Does Cloudbridge Mattermost have any unpatched vulnerabilities?

No. All known vulnerabilities in Cloudbridge Mattermost have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cloudbridge Mattermost compatible with WordPress 6.9.4?

According to WordPress.org data, Cloudbridge Mattermost 2.2.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Cloudbridge Mattermost compatible with PHP 7.4+?

Cloudbridge Mattermost requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cloudbridge Mattermost updated?

Cloudbridge Mattermost was last updated on Feb 11, 2026. Frequent updates are generally a positive security signal.

What is Cloudbridge Mattermost's security score?

Cloudbridge Mattermost has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cloudbridge Mattermost Security & Risk Analysis

wordpress.org/plugins/cloudbridge-mattermost

Mattermost integration for WordPress. Tested with Mattermost 5.30.1+ and WordPress 5.5+.

70 active installs v2.2.3 PHP 7.4+ WP 5.4.0+ Updated Feb 11, 2026

cloudintegrationmattermostnotificationssecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cloudbridge Mattermost Safe to Use in 2026?

Generally Safe

Score 100/100

Cloudbridge Mattermost has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The cloudbridge-mattermost plugin v2.2.3 exhibits a strong security posture with no recorded vulnerabilities and a seemingly small attack surface. The static analysis reveals a complete absence of AJAX handlers, REST API routes, shortcodes, and cron events that could be exploited. Furthermore, the absence of critical or high-severity taint flows suggests that data is being handled securely in most pathways.

However, there are areas for improvement. The presence of a single SQL query that does not utilize prepared statements is a significant concern. While the plugin has a low percentage of properly escaped outputs (34%), this still presents a potential risk for cross-site scripting (XSS) vulnerabilities if the unescaped outputs are rendered in a context that is susceptible to injection.

The lack of vulnerability history is a positive indicator, suggesting responsible development and patching practices. The use of Guzzle, a common HTTP client library, is noted. Overall, the plugin appears to have a good foundation, but the identified SQL and output escaping issues warrant attention to further harden its security.

Key Concerns

SQL query not using prepared statements
Low percentage of properly escaped outputs

Vulnerabilities

None known

Cloudbridge Mattermost Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Cloudbridge Mattermost Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

34 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

SQL Query Safety

0% prepared1 total queries

Output Escaping

34% escaped100 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<cloudbridge-mattermost> (cloudbridge-mattermost.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Cloudbridge Mattermost Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 25

actionlogin_formcloudbridge-mattermost.php:241

filterlogin_messagecloudbridge-mattermost.php:242

actionlogin_formcloudbridge-mattermost.php:2030

filterlogin_messagecloudbridge-mattermost.php:2031

actionregister_formcloudbridge-mattermost.php:2034

filterlogin_headcloudbridge-mattermost.php:2036

filterregister_urlcloudbridge-mattermost.php:2041

actionwp_logincloudbridge-mattermost.php:2047

actionwp_login_failedcloudbridge-mattermost.php:2048

actionactivated_plugincloudbridge-mattermost.php:2053

actiondeactivated_plugincloudbridge-mattermost.php:2056

actiondelete_plugincloudbridge-mattermost.php:2059

actiondeleted_plugincloudbridge-mattermost.php:2060

actionafter_password_resetcloudbridge-mattermost.php:2065

actionuser_registercloudbridge-mattermost.php:2076

actiondeleted_usercloudbridge-mattermost.php:2080

actioninitcloudbridge-mattermost.php:2145

actionadmin_enqueue_scriptscloudbridge-mattermost.php:2148

actionadd_option_new_admin_emailcloudbridge-mattermost.php:2151

actionupdate_option_admin_emailcloudbridge-mattermost.php:2152

filtersend_site_admin_email_change_emailcloudbridge-mattermost.php:2155

filterlogin_headcloudbridge-mattermost.php:2160

actionadmin_menucloudbridge-mattermost.php:2163

actionadmin_initcloudbridge-mattermost.php:2164

actionwp_loadedcloudbridge-mattermost.php:2165

Maintenance & Trust

Cloudbridge Mattermost Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 11, 2026

PHP min version7.4

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs70

Alternatives

Cloudbridge Mattermost Alternatives

Login Security Captcha

100

Secure WordPress login, registration, and comment form with Google reCAPTCHA or Cloudflare Turnstile. Prevent Brute-force attacks and more.

10K No CVEs

DoLogin Security

dologin

Easy Login. 2FA login. Passwordless login. Cloudflare Turnstile reCAPTCHA. GeoLocation (Continent/Country/City)/IP range to limit login attempts.

7K 4 CVEs

App for Cloudflare®

app-for-cf

100

All things Cloudflare (caching, flexible SSL, Turnstile, settings, rules, analytics, media in R2, image transforms [AVIF, WebP], secure admin area).

1K No CVEs

CloudGuard

cloudguard

100

Use Cloudflare's free geolocation service to restrict access to your site's login page.

1K No CVEs

File Manager for Dropbox

integrate-dropbox

100

Secure Dropbox integration for WordPress. Manage, share, and embed files via blocks, shortcodes, and Elementor widgets.

300 No CVEs

Developer Profile

Cloudbridge Mattermost Developer Profile

joho68

5 plugins · 190 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cloudbridge Mattermost

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cloudbridge-mattermost/css/cbmm-admin.css/wp-content/plugins/cloudbridge-mattermost/css/cbmm-frontend.css/wp-content/plugins/cloudbridge-mattermost/js/cbmm-admin.js/wp-content/plugins/cloudbridge-mattermost/js/cbmm-frontend.js

Script Paths

/wp-content/plugins/cloudbridge-mattermost/js/cbmm-admin.js/wp-content/plugins/cloudbridge-mattermost/js/cbmm-frontend.js

Version Parameters

cloudbridge-mattermost/css/cbmm-admin.css?ver=cloudbridge-mattermost/css/cbmm-frontend.css?ver=cloudbridge-mattermost/js/cbmm-admin.js?ver=cloudbridge-mattermost/js/cbmm-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

cbmm-settings-tabcbmm-admin-page

HTML Comments

Data Attributes

data-cbmm-form-iddata-cbmm-is-admin-ajaxdata-cbmm-ajax-urldata-cbmm-nonce

JS Globals

cbmm_admin_ajax_objectcbmm_frontend_ajax_objectcbmm_nonce

REST Endpoints

/wp-json/cloudbridge-mattermost/v1/data

FAQ