Does Millionchats have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Millionchats compatible with WordPress 5.5.18?

According to WordPress.org data, Millionchats 1.1.1 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

Is Millionchats compatible with PHP 5.6+?

Millionchats requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Millionchats updated?

Millionchats was last updated on Oct 9, 2020. Frequent updates are generally a positive security signal.

What is Millionchats's security score?

Millionchats has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Millionchats Security & Risk Analysis

wordpress.org/plugins/millionchats

Millionchats is the ALL-IN-ONE solution to automate your whatsapp conversations

0 active installs v1.1.1 PHP 5.6+ WP 4.6+ Updated Oct 9, 2020

whatsapp-businesswhatsapp-chatwhatsapp-support

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Millionchats Safe to Use in 2026?

Generally Safe

Score 85/100

Millionchats has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The millionchats plugin v1.1.1 exhibits a mixed security posture. On the positive side, the static analysis reveals no direct SQL injection vulnerabilities, no file operations, and no external HTTP requests, which are common attack vectors. The absence of known CVEs and a clean vulnerability history is also a strong indicator of good security practices by the developers. However, significant concerns arise from the lack of security checks in critical areas. Specifically, the absence of nonce checks and capability checks, combined with a low percentage of properly escaped output, presents a substantial risk. This means that even though there are few direct entry points, the existing ones (like the shortcode) are vulnerable to being exploited if an attacker can trick an authenticated user into triggering them, potentially leading to unauthorized actions or information disclosure. The taint analysis also shows no flows, which could be a result of limited analysis or a true absence of exploitable taint, but the other identified weaknesses overshadow this potential positive sign.

Key Concerns

Missing nonce checks on entry points
Missing capability checks on entry points
Low percentage of properly escaped output

Vulnerabilities

None known

Millionchats Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Millionchats Release Timeline

v1.1.1Current

v1.1.0

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Millionchats Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

29% escaped7 total outputs

Attack Surface

Millionchats Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[millionchats_form] millionchats.php:49

WordPress Hooks 5

actionwp_footermillionchats.php:22

actioninitmillionchats.php:52

actionadmin_enqueue_scriptsmillionchats.php:70

actionadmin_menumillionchats.php:85

actionadmin_initmillionchats.php:137

Maintenance & Trust

Millionchats Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedOct 9, 2020

PHP min version5.6

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Millionchats Alternatives

FormsDeck

formsdeck

100

Add a beautiful WhatsApp form widget & receive responses from customers on "WhatsApp" and "WhatsApp Business".

0 No CVEs

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs

Social Chat – Click To Chat App Button

wp-whatsapp-chat

100

WhatsApp Chat🔥 allows you to enhance customer engagement! Integrate "WhatsApp" or "WhatsApp Business" with a single click.

200K 1 CVE

WP Chat App

wp-whatsapp

Integrate WhatsApp experience directly into your WordPress website.

100K 6 CVEs

Simple Chat Button

simple-chat-button

100

WhatsApp Chat Button - Display the beautiful WhatsApp Sticky Button on the WordPress frontend.

40K No CVEs

Developer Profile

Millionchats Developer Profile

Millionchats

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Millionchats

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/millionchats/admin_css/css.css

Script Paths

https://www.millionchats.com/mc-client.php

HTML / DOM Fingerprints

CSS Classes

millionchats_btn_connectmillionchats_disabled_btnmillionchats_btn_settingsmillionchats_btn_bubblemillionchats_btn_formsmillionchats_settings_menu

Data Attributes

data-formid

Shortcode Output

<div id="mc_form" data-formid="

FAQ