Does Contact Forms, Live Support, CRM, Video Messages have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Contact Forms, Live Support, CRM, Video Messages compatible with WordPress 6.8.5?

According to WordPress.org data, Contact Forms, Live Support, CRM, Video Messages 1.12.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Contact Forms, Live Support, CRM, Video Messages compatible with PHP 7.4+?

Contact Forms, Live Support, CRM, Video Messages requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Contact Forms, Live Support, CRM, Video Messages's security score?

Contact Forms, Live Support, CRM, Video Messages has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Contact Forms, Live Support, CRM, Video Messages Security & Risk Analysis

wordpress.org/plugins/live-support-tickets

Streamline support with integrated CRM, live chat, and custom contact forms for enhanced user interaction.

10 active installs v1.12.1 PHP 7.4+ WP 5.1+ Updated Mar 28, 2026

chatcontactcrmformsupport

A · Safe

CVEs total1

Unpatched0

Last CVEOct 14, 2024

Plugin page Download

Safety Verdict

Is Contact Forms, Live Support, CRM, Video Messages Safe to Use in 2026?

Generally Safe

Score 99/100

Contact Forms, Live Support, CRM, Video Messages has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Oct 14, 2024Updated 1mo ago

Risk Assessment

The 'live-support-tickets' plugin v1.12.1 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices, with a high percentage of SQL queries using prepared statements and a large majority of output being properly escaped. The plugin also incorporates a significant number of nonce and capability checks, indicating an effort to protect against common WordPress attacks. However, the presence of 8 unprotected AJAX handlers represents a notable weakness in its attack surface, potentially allowing unauthorized users to trigger actions. The taint analysis revealing two high-severity flows with unsanitized paths is a significant concern, suggesting potential for exploitation even with other good practices in place.

The plugin's vulnerability history shows one previously known medium-severity CVE related to Exposure of Sensitive Information to an Unauthorized Actor. While this CVE is currently patched, the nature of the vulnerability suggests a need for continued vigilance in handling sensitive data. The lack of critical or high severity historical vulnerabilities is positive, but the existence of even one indicates that security is not absolute. Overall, the plugin has strengths in its general coding hygiene, but the specific issues identified in the static analysis (unprotected AJAX, high-severity taint flows) and its past vulnerability history necessitate careful consideration of its security.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Medium severity CVE in history
Use of unserialize function

Vulnerabilities

1 published

Contact Forms, Live Support, CRM, Video Messages Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-49235medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Contact Forms, Live Support, CRM, Video Messages <= 1.10.3 - Unauthenticated Information Disclosure

Oct 14, 2024 Patched in 1.11.1 (26d)

Version History

Contact Forms, Live Support, CRM, Video Messages Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Contact Forms, Live Support, CRM, Video Messages Code Analysis

Dangerous Functions

Raw SQL Queries

366 prepared

Unescaped Output

107

1235 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$meta = $contact->meta ? unserialize( $contact->meta ) : array();inc/server.php:163

unserialize$meta = $contact->meta ? unserialize( $contact->meta ) : array();inc/server.php:206

unserialize$meta = $contact->meta ? unserialize( $contact->meta ) : array();inc/server.php:238

unserialize$meta = $contact->meta ? unserialize( $contact->meta ) : array();inc/server.php:279

unserialize$meta = $contact->meta ? unserialize( $contact->meta ) : array();inc/server.php:628

unserialize$cMeta = $cRow->meta ? unserialize( $cRow->meta ) : array();inc/server.php:1003

unserializeif ($contact->meta) $meta = unserialize($contact->meta);inc/server.php:1743

unserializeif ($contact->meta) $meta = unserialize($contact->meta);inc/server.php:1824

unserializeif ($contact->meta) $metaC = unserialize($contact->meta);inc/server.php:1988

unserialize$meta = unserialize($contact->meta);inc/server.php:2625

unserialize$meta = unserialize($contact->meta);inc/server.php:2779

unserialize$meta = unserialize($forContact->meta);inc/server.php:2845

unserialize$meta = unserialize($contactR->meta);inc/server.php:2902

unserialize$meta = unserialize($forContact->meta);inc/server.php:2935

unserialize$meta = unserialize($message->meta);inc/server.php:2941

unserializeif ($ticket->meta) $meta = unserialize($ticket->meta);inc/server.php:2969

unserializeif ($r->meta) $meta = unserialize($r->meta);inc/server.php:3028

unserializeif ($contact->meta) $meta = unserialize($contact->meta);inc/server.php:3102

unserialize$meta = unserialize($contact->meta);inc/server.php:3202

unserialize$meta = unserialize($r->meta);inc/server.php:3342

unserialize$meta = unserialize($contact->meta);inc/server.php:3683

unserialize$tMeta = unserialize($ticket->meta);inc/server.php:4235

unserialize$meta = unserialize($r->meta);inc/server.php:4365

unserializeif (isset($ticket) && $ticket->meta) $tmeta = unserialize($ticket->meta);inc/server.php:4468

unserialize$meta = unserialize($contact->meta);inc/server.php:4542

unserialize$meta = unserialize($contact->meta);inc/shortcodes.php:2199

unserializeif ($contact->meta) $meta = unserialize($contact->meta);inc/shortcodes.php:3799

ini_setini_set( 'display_errors', 1 ); // debug onlyserver/translate.php:8

SQL Query Safety

98% prepared373 total queries

Output Escaping

92% escaped1342 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

18 flows3 with unsanitized paths

adminSupportStats (inc/options.php:294)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

8 unprotected

Contact Forms, Live Support, CRM, Video Messages Attack Surface

Entry Points35

Unprotected8

AJAX Handlers 8

authwp_ajax_vws_settingslive-support-tickets.php:73

noprivwp_ajax_vws_settingslive-support-tickets.php:74

authwp_ajax_vws_applive-support-tickets.php:76

noprivwp_ajax_vws_applive-support-tickets.php:77

authwp_ajax_vws_contact_optionlive-support-tickets.php:79

noprivwp_ajax_vws_contact_optionlive-support-tickets.php:80

authwp_ajax_vws_render_restream_playerlive-support-tickets.php:82

noprivwp_ajax_vws_render_restream_playerlive-support-tickets.php:83

REST API Routes 16

GET/wp-json/video-live-support/v1/logininc/server.php:24

POST/wp-json/video-live-support/v1/contact_newinc/server.php:30

POST/wp-json/video-live-support/v1/contact_confirminc/server.php:36

POST/wp-json/video-live-support/v1/ticketinc/server.php:42

POST/wp-json/video-live-support/v1/listinc/server.php:48

POST/wp-json/video-live-support/v1/forminc/server.php:54

POST/wp-json/video-live-support/v1/draftinc/server.php:60

GET/wp-json/video-live-support/v1/remote/configinc/server.php:67

POST/wp-json/video-live-support/v1/remote/registerinc/server.php:73

POST/wp-json/video-live-support/v1/remote/confirminc/server.php:79

POST/wp-json/video-live-support/v1/remote/logininc/server.php:85

POST/wp-json/video-live-support/v1/remote/accountsinc/server.php:91

POST/wp-json/video-live-support/v1/remote/account_newinc/server.php:97

POST/wp-json/video-live-support/v1/remote/settingsinc/server.php:103

POST/wp-json/video-live-support/v1/remote/pushinc/server.php:109

POST/wp-json/video-live-support/v1/remote/reminderinc/server.php:115

Shortcodes 11

[videowhisper_support_account_stats] live-support-tickets.php:49

[videowhisper_support_schedule] live-support-tickets.php:50

[videowhisper_support_schedule_editor] live-support-tickets.php:51

[videowhisper_support_dash] live-support-tickets.php:52

[videowhisper_support_restream] live-support-tickets.php:53

[videowhisper_support_login] live-support-tickets.php:55

[videowhisper_support_accounts] live-support-tickets.php:65

[videowhisper_support_micropayments] live-support-tickets.php:66

[videowhisper_support] live-support-tickets.php:67

[videowhisper_support_conversations] live-support-tickets.php:68

[videowhisper_support_buttons] live-support-tickets.php:69

WordPress Hooks 26

filterwpseo_metadescinc/shortcodes.php:2056

filterrank_math/frontend/descriptioninc/shortcodes.php:2064

filteraioseo_descriptioninc/shortcodes.php:2072

filterseopress_titles_descinc/shortcodes.php:2080

actionwp_headinc/shortcodes.php:2087

filterstyle_loader_taginc/shortcodes.php:4427

actionafter_setup_themelive-support-tickets.php:56

actionafter_setup_themelive-support-tickets.php:57

filterregister_urllive-support-tickets.php:61

filterlogin_urllive-support-tickets.php:62

actionwplive-support-tickets.php:71

actionupdate_option_VWdeepLlangslive-support-tickets.php:86

filterthe_contentlive-support-tickets.php:95

actionbp_setup_navlive-support-tickets.php:99

actionrest_api_initlive-support-tickets.php:426

actionbp_template_titlelive-support-tickets.php:565

actionbp_template_contentlive-support-tickets.php:566

actioninitlive-support-tickets.php:663

actionplugins_loadedlive-support-tickets.php:664

actionadmin_menulive-support-tickets.php:667

actionadmin_bar_menulive-support-tickets.php:668

actionset_logged_in_cookielive-support-tickets.php:671

filterlogin_redirectlive-support-tickets.php:674

filtersingle_templatelive-support-tickets.php:677

filterpage_templatelive-support-tickets.php:678

actionlogin_formlive-support-tickets.php:682

Maintenance & Trust

Contact Forms, Live Support, CRM, Video Messages Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMar 28, 2026

PHP min version7.4

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Contact Forms, Live Support, CRM, Video Messages Alternatives

SlimFAQ

slimfaq

Easy integration of the SlimFAQ sidebar with optional Intercom integration.

10 No CVEs

Engage Agent

engage-agent

100

AI chat, contact form, waitlist, and newsletter in one plugin. Feeds leads into EmpireVault CRM automatically.

0 No CVEs

HubSpot All-In-One Marketing – Forms, Popups, Live Chat

leadin

The CRM, Sales, and Marketing WordPress plugin to grow your business better. Capture and engage web visitors with free live chat, forms, CRM, email ma …

200K 3 CVEs

AFI – The Easiest Integration Plugin

advanced-form-integration

Connect any WordPress form or event to 200+ apps — no code. Send leads, orders, and signups to your CRM, email, or sheets in minutes.

10K 9 CVEs

Lenix Leads Collector

lenix-elementor-leads-addon

Leads Collector, Collects forms entries from Elementor,Cf7,WPForms and more with export to CSV.

10K 1 CVE

Developer Profile

Contact Forms, Live Support, CRM, Video Messages Developer Profile

videowhisper

13 plugins · 1K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

1046 days

View full developer profile

Detection Fingerprints

How We Detect Contact Forms, Live Support, CRM, Video Messages

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/live-support-tickets/assets/css/vw-support-style.css/wp-content/plugins/live-support-tickets/assets/css/vw-support-frontend.css/wp-content/plugins/live-support-tickets/assets/js/vw-support-app.js/wp-content/plugins/live-support-tickets/assets/js/vw-support-frontend.js/wp-content/plugins/live-support-tickets/assets/js/vw-support-backend.js

Script Paths

/wp-content/plugins/live-support-tickets/assets/js/vw-support-app.js/wp-content/plugins/live-support-tickets/assets/js/vw-support-frontend.js/wp-content/plugins/live-support-tickets/assets/js/vw-support-backend.js

Version Parameters

live-support-tickets/assets/css/vw-support-style.css?ver=live-support-tickets/assets/css/vw-support-frontend.css?ver=live-support-tickets/assets/js/vw-support-app.js?ver=live-support-tickets/assets/js/vw-support-frontend.js?ver=live-support-tickets/assets/js/vw-support-backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

vw-support-login-formvw-support-register-formvw-support-account-statsvw-support-schedule-widgetvw-support-conversation-threadvw-support-ticket-list

HTML Comments

+10 more

Data Attributes

data-vw-support-iddata-vw-user-iddata-conversation-iddata-ticket-id

JS Globals

vw_support_ajax_urlvw_support_data

REST Endpoints

/wp-json/vws/v1/settings/wp-json/vws/v1/app/wp-json/vws/v1/contact/wp-json/vws/v1/message/wp-json/vws/v1/ticket/wp-json/vws/v1/conversation/wp-json/vws/v1/user

Shortcode Output

[videowhisper_support_account_stats][videowhisper_support_schedule][videowhisper_support_schedule_editor][videowhisper_support_dash]

FAQ