Does SiteLeads have any unpatched vulnerabilities?

No. All known vulnerabilities in SiteLeads have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SiteLeads compatible with WordPress 6.8.5?

According to WordPress.org data, SiteLeads 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is SiteLeads compatible with PHP 7.4+?

SiteLeads requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SiteLeads updated?

SiteLeads was last updated on Nov 6, 2025. Frequent updates are generally a positive security signal.

What is SiteLeads's security score?

SiteLeads has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SiteLeads Security & Risk Analysis

wordpress.org/plugins/siteleads

Generate more leads with customizable floating contact buttons for phone, email, and WhatsApp communication.

10 active installs v1.0.0 PHP 7.4+ WP 6.4+ Updated Nov 6, 2025

conversionemailleadsphonewhatsapp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SiteLeads Safe to Use in 2026?

Generally Safe

Score 100/100

SiteLeads has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'siteleads' v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, or unescaped output is a significant positive. Furthermore, the plugin demonstrates robust input validation and authorization practices by having zero unprotected AJAX handlers, REST API routes, shortcodes, or cron events, and a complete absence of any identified taint flows. The vulnerability history is also completely clean, with no known CVEs ever recorded for this plugin. This suggests a development team that is either highly security-conscious or has not yet encountered exploitable vulnerabilities. The only minor point of consideration is the bundling of Lodash, which, while common, should always be kept up-to-date to mitigate potential known vulnerabilities within the library itself, though no specific issues are indicated here.

Key Concerns

Bundled library Lodash

Vulnerabilities

None known

SiteLeads Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SiteLeads Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Lodash

Attack Surface

SiteLeads Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

SiteLeads Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 6, 2025

PHP min version7.4

Downloads159

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

SiteLeads Alternatives

Mobile Contact Line

mobile-contact-line

Simple plugin that allow you add mobile contact line to your wordpress site

1K 1 CVE

Contact Widgets For Elementor all the contact links you need in one place

contact-widgets-for-elementor

Contact Widgets For Elementor , Now you can add all the beast ways to contact you: Whatsapp, SMS, Facebook messenger, Email, Phone and Waze.

500 No CVEs

Astro Sticky Buttons

astro-sticky-buttons

100

Add sticky buttons for easy contact and social sharing on your site. Supports email, phone, WhatsApp, Skype, Facebook, Instagram, and more.

10 No CVEs

BreezeTact

breezetactfreemium

BreezeTact is a plugin meant to enhance user experience on mobile devices to get better conversions.

10 No CVEs

Bisteinoff Global Contact Manager

db-website-settings

100

Centralize your website’s contact details in one place and insert them anywhere using shortcodes. Update once — sync everywhere.

10 No CVEs

Developer Profile

SiteLeads Developer Profile

Extend Themes

59 plugins · 429K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

92 days

View full developer profile

Detection Fingerprints

How We Detect SiteLeads

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/siteleads/assets/css/admin.css/wp-content/plugins/siteleads/assets/css/frontend.css/wp-content/plugins/siteleads/assets/js/admin.js/wp-content/plugins/siteleads/assets/js/frontend.js

Script Paths

/wp-content/plugins/siteleads/assets/js/admin.js/wp-content/plugins/siteleads/assets/js/frontend.js

Version Parameters

siteleads/assets/css/admin.css?ver=siteleads/assets/css/frontend.css?ver=siteleads/assets/js/admin.js?ver=siteleads/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

siteleads-admin-pagesiteleads-form-buildersiteleads-form-wrapper

HTML Comments

Data Attributes

data-siteleads-form-iddata-siteleads-nonce

JS Globals

siteleads_ajax_object

REST Endpoints

/wp-json/siteleads/v1/forms/wp-json/siteleads/v1/submissions

Shortcode Output

[siteleads_form id="

FAQ

SiteLeads Security & Risk Analysis

Is SiteLeads Safe to Use in 2026?

Generally Safe

Key Concerns

SiteLeads Security Vulnerabilities

SiteLeads Code Analysis

Bundled Libraries

SiteLeads Attack Surface

SiteLeads Maintenance & Trust

Maintenance Signals

Community Trust

SiteLeads Alternatives

Mobile Contact Line

Contact Widgets For Elementor all the contact links you need in one place

Astro Sticky Buttons

BreezeTact

Bisteinoff Global Contact Manager

SiteLeads Developer Profile

How We Detect SiteLeads

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about SiteLeads