support Ticket System

SupportCandy – Helpdesk & Customer Support Ticket System

supportcandy

B
76

Enhance your WordPress site with our helpdesk and support ticket system. Manage customer support, tickets, and email tickets efficiently.

10K 16 CVEs
Developer Profile

ClientSync Support – AI Powered Customer Support Ticket System Developer Profile

ClientSync

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ClientSync Support – AI Powered Customer Support Ticket System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/clientsync-support/build/admin/admin.asset.php/wp-content/plugins/clientsync-support/build/tailwind-style.css/wp-content/plugins/clientsync-support/build/admin/admin.js/wp-content/plugins/clientsync-support/build/admin/create-ticket.asset.php/wp-content/plugins/clientsync-support/build/admin/create-ticket.css/wp-content/plugins/clientsync-support/build/admin/create-ticket.js/wp-content/plugins/clientsync-support/build/admin/tickets.asset.php/wp-content/plugins/clientsync-support/build/admin/tickets.js+7 more
Script Paths
/wp-content/plugins/clientsync-support/build/admin/admin.js/wp-content/plugins/clientsync-support/build/admin/create-ticket.js/wp-content/plugins/clientsync-support/build/admin/tickets.js/wp-content/plugins/clientsync-support/build/admin/settings.js/wp-content/plugins/clientsync-support/build/admin/faq.js/wp-content/plugins/clientsync-support/build/admin/team-management.js
Version Parameters
clientsync-support/build/admin/admin.asset.phpclientsync-support/build/tailwind-style.cssclientsync-support/build/admin/admin.jsclientsync-support/build/admin/create-ticket.asset.phpclientsync-support/build/admin/create-ticket.cssclientsync-support/build/admin/create-ticket.jsclientsync-support/build/admin/tickets.asset.phpclientsync-support/build/admin/tickets.jsclientsync-support/build/admin/settings.asset.phpclientsync-support/build/admin/settings.jsclientsync-support/build/admin/faq.asset.phpclientsync-support/build/admin/faq.jsclientsync-support/build/admin/team-management.asset.phpclientsync-support/build/admin/team-management.jsclientsync-support/assets/admin-shortcodes.css

HTML / DOM Fingerprints

CSS Classes
cs-support-admin
Data Attributes
id="cs-support-admin"
JS Globals
CS_SUPPORT_HELPDESK_CONFIGCS_SUPPORT_HELPDESK_CREATE_TICKET_CONFIGCS_SUPPORT_HELPDESK_TICKETS_CONFIGCS_SUPPORT_HELPDESK_SETTINGS_CONFIGCS_SUPPORT_HELPDESK_FAQ_CONFIGCS_SUPPORT_HELPDESK_TEAM_CONFIG
REST Endpoints
/wp-json/cs-support/v1/settings/wp-json/cs-support/v1/wp-json/cs-support/v1/tickets
FAQ

Frequently Asked Questions about ClientSync Support – AI Powered Customer Support Ticket System