Does OneDesk have any unpatched vulnerabilities?

No. All known vulnerabilities in OneDesk have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is OneDesk compatible with WordPress 6.6.5?

According to WordPress.org data, OneDesk 0.1.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is OneDesk compatible with PHP 5.5.36+?

OneDesk requires PHP 5.5.36 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is OneDesk updated?

OneDesk was last updated on Aug 23, 2024. Frequent updates are generally a positive security signal.

What is OneDesk's security score?

OneDesk has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

OneDesk Security & Risk Analysis

wordpress.org/plugins/onedesk

This plugin allows you to seamlessly add the OneDesk widget to your website and customize it to fit your website aesthetic in order to enhance the ove …

20 active installs v0.1.0 PHP 5.5.36+ WP 5.2+ Updated Aug 23, 2024

accessibilitybusinesscustomerproductivityproject-management

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is OneDesk Safe to Use in 2026?

Generally Safe

Score 92/100

OneDesk has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "onedesk" plugin version 0.1.0 presents a seemingly strong security posture based on the static analysis provided. The plugin has no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a remarkably small attack surface with zero unprotected entry points. Furthermore, the code signals indicate a lack of dangerous functions, no raw SQL queries, and no file operations or external HTTP requests, all of which are positive security indicators. However, a significant concern arises from the complete absence of nonce checks and capability checks, leaving any potential future additions to the plugin highly vulnerable to CSRF and privilege escalation attacks if not addressed. While the vulnerability history is clean, this does not negate the inherent risks introduced by the missing security controls in the current codebase.

Key Concerns

Missing nonce checks
Missing capability checks
Some output not properly escaped

Vulnerabilities

None known

OneDesk Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

OneDesk Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped16 total outputs

Attack Surface

OneDesk Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionwp_enqueue_scriptsincludes\odplugin-scripts.php:11

actionwidgets_initonedesk.php:42

actionwp_footeronedesk.php:74

actionadmin_menutemplates\ODSettingsPage.php:14

actionadmin_inittemplates\ODSettingsPage.php:15

Maintenance & Trust

OneDesk Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedAug 23, 2024

PHP min version5.5.36

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

OneDesk Alternatives

Propovoice: All-in-One Client Management System

propovoice

All-in-one client management system for freelancers & agencies on WordPress. Manage leads, deals, invoices & projects. Get paid faster!

1K 1 unpatched

Insighto AI Widget

insighto-ai-widget

Get Your Free Insighto.ai Key Today and Power Your Business with Smart, Fast and AI-Driven Phone Calls and Chat Support! Enhance your customer support …

0 No CVEs