Does Click to Chat have any unpatched vulnerabilities?

No. All known vulnerabilities in Click to Chat have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Click to Chat compatible with WordPress 6.9.4?

According to WordPress.org data, Click to Chat 1.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Click to Chat compatible with PHP 7.2+?

Click to Chat requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Click to Chat updated?

Click to Chat was last updated on Mar 4, 2026. Frequent updates are generally a positive security signal.

What is Click to Chat's security score?

Click to Chat has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Click to Chat Security & Risk Analysis

wordpress.org/plugins/dragwyb-click-to-chat

A lightweight multi-channel click to chat plugin. Add a floating social chat widget and versatile redirect buttons for instant communication.

0 active installs v1.0.6 PHP 7.2+ WP 5.0+ Updated Mar 4, 2026

all-in-one-chatclick-to-chatfloating-chatmulti-channel-chatsocial-chat

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Click to Chat Safe to Use in 2026?

Generally Safe

Score 100/100

Click to Chat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The dragwyb-click-to-chat plugin v1.0.6 exhibits a generally strong security posture based on the provided static analysis. A significant majority of its output is properly escaped, and it appears to implement adequate nonce and capability checks on its entry points, including AJAX handlers. The absence of critical or high-severity taint flows, dangerous functions, file operations, and known vulnerabilities is highly encouraging.

However, a notable concern arises from the single SQL query identified, which is not using prepared statements. While the plugin has a small attack surface and no known vulnerabilities, this raw SQL query represents a potential injection point if the input leading to it is not rigorously sanitized. The presence of an external HTTP request also warrants attention, as it could be a vector for further attacks or data leakage if not handled securely. Overall, the plugin demonstrates good development practices with proper escaping and authentication, but the un-prepared SQL query is a weakness that should be addressed.

Key Concerns

SQL queries not using prepared statements

Vulnerabilities

None known

Click to Chat Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Click to Chat Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

258 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

98% escaped263 total outputs

Attack Surface

Click to Chat Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 3

authwp_ajax_dctc_send_feedbackadmin\feedback\class-dctc-feedback-form.php:74

authwp_ajax_dragwyb_ctc_review_dismissadmin\review\class-dctc-review-form.php:43

authwp_ajax_dctc_save_settingsadmin\settings.php:5

Shortcodes 1

[dctc-widget] includes\frontend.php:18

WordPress Hooks 10

actionadmin_enqueue_scriptsadmin\feedback\class-dctc-feedback-form.php:75

actionadmin_headadmin\feedback\class-dctc-feedback-form.php:76

actionadmin_noticesadmin\review\class-dctc-review-form.php:41

actionadmin_enqueue_scriptsadmin\review\class-dctc-review-form.php:42

actionadmin_menuadmin\settings.php:4

actionadmin_enqueue_scriptsadmin\settings.php:7

actionplugins_loadeddragwyb-click-to-chat.php:39

actionwp_footerincludes\frontend.php:10

actionwp_enqueue_scriptsincludes\frontend.php:12

filterscript_loader_tagincludes\frontend.php:15

Maintenance & Trust

Click to Chat Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version7.2

Downloads265

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Click to Chat Alternatives

Chat Button Ninetyseven Infotech

chat-button-nsi

Chat Button Ninetyseven Infotech | Chat Button Ninetyseven Infotech for WordPress allows your customers to open a conversation from your website direc …

100 No CVEs

Click n Chat (Chat Widget Integration)

click-n-chat

100

All-in-one floating chat widget with social platforms, smart auto replies, AI chatbot integration, analytics tracking, and full customization.

0 No CVEs

DirectChat – Floating Chat Button

directchat-floating-button

100

DirectChat is the smartest WhatsApp chat plugin for WordPress. Connect with visitors, increase sales, and provide support instantly.

0 No CVEs

ZS Social Chat by ZS Software Studio

zs-social-chat

ZS Social Chat will help you to add WhatsApp Chat Button in your website so that your users can connect with you through WhatsApp & WhatsApp Busin …

0 No CVEs

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs

Developer Profile

Click to Chat Developer Profile

dragwyb

2 plugins · 300 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

46 days

View full developer profile

Detection Fingerprints

How We Detect Click to Chat

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dragwyb-click-to-chat/admin/feedback/feedback.css/wp-content/plugins/dragwyb-click-to-chat/admin/feedback/feedback.js/wp-content/plugins/dragwyb-click-to-chat/admin/review/review.css/wp-content/plugins/dragwyb-click-to-chat/admin/review/review.js/wp-content/plugins/dragwyb-click-to-chat/assets/css/style.css/wp-content/plugins/dragwyb-click-to-chat/assets/js/chat.js/wp-content/plugins/dragwyb-click-to-chat/assets/js/chat-script.js

Script Paths

/wp-content/plugins/dragwyb-click-to-chat/admin/feedback/feedback.js/wp-content/plugins/dragwyb-click-to-chat/admin/review/review.js/wp-content/plugins/dragwyb-click-to-chat/assets/js/chat.js/wp-content/plugins/dragwyb-click-to-chat/assets/js/chat-script.js

Version Parameters

dragwyb-click-to-chat/admin/feedback/feedback.css?ver=dragwyb-click-to-chat/admin/feedback/feedback.js?ver=dragwyb-click-to-chat/admin/review/review.css?ver=dragwyb-click-to-chat/admin/review/review.js?ver=dragwyb-click-to-chat/assets/css/style.css?ver=dragwyb-click-to-chat/assets/js/chat.js?ver=dragwyb-click-to-chat/assets/js/chat-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

dctc-deactivate-feedback-form-wrapperdctc-form-hidedctc-deactivate-feedback-formdctc-deactivate-close

Data Attributes

data-slug

JS Globals

DCTC_Click_To_Chat

FAQ

Click to Chat Security & Risk Analysis

Is Click to Chat Safe to Use in 2026?

Generally Safe

Key Concerns

Click to Chat Security Vulnerabilities

Click to Chat Code Analysis

SQL Query Safety

Output Escaping

Click to Chat Attack Surface

AJAX Handlers 3

Shortcodes 1

Click to Chat Maintenance & Trust

Maintenance Signals

Community Trust

Click to Chat Alternatives

Chat Button Ninetyseven Infotech

Click n Chat (Chat Widget Integration)

DirectChat – Floating Chat Button

ZS Social Chat by ZS Software Studio

Click to Chat – HoliThemes

Click to Chat Developer Profile

How We Detect Click to Chat

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Click to Chat