WP-Safety

Cresta Social Messenger Security & Risk Analysis

wordpress.org/plugins/cresta-facebook-messenger

Allow your users and customers to contact you via Facebook Messenger with a single click.

1K active installs v1.2.4 PHP + WP 4.2+ Updated Jul 14, 2021
facebookfacebook-chatfacebook-messengerhelp-deskmessenger
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Cresta Social Messenger Safe to Use in 2026?

Generally Safe

Score 85/100

Cresta Social Messenger has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The cresta-facebook-messenger plugin v1.2.4 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by avoiding dangerous functions, using prepared statements for all SQL queries, and properly escaping the vast majority of its output. Furthermore, it includes necessary nonce and capability checks, and has no known unpatched vulnerabilities or recorded history of past security issues, which is a positive indicator of its maintenance and developer diligence. The absence of external HTTP requests and file operations also reduces potential attack vectors.

Vulnerabilities
None known

Cresta Social Messenger Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Cresta Social Messenger Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
66 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

96% escaped69 total outputs
Attack Surface

Cresta Social Messenger Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[cresta-facebook-messenger] cresta-facebook-messenger.php:178
WordPress Hooks 10
actionadd_meta_boxescresta-facebook-messenger-metabox.php:29
actionsave_postcresta-facebook-messenger-metabox.php:74
actionadmin_menucresta-facebook-messenger.php:20
filterplugin_row_metacresta-facebook-messenger.php:22
actionplugins_loadedcresta-facebook-messenger.php:23
actionadmin_initcresta-facebook-messenger.php:24
actionwp_enqueue_scriptscresta-facebook-messenger.php:25
actionadmin_enqueue_scriptscresta-facebook-messenger.php:26
actionwp_headcresta-facebook-messenger.php:109
actionwp_footercresta-facebook-messenger.php:295
Maintenance & Trust

Cresta Social Messenger Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedJul 14, 2021
PHP min version
Downloads51K

Community Trust

Rating84/100
Number of ratings5
Active installs1K
Alternatives

Cresta Social Messenger Alternatives

Leaddevs Messenger Live Chatbot

Leaddevs Messenger Live Chatbot

leaddevs-chatbot

A
85

Leaddevs Messenger Live Chatbot

10 No CVEs
Chat Plus – Unofficial Addon to disable chat on page and more

Chat Plus – Unofficial Addon to disable chat on page and more

chat-plus

A
85

Unofficial Addon for Facebook Customer Chat. Added useful functions including disable chat in some pages, css class for CTA button to show chat, auto …

0 No CVEs
Joinchat

Joinchat

creame-whatsapp-me

A
100

WhatsApp, Messenger, Telegram, Phone call… capture users through their favorite Apps and turn into clients

700K No CVEs
Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty

Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty

chaty

A
92

WhatsApp chat, Facebook Messenger, Telegram, TikTok, Instagram, Email, Line, WeChat Phone call, SMS, 20+ live chat icons & WhatsApp chat pop up 💬

400K 11 CVEs
All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements

All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements

mystickyelements

A
92

Get leads with a floating contact form tab, chat & social buttons like Facebook Messenger, WhatsApp, Viber, Telegram, Twitter, Instagram & more 🎉

40K 6 CVEs
Developer Profile

Cresta Social Messenger Developer Profile

CrestaProject

25 plugins · 22K total installs

86
trust score
Avg Security Score
97/100
Avg Patch Time
36 days
View full developer profile
Detection Fingerprints

How We Detect Cresta Social Messenger

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cresta-facebook-messenger/css/cresta-social-messenger-front-css.min.css/wp-content/plugins/cresta-facebook-messenger/css/cresta-social-messenger-admin-css.css
Version Parameters
cresta-facebook-messenger/css/cresta-social-messenger-front-css.min.css?ver=cresta-facebook-messenger/css/cresta-social-messenger-admin-css.css?ver=

HTML / DOM Fingerprints

CSS Classes
cresta-facebook-messenger-boxcresta-facebook-messenger-buttoncresta-facebook-messenger-containercresta-facebook-messenger-container-buttoncresta-facebook-messenger-overlaycresta-facebook-messenger-top-header
HTML Comments
<!-- Cresta Facebook Messenger shortcode -->
Data Attributes
data-name="messenger icon"
JS Globals
window.cresta_facebook_messenger_show_floating_boxwindow.cresta_facebook_messenger_click_to_closewindow.cresta_facebook_messenger_what_icon
Shortcode Output
<div id="fb-root"></div> <script async defer crossorigin="anonymous" src="https://connect.facebook.net/
FAQ

Frequently Asked Questions about Cresta Social Messenger