Does Leadcube have any unpatched vulnerabilities?

No. All known vulnerabilities in Leadcube have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Leadcube compatible with WordPress 6.7.5?

According to WordPress.org data, Leadcube 1.0.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Leadcube updated?

Leadcube was last updated on Jan 20, 2025. Frequent updates are generally a positive security signal.

What is Leadcube's security score?

Leadcube has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Leadcube Security & Risk Analysis

wordpress.org/plugins/leadcube

Implement Leadcube widgets on your WordPress websites with ease.

0 active installs v1.0.0 PHP + WP 3.0.1+ Updated Jan 20, 2025

generationleadcubeleadswidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Leadcube Safe to Use in 2026?

Generally Safe

Score 92/100

Leadcube has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The plugin 'leadcube' v1.0.0 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly reduces the attack surface. Furthermore, the code signals indicate diligent development practices, with all SQL queries utilizing prepared statements, all output properly escaped, and no file operations or external HTTP requests detected. The lack of any identified dangerous functions or unsanitized taint flows further reinforces this positive assessment. The vulnerability history is also clean, with no known CVEs recorded, suggesting a history of secure development or a lack of past security scrutiny. However, the complete absence of nonce checks and capability checks across the entire plugin is a notable weakness. While there are no direct entry points identified for these checks to be relevant in this specific version, it suggests a potential lack of fundamental security implementation that could become a problem if the plugin evolves to include user-interactive features without these safeguards.

Key Concerns

No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Leadcube Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Leadcube Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped8 total outputs

Attack Surface

Leadcube Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionwp_footerincludes\class-leadcube-footer-script.php:17

filterscript_loader_tagincludes\class-leadcube-footer-script.php:33

actionadmin_menuincludes\class-leadcube-settings.php:16

actionadmin_initincludes\class-leadcube-settings.php:17

Maintenance & Trust

Leadcube Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 20, 2025

PHP min version

Downloads378

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Leadcube Alternatives

Chatbot for WordPress by Collect.chat ⚡️

collectchat

Chatbots without AI are the easiest way to collect leads & data from visitors. Create a free chatbot without coding using Collect.chat.

7K 4 CVEs

Boei – Chat Widget & AI Chatbot with 50+ Channels

boei-help

100

Capture every lead. Reply instantly. Close more deals. AI chatbot, 50+ contact channels, single inbox, and lead tracking—all in one WordPress plugin.

1K No CVEs

SiteGround Email Marketing

siteground-email-marketing

Lead generation plugin that will allow you to add subsription forms and use them for automatic lead submission to SiteGround Email Marketing service.

1K 1 CVE

Movylo Marketing Automation

movylo-widget

Build your Customer List by capturing leads from your website and social and then automatically convert the list into real sales.

700 1 unpatched

Happierleads – Identify your B2B website visitors even if they work remotely

happierleads

Identify your B2B website visitors that work remotely Generate 3X more leads than your competition by using your existing web traffic

600 No CVEs

Developer Profile

Leadcube Developer Profile

leadcubeio

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Leadcube

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/leadcube/assets/leadcube.css/wp-content/plugins/leadcube/assets/leadcube.js

Script Paths

https://leadcube.io/build/assets/widget.js

HTML / DOM Fingerprints

JS Globals

window.Leadcube

FAQ