WP-Safety

Plug-N-Meet web conference integration Security & Risk Analysis

wordpress.org/plugins/plugnmeet

x-release-please-start-version Stable tag: 2.1.1 # x-release-please-end Requires PHP: 8.2.0 License: GPLv2 or later License URI: http://www.gnu.

100 active installs v2.1.1 PHP 8.2.0+ WP 6.6+ Updated Feb 2, 2026
online-meetingvideo-chatvideo-conferencevirtual-classroomwebinar
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Plug-N-Meet web conference integration Safe to Use in 2026?

Generally Safe

Score 100/100

Plug-N-Meet web conference integration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The plugin 'plugnmeet' v2.1.1 exhibits a concerning security posture primarily due to a large attack surface with no authentication checks on its AJAX handlers. While the plugin shows good practices in using prepared statements for SQL queries and has a clean vulnerability history with no known CVEs, the unprotected entry points present a significant risk. The taint analysis reveals critical flows with unsanitized paths, indicating potential for data manipulation or execution if these paths are exploited.

Specifically, the presence of 10 AJAX handlers without any form of authentication or nonce checks is a major weakness. This means any unauthenticated user could potentially interact with these handlers, leading to unintended actions or information disclosure. Combined with the high number of taint flows identified as having unsanitized paths, this creates a prime environment for attackers to inject malicious data or code. The plugin's strengths lie in its avoidance of dangerous functions and its generally secure handling of SQL. However, the glaring lack of authentication on a substantial portion of its entry points, coupled with identified taint issues, significantly outweighs these positives, demanding immediate attention.

Key Concerns

  • 10 AJAX handlers without auth checks
  • High number of unsanitized taint flows
  • Insufficient capability checks
  • Moderate output escaping (55% proper)
Vulnerabilities
None known

Plug-N-Meet web conference integration Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Plug-N-Meet web conference integration Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
13 prepared
Unescaped Output
117
142 escaped
Nonce Checks
16
Capability Checks
6
File Operations
5
External Requests
1
Bundled Libraries
0

SQL Query Safety

93% prepared14 total queries

Output Escaping

55% escaped259 total outputs
Data Flows
7 unsanitized

Data Flow Analysis

7 flows7 with unsanitized paths
<plugnmeet-admin-display-rooms-pagination> (admin\partials\plugnmeet-admin-display-rooms-pagination.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
10 unprotected

Plug-N-Meet web conference integration Attack Surface

Entry Points10
Unprotected10

AJAX Handlers 10

authwp_ajax_plugnmeet_update_clientincludes\class-plugnmeet.php:175
authwp_ajax_plugnmeet_save_room_dataincludes\class-plugnmeet.php:177
authwp_ajax_plugnmeet_delete_roomincludes\class-plugnmeet.php:178
noprivwp_ajax_plugnmeet_login_to_roomincludes\class-plugnmeet.php:218
authwp_ajax_plugnmeet_login_to_roomincludes\class-plugnmeet.php:219
noprivwp_ajax_plugnmeet_get_recordingsincludes\class-plugnmeet.php:221
authwp_ajax_plugnmeet_get_recordingsincludes\class-plugnmeet.php:222
noprivwp_ajax_plugnmeet_download_recordingincludes\class-plugnmeet.php:224
authwp_ajax_plugnmeet_download_recordingincludes\class-plugnmeet.php:225
authwp_ajax_plugnmeet_delete_recordingincludes\class-plugnmeet.php:227
WordPress Hooks 13
actionplugins_loadedincludes\class-plugnmeet.php:155
actionadmin_enqueue_scriptsincludes\class-plugnmeet.php:170
actionadmin_enqueue_scriptsincludes\class-plugnmeet.php:171
actionadmin_initincludes\class-plugnmeet.php:172
actionadmin_menuincludes\class-plugnmeet.php:173
actionwp_enqueue_scriptsincludes\class-plugnmeet.php:192
actionwp_enqueue_scriptsincludes\class-plugnmeet.php:193
actioninitincludes\class-plugnmeet.php:195
actionquery_varsincludes\class-plugnmeet.php:196
actiontemplate_includeincludes\class-plugnmeet.php:197
actioninitincludes\class-plugnmeet.php:200
actionwp_print_stylespublic\partials\plugnmeet-public-display-client.php:94
filterscript_loader_tagpublic\partials\plugnmeet-public-display-client.php:123
Maintenance & Trust

Plug-N-Meet web conference integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 2, 2026
PHP min version8.2.0
Downloads12K

Community Trust

Rating40/100
Number of ratings1
Active installs100
Alternatives

Plug-N-Meet web conference integration Alternatives

Video Conferencing with Zoom

Video Conferencing with Zoom

video-conferencing-with-zoom-api

A
95

Gives you the power to manage Zoom Meetings, Zoom Webinars, Recordings, Reports and create users directly from your WordPress dashboard.

20K 9 CVEs
FlexMeeting – Webinar & Meeting Plugin for Jitsi Meet

FlexMeeting – Webinar & Meeting Plugin for Jitsi Meet

webinar-and-video-conference-with-jitsi-meet

A
99

Host webinars and video conferences directly on your site. Add branded Jitsi-based meetings and live sessions easily.

1K 2 CVEs
Virtual Classroom – Video Conferencing & Online Meeting with BigBlueButton

Virtual Classroom – Video Conferencing & Online Meeting with BigBlueButton

video-conferencing-with-bbb

A
100

This plugin allows teachers to manage their live virtual classrooms, video conference and online meeting right from WordPress.

500 No CVEs
LiveWebinar

LiveWebinar

livewebinar

A
100

Most Advanced Webinar Software. Collaborate Anywhere. Try an advanced platform for webinars fully tailored to your business. No credit card required.

50 No CVEs
Video Conferencing with Webex

Video Conferencing with Webex

video-conferencing-webex

A
100

Enables you to visually collaborate, create, edit, delete and align your Webex meeting schedules directly from your WordPress dashboard.

20 No CVEs
Developer Profile

Plug-N-Meet web conference integration Developer Profile

bobteng

1 plugin · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Plug-N-Meet web conference integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/plugnmeet/admin/css/bootstrap.min.css/wp-content/plugins/plugnmeet/admin/css/bootstrap-colorpicker.min.css/wp-content/plugins/plugnmeet/admin/css/plugnmeet-admin.css/wp-content/plugins/plugnmeet/admin/js/bootstrap.bundle.js/wp-content/plugins/plugnmeet/admin/js/bootstrap-colorpicker.min.js/wp-content/plugins/plugnmeet/admin/js/plugnmeet-admin.js
Script Paths
admin/js/bootstrap.bundle.jsadmin/js/bootstrap-colorpicker.min.jsadmin/js/plugnmeet-admin.js
Version Parameters
plugnmeet-admin.js?ver=bootstrap.bundle.js?ver=bootstrap-colorpicker.min.js?ver=

HTML / DOM Fingerprints

JS Globals
ajax_admin
FAQ

Frequently Asked Questions about Plug-N-Meet web conference integration