Does Focus SiteCall Pro have any unpatched vulnerabilities?

No. All known vulnerabilities in Focus SiteCall Pro have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Focus SiteCall Pro compatible with WordPress 5.1.22?

According to WordPress.org data, Focus SiteCall Pro 1.1.2 has been tested up to WordPress 5.1.22. Check the plugin's changelog for the latest compatibility information.

Is Focus SiteCall Pro compatible with PHP 5.6+?

Focus SiteCall Pro requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Focus SiteCall Pro updated?

Focus SiteCall Pro was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Focus SiteCall Pro's security score?

Focus SiteCall Pro has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Focus SiteCall Pro Security & Risk Analysis

wordpress.org/plugins/focus-sitecall-pro

SiteCall Pro is a simple widget for a callback on your website.

0 active installs v1.1.2 PHP 5.6+ WP 4.9+ Updated Unknown

conversion-optimizationlead-generationlivechatrecallsales

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Focus SiteCall Pro Safe to Use in 2026?

Generally Safe

Score 100/100

Focus SiteCall Pro has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The plugin 'focus-sitecall-pro' v1.1.2 presents a mixed security profile. On the positive side, the plugin shows a strong commitment to secure coding practices regarding database interactions, with 100% of SQL queries using prepared statements and no recorded vulnerabilities or CVEs. The absence of detected dangerous functions and file operations is also reassuring. However, there are significant concerns regarding output escaping, with only 43% of outputs being properly escaped, leaving room for cross-site scripting (XSS) vulnerabilities. Furthermore, the taint analysis reveals four flows with unsanitized paths, which, while not currently classified as critical or high severity, represent a potential risk for data manipulation or unauthorized actions if specific conditions are met. The complete lack of capability checks and nonce checks on the identified entry points (even though there are none currently exposed) points to a potential future risk if the plugin were to be extended without incorporating these essential security mechanisms.

Key Concerns

Insufficient output escaping
Taint flows with unsanitized paths (4)
Missing capability checks
Missing nonce checks

Vulnerabilities

None known

Focus SiteCall Pro Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Focus SiteCall Pro Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

43% escaped23 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

assign_sitecalls (class.focussitecall-admin-post-controller.php:15)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Focus SiteCall Pro Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionadmin_post_assign_sitecallsclass.focussitecall-admin-post-controller.php:10

actionadmin_post_refresh_sitecallsclass.focussitecall-admin-post-controller.php:11

actionadmin_post_update_credentialsclass.focussitecall-admin-post-controller.php:12

actionadmin_menuclass.focussitecall-admin-settings-page.php:18

actionadmin_initclass.focussitecall-admin-settings-page.php:19

actionadd_meta_boxesclass.fucussitecall-add-widget.php:9

actionsave_postclass.fucussitecall-add-widget.php:10

actionwp_footerclass.fucussitecall-add-widget.php:142

actioninitfocussitecall.php:19

Maintenance & Trust

Focus SiteCall Pro Maintenance & Trust

Maintenance Signals

WordPress version tested5.1.22

Last updatedUnknown

PHP min version5.6

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Focus SiteCall Pro Alternatives

Focus SiteCall Lite

focus-sitecall-lite

SiteCall Lite is a simple widget for a callback on your website

0 No CVEs

CartFlows – Funnel Builder & Checkout Plugin for WooCommerce

cartflows

1 WordPress funnel builder & WooCommerce checkout plugin. Boost AOV with one-click upsells, order bumps & high-converting checkout pages.

200K 6 CVEs

Zoho SalesIQ – Live chat, chatbots, and visitor tracking

zoho-salesiq

Identify, engage and convert website visitors with live chat and visitor analytics.

20K 4 CVEs

Leadpages

leadpages

Easily publish your Leadpages landing pages to your WordPress site. Promote your lead magnets, events, promotions, and more.

10K 1 CVE

WP CTA – Sticky CTA Builder, Generate Leads, Promote Sales

easy-sticky-sidebar

WordPress Call To Action plugin to promote content, increase sales and leads. Easy to use and includes 3 professional, flexible templates.

2K 1 unpatched

Developer Profile

Focus SiteCall Pro Developer Profile

focustelecom

2 plugins · 0 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Focus SiteCall Pro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/focus-sitecall-pro/css/main.css

Version Parameters

focus-sitecall-pro/css/main.css?ver=

HTML / DOM Fingerprints

Data Attributes

name="sitecall_widget"

FAQ