WP-Safety

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Security & Risk Analysis

wordpress.org/plugins/kaira-site-chat

Website Chat & trusted support for your WordPress site and WooCommerce store.

30 active installs v1.1.11 PHP + WP 5.0+ Updated Jul 5, 2023
site-chatwhatsappwhatsapp-chatwhatsapp-support
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Safe to Use in 2026?

Generally Safe

Score 85/100

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The "kaira-site-chat" plugin version 1.1.11 exhibits a strong security posture based on the provided static analysis. The absence of unauthenticated AJAX handlers and REST API routes, coupled with 100% usage of prepared statements for SQL queries and proper output escaping, indicates good development practices for preventing common web vulnerabilities. The plugin also demonstrates a commitment to security by implementing capability checks on all identified entry points. The vulnerability history being clear of any recorded CVEs further strengthens this positive assessment, suggesting a well-maintained and secure codebase.

However, the static analysis does reveal a few points that warrant attention. The presence of file operations, although only one, introduces a potential vector for attacks if not handled with extreme care. While no unsanitized paths were identified in the taint analysis, the mere existence of file operations without further context on their sanitization and purpose is a minor concern. Furthermore, the absence of nonce checks on its entry points, while not necessarily a critical flaw in isolation given the robust capability checks, is a missed opportunity to further harden the plugin against certain types of attacks, particularly if any of the entry points were to be inadvertently exposed or if permission checks had subtle bypasses.

In conclusion, "kaira-site-chat" v1.1.11 is a secure plugin with a strong foundation. Its adherence to prepared statements, output escaping, and capability checks are commendable. The primary areas for improvement lie in the careful handling of the single file operation and the potential for adding nonce checks to its entry points for an extra layer of defense. The clean vulnerability history is a significant positive, indicating reliability and ongoing security focus.

Key Concerns

  • File operations present without further sanitization context
  • No nonce checks on entry points
Vulnerabilities
None known

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
27 escaped
Nonce Checks
0
Capability Checks
11
File Operations
1
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

100% escaped27 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
kaira_scp_installed_notice (classes\class-admin.php:138)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Attack Surface

Entry Points5
Unprotected0

REST API Routes 5

GET/wp-json/wascrapi/v1/settingsclasses\class-admin-settings.php:14
POST/wp-json/wascrapi/v1/settingsclasses\class-admin-settings.php:19
DELETE/wp-json/wascrapi/v1/deleteclasses\class-admin-settings.php:24
GET/wp-json/wascrapi/v1/pagesclasses\class-admin-settings.php:29
GET/wp-json/wascrapi/v1/image/(?P<id>\d+)classes\class-admin-settings.php:34
WordPress Hooks 14
actionrest_api_initclasses\class-admin-settings.php:7
actionadmin_menuclasses\class-admin.php:20
filterplugin_action_links_kaira-site-chat/kaira-site-chat.phpclasses\class-admin.php:26
filterplugin_row_metaclasses\class-admin.php:27
actionadmin_initclasses\class-admin.php:34
actionadmin_noticesclasses\class-admin.php:35
actioninitclasses\class-admin.php:37
filterbody_classclasses\class-admin.php:38
filtertemplate_redirectclasses\class-admin.php:40
actionwp_footerclasses\class-admin.php:362
actionwp_footerclasses\class-admin.php:366
actionwp_enqueue_scriptsclasses\class-enqueue-scripts.php:33
actionadmin_enqueue_scriptsclasses\class-enqueue-scripts.php:35
actioninitclasses\class-enqueue-scripts.php:42
Maintenance & Trust

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9
Last updatedJul 5, 2023
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Alternatives

Essential Chat Support

Essential Chat Support

essential-chat-support

A
100

Plugin allows to integrate WhatsApp experience into your site. One of the best ways to connect and interact with your customer directly from WhatsApp.

10 No CVEs
Aura Chat: Click to Chat Support, Floating Contact Button & Customer Service for WooCommerce

Aura Chat: Click to Chat Support, Floating Contact Button & Customer Service for WooCommerce

aura-chat-button

A
100

Expert WhatsApp Support and WhatsApp Chat for WooCommerce. Increase your store's conversion rates with a high-performance Click to Chat widget, f &hellip;

0 No CVEs
FormsDeck

FormsDeck

formsdeck

A
100

Add a beautiful WhatsApp form widget & receive responses from customers on "WhatsApp" and "WhatsApp Business".

0 No CVEs
Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty

Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty

chaty

A
92

WhatsApp chat, Facebook Messenger, Telegram, TikTok, Instagram, Email, Line, WeChat Phone call, SMS, 20+ live chat icons & WhatsApp chat pop up 💬

400K 11 CVEs
Developer Profile

Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store. Developer Profile

Kaira

14 plugins · 33K total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store.

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/kaira-site-chat/dist/frontend.css/wp-content/plugins/kaira-site-chat/dist/frontend.min.css/wp-content/plugins/kaira-site-chat/dist/admin.css/wp-content/plugins/kaira-site-chat/dist/admin.min.css/wp-content/plugins/kaira-site-chat/dist/settings.css/wp-content/plugins/kaira-site-chat/dist/settings.min.css
Script Paths
/wp-content/plugins/kaira-site-chat/dist/frontend.js/wp-content/plugins/kaira-site-chat/dist/frontend.min.js/wp-content/plugins/kaira-site-chat/dist/admin.js/wp-content/plugins/kaira-site-chat/dist/admin.min.js/wp-content/plugins/kaira-site-chat/dist/settings.js/wp-content/plugins/kaira-site-chat/dist/settings.min.js
Version Parameters
kaira-site-chat/dist/frontend.css?ver=kaira-site-chat/dist/frontend.min.css?ver=kaira-site-chat/dist/admin.css?ver=kaira-site-chat/dist/admin.min.css?ver=kaira-site-chat/dist/settings.css?ver=kaira-site-chat/dist/settings.min.css?ver=kaira-site-chat/dist/frontend.js?ver=kaira-site-chat/dist/frontend.min.js?ver=kaira-site-chat/dist/admin.js?ver=kaira-site-chat/dist/admin.min.js?ver=kaira-site-chat/dist/settings.js?ver=kaira-site-chat/dist/settings.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
kaira-site-chat-chatboxkaira-site-chat-widgetkaira-scp-chatbox-widgetkaira-scp-chatbox-wrapperkaira-scp-widget-titlekaira-scp-widget-contentkaira-scp-chat-openkaira-scp-chat-closed
HTML Comments
<!-- Main instance of KairaSiteChat_Admin to prevent the need to use globals. --><!-- Frontend Style --><!-- Frontend JS --><!-- Admin CSS -->+3 more
Data Attributes
data-kairascp-widget-iddata-kairascp-widget-positiondata-kairascp-widget-theme
JS Globals
window.kaira_scp_fswindow.wascJsOption
REST Endpoints
/wp-json/kaira-site-chat/v1/message/wp-json/kaira-site-chat/v1/chat_status
Shortcode Output
[kaira_site_chat][kaira_chat_widget]
FAQ

Frequently Asked Questions about Site Chat – Website Chat & trusted support for your WordPress site and WooCommerce store.