Does QuadLayers Telegram Button have any unpatched vulnerabilities?

No. All known vulnerabilities in QuadLayers Telegram Button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is QuadLayers Telegram Button compatible with WordPress 6.9.4?

According to WordPress.org data, QuadLayers Telegram Button 3.2.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is QuadLayers Telegram Button compatible with PHP 5.6+?

QuadLayers Telegram Button requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is QuadLayers Telegram Button updated?

QuadLayers Telegram Button was last updated on Dec 3, 2025. Frequent updates are generally a positive security signal.

What is QuadLayers Telegram Button's security score?

QuadLayers Telegram Button has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

QuadLayers Telegram Button Security & Risk Analysis

wordpress.org/plugins/quadlayers-telegram-chat

Telegram Button allows your users to contact you through Telegram chat with a single click.

1K active installs v3.2.7 PHP 5.6+ WP 4.7+ Updated Dec 3, 2025

click-to-chattelegramtelegram-businesstelegram-chattelegram-support

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is QuadLayers Telegram Button Safe to Use in 2026?

Generally Safe

Score 100/100

QuadLayers Telegram Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "quadlayers-telegram-chat" plugin version 3.2.7 demonstrates a generally good security posture with a clean vulnerability history and no critical findings in static analysis or taint flows. The plugin exhibits strong adherence to secure coding practices, as evidenced by a high percentage of properly escaped outputs and a reasonable number of nonce and capability checks. The absence of known CVEs and a lack of recorded common vulnerability types further reinforce this positive assessment.

However, there are a few areas that warrant attention. The presence of two SQL queries that do not utilize prepared statements is a potential concern, as this could open the door to SQL injection vulnerabilities if not handled with extreme care in sanitization. Additionally, the plugin makes one external HTTP request, which, while not inherently insecure, represents an attack vector that requires careful monitoring and validation of the remote resource's integrity. The bundled Select2 library, while common, should be kept updated to mitigate any potential known vulnerabilities within that component.

Overall, the plugin appears to be developed with security in mind, with a strong emphasis on output escaping and authentication checks where applicable. The identified areas for improvement are not critical flaws but rather opportunities to further harden the plugin against potential threats. Continued vigilance in maintaining updated libraries and adopting prepared statements for all database interactions would further enhance its security.

Key Concerns

Raw SQL queries without prepared statements
External HTTP request present
Bundled library (Select2)

Vulnerabilities

None known

QuadLayers Telegram Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

QuadLayers Telegram Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

98 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

0% prepared2 total queries

Output Escaping

95% escaped103 total outputs

Attack Surface

QuadLayers Telegram Button Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 22

actionwp_default_scriptsjetpack_vendor\automattic\jetpack-assets\actions.php:11

actionplugins_loadedjetpack_vendor\automattic\jetpack-assets\actions.php:12

filterwp_resource_hintsjetpack_vendor\automattic\jetpack-assets\src\class-assets.php:182

actionwp_loadedjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:38

actionenqueue_block_editor_assetsjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:52

actionshutdownjetpack_vendor\automattic\jetpack-status\src\class-errors.php:38

actionwp_network_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:36

actionwp_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:37

actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:95

actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:104

actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-required\src\Load.php:40

filterinstall_plugins_tabsjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:33

actioninstall_plugins_quadlayersjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:34

actionplugins_loadedjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:47

actionadmin_menujetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:50

actionadmin_initjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:55

filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:56

filterself_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:52

filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:53

filterplugin_row_metajetpack_vendor\quadlayers\wp-plugin-table-links\src\Load.php:36

actioninitvendor_packages\wp-notice-plugin-promote.php:4

actioninitvendor_packages\wp-plugin-table-links.php:4

Maintenance & Trust

QuadLayers Telegram Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 3, 2025

PHP min version5.6

Downloads44K

Community Trust

Rating96/100

Number of ratings14

Active installs1K

Alternatives

QuadLayers Telegram Button Alternatives

WP Telegram Chat Widget

ninjateam-telegram

Integrate Telegram experience directly into your WordPress website.

200 2 CVEs

Pulsating Chat Button

amin-chat-button

WhatsApp or Telegram Chat🔥. Adds a pulsating WhatsApp or Telegram button 🍀 to your website. Fast and easy installation. Setting up target id GTM and Y …

2K 1 CVE

Chat Bro Live Group Chat

chatbro

Chat Bro - live Chat for your website. Turns your Telegram Chat or VK Chat into Live Chat on your website. Allows your visitors to Chat in live group …

200 No CVEs

Chat Everywhere

chat-everywhere

100

Open a WhatsApp or a Telegram chat just adding a class to any html element!

10 No CVEs

ChatBot for Telegram

chatbot-for-telegram

100

Telegram ChatBot. Create a Chat Bot for Telegram with the power of the WPBot. Supports Simple text Responses, conversational forms and more

10 No CVEs

Developer Profile

QuadLayers Telegram Button Developer Profile

quadlayers

17 plugins · 654K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

501 days

View full developer profile

Detection Fingerprints

How We Detect QuadLayers Telegram Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/quadlayers-telegram-chat/assets/css/public.css/wp-content/plugins/quadlayers-telegram-chat/assets/js/public.js

Version Parameters

quadlayers-telegram-chat/assets/css/public.css?ver=quadlayers-telegram-chat/assets/js/public.js?ver=

HTML / DOM Fingerprints

CSS Classes

qltgm-cta

Data Attributes

data-qltgm-settings

JS Globals

QLTGM_CONFIG

Shortcode Output

[qltgm-chat]

FAQ