WP-Safety

Floating Chat Buttons – Click to Call or Chat, Email Security & Risk Analysis

wordpress.org/plugins/floating-contact-buttons

Elevate user engagement through Floating Chat Buttons, facilitating immediate connections via chat, email, callback, and additional channels.

1K active installs v1.2.8 PHP 7.2+ WP 5.0+ Updated Feb 20, 2026
chatclick-to-callemailinstagramwhatsapp
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Floating Chat Buttons – Click to Call or Chat, Email Safe to Use in 2026?

Generally Safe

Score 100/100

Floating Chat Buttons – Click to Call or Chat, Email has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "floating-contact-buttons" plugin version 1.2.8 exhibits a generally strong security posture based on the provided static analysis. All identified entry points (3 AJAX handlers) have nonce and capability checks, indicating good defensive practices against common WordPress attacks. The plugin also makes excellent use of prepared statements for its single SQL query, and a high percentage of its output is properly escaped, mitigating risks of cross-site scripting (XSS). Furthermore, there is no recorded vulnerability history, which suggests a history of secure development and maintenance.

While the overall assessment is positive, a minor concern arises from the presence of an external HTTP request without explicit mention of how its security is handled. Although taint analysis shows no unsanitized paths, this external interaction represents a potential, albeit small, attack vector if not properly secured. The lack of shortcodes, cron events, and REST API routes limits the overall attack surface, further contributing to its good security standing. In conclusion, this plugin appears to be well-developed from a security perspective, with its strengths far outweighing any potential minor concerns.

Key Concerns

  • External HTTP request
Vulnerabilities
None known

Floating Chat Buttons – Click to Call or Chat, Email Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Floating Chat Buttons – Click to Call or Chat, Email Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
19
101 escaped
Nonce Checks
3
Capability Checks
3
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

84% escaped120 total outputs
Attack Surface

Floating Chat Buttons – Click to Call or Chat, Email Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 3

authwp_ajax_fcb_dismiss_noticefeedback\fcb-feedback-notice.php:18
authwp_ajax_fcb_send_emailincludes\fcb-layout.php:14
noprivwp_ajax_fcb_send_emailincludes\fcb-layout.php:15
WordPress Hooks 11
actionadmin_enqueue_scriptsfeedback\admin-feedback-form.php:21
actionadmin_headfeedback\admin-feedback-form.php:22
actionadmin_noticesfeedback\fcb-feedback-notice.php:16
actionadmin_enqueue_scriptsfeedback\fcb-feedback-notice.php:17
actioninitfloating-contact-buttons.php:67
actionplugins_loadedfloating-contact-buttons.php:68
actionadmin_enqueue_scriptsincludes\fcb-classes.php:26
actionwp_footerincludes\fcb-layout.php:12
actionwp_enqueue_scriptsincludes\fcb-layout.php:13
actionadmin_initincludes\fcb-settings.php:20
actionadmin_menuincludes\fcb-settings.php:21
Maintenance & Trust

Floating Chat Buttons – Click to Call or Chat, Email Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 20, 2026
PHP min version7.2
Downloads44K

Community Trust

Rating98/100
Number of ratings54
Active installs1K
Alternatives

Floating Chat Buttons – Click to Call or Chat, Email Alternatives

Click to Call or Chat Buttons

Click to Call or Chat Buttons

click-to-call-or-chat-buttons

A
92

This plugin adds Phone Call and WhatsApp button on your webpage.

1K 1 CVE
SaleChaty – AI Chatbot

SaleChaty – AI Chatbot

salechaty-ai-chatbot

A
92

Your Cross-Border AI Private Domain Operation Assistant

0 No CVEs
WBJet-HelloTap

WBJet-HelloTap

wbjet-hellotap

A
100

Boost your leads and sales! Add beautiful, customizable floating WhatsApp and Call buttons to your WordPress website in seconds.

0 No CVEs
Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
Joinchat

Joinchat

creame-whatsapp-me

A
100

WhatsApp, Messenger, Telegram, Phone call… capture users through their favorite Apps and turn into clients

700K No CVEs
Developer Profile

Floating Chat Buttons – Click to Call or Chat, Email Developer Profile

CoolHappy

12 plugins · 210K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
203 days
View full developer profile
Detection Fingerprints

How We Detect Floating Chat Buttons – Click to Call or Chat, Email

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/floating-contact-buttons/feedback/css/admin-feedback-style.css/wp-content/plugins/floating-contact-buttons/feedback/js/admin-feedback-script.js
Script Paths
/wp-content/plugins/floating-contact-buttons/feedback/js/admin-feedback-script.js
Version Parameters
floating-contact-buttons/feedback/css/admin-feedback-style.css?ver=floating-contact-buttons/feedback/js/admin-feedback-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
fcb-feedback-section
JS Globals
cp_feedback_ajax_object
FAQ

Frequently Asked Questions about Floating Chat Buttons – Click to Call or Chat, Email