EchBay Live Chat Security & Risk Analysis
wordpress.org/plugins/echbay-facebook-messengerAdd Facebook customerchat, Facebook messenger box or another widget chat to your website (tawk.to, subiz.vn). Easily custom your style for chat.
Is EchBay Live Chat Safe to Use in 2026?
Generally Safe
Score 100/100EchBay Live Chat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The static analysis of the echbay-facebook-messenger plugin v1.2.7 reveals a generally strong security posture, with no identified attack surface entries lacking authentication or permission checks. The absence of dangerous functions, external HTTP requests, and critical/high severity taint flows further contributes to this positive assessment. The plugin also demonstrates good practice by including nonce and capability checks. However, a significant concern arises from the sole SQL query not utilizing prepared statements, posing a potential SQL injection risk. Additionally, only 24% of output is properly escaped, leaving room for cross-site scripting (XSS) vulnerabilities. The lack of any recorded vulnerabilities in its history is a positive sign, suggesting a history of responsible development. Despite the lack of known CVEs, the identified code signals warrant attention to mitigate potential risks.
Key Concerns
- SQL query not using prepared statements
- Low percentage of properly escaped output
EchBay Live Chat Security Vulnerabilities
EchBay Live Chat Code Analysis
SQL Query Safety
Output Escaping
EchBay Live Chat Attack Surface
WordPress Hooks 2
Maintenance & Trust
EchBay Live Chat Maintenance & Trust
Maintenance Signals
Community Trust
EchBay Live Chat Alternatives
Joinchat
creame-whatsapp-me
WhatsApp, Messenger, Telegram, Phone call… capture users through their favorite Apps and turn into clients
Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty
chaty
WhatsApp chat, Facebook Messenger, Telegram, TikTok, Instagram, Email, Line, WeChat Phone call, SMS, 20+ live chat icons & WhatsApp chat pop up 💬
All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements
mystickyelements
Get leads with a floating contact form tab, chat & social buttons like Facebook Messenger, WhatsApp, Viber, Telegram, Twitter, Instagram & more 🎉
Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist
bit-assist
Floating sticky chat button for WhatsApp Chat, Facebook Messenger, Telegram, Instagram, SMS, Call, Discord chat, TikTok, Line & 30+ channels
Sticky Chat Widget – Floating Chat Icons, Contact Form, Call, Click to Chat, Email & Message Buttons
sticky-chat-widget
Social chat buttons with WhatsApp, Messenger, WeChat, Telegram, Instagram, TikTok, Zalo & more — plus SMS, Call button, Contact form, and 20+ icons.
EchBay Live Chat Developer Profile
8 plugins · 2K total installs
How We Detect EchBay Live Chat
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/echbay-facebook-messenger/js/efm-admin.js/wp-content/plugins/echbay-facebook-messenger/js/frontend.js/wp-content/plugins/echbay-facebook-messenger/css/efm-admin.css/wp-content/plugins/echbay-facebook-messenger/style.css/wp-content/plugins/echbay-facebook-messenger/js/efm-admin.js/wp-content/plugins/echbay-facebook-messenger/js/frontend.jsechbay-facebook-messenger/style.css?ver=echbay-facebook-messenger/js/frontend.js?ver=HTML / DOM Fingerprints
efm-chat-widgetefm-livechat<!-- Start of EchBay Live Chat Script (by EchBay Live Chat) --><!-- EchBay Live Chat --><!-- End of EchBay Live Chat Script -->data-widget-iddata-plugin-versionefm_data