Does SnatchBot Webchat have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is SnatchBot Webchat compatible with WordPress 5.3.21?

According to WordPress.org data, SnatchBot Webchat 1.0.0 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

Is SnatchBot Webchat compatible with PHP 5.2.4+?

SnatchBot Webchat requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SnatchBot Webchat updated?

SnatchBot Webchat was last updated on May 20, 2020. Frequent updates are generally a positive security signal.

What is SnatchBot Webchat's security score?

SnatchBot Webchat has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SnatchBot Webchat Security & Risk Analysis

wordpress.org/plugins/snatchbot-webchat

Easily integrate powerful chatbots onto your Wordpress website. Just one click to add SnatchBot widget to your page.

200 active installs v1.0.0 PHP 5.2.4+ WP 3.1.0+ Updated May 20, 2020

tagtekkentournament

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is SnatchBot Webchat Safe to Use in 2026?

Generally Safe

Score 85/100

SnatchBot Webchat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The snatchbot-webchat plugin v1.0.0 exhibits several significant security concerns, primarily stemming from a lack of authentication checks on its AJAX handlers. With 5 AJAX handlers identified and all 5 lacking proper authentication, this creates a substantial attack surface that could be exploited by unauthenticated users. While the plugin demonstrates good practices in its use of prepared statements for SQL queries and a reasonable percentage of properly escaped output, the absence of nonce checks on these critical entry points is a major weakness. The plugin's vulnerability history is clean, with no recorded CVEs, which is positive. However, this lack of past issues does not negate the immediate risks presented by the current code analysis, particularly the unprotected AJAX endpoints. The overall security posture is weakened by these authentication and nonce deficiencies, outweighing the positive aspects of its SQL and output handling.

Key Concerns

AJAX handlers without authentication
AJAX handlers without nonce checks
Low percentage of properly escaped output (72%)

Vulnerabilities

None known

SnatchBot Webchat Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

SnatchBot Webchat Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

SnatchBot Webchat Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

94% prepared17 total queries

Output Escaping

72% escaped36 total outputs

Attack Surface

5 unprotected

SnatchBot Webchat Attack Surface

Entry Points5

Unprotected5

AJAX Handlers 5

authwp_ajax_loginadmin\ajax-actions.php:21

authwp_ajax_logout_actionadmin\ajax-actions.php:22

authwp_ajax_refresh_accessadmin\ajax-actions.php:23

authwp_ajax_get_botsadmin\ajax-actions.php:24

authwp_ajax_deploy_botadmin\ajax-actions.php:25

WordPress Hooks 4

actionadmin_menuadmin\admin.php:23

actionadmin_enqueue_scriptsadmin\admin.php:24

actionwp_enqueue_scriptsclient\client.php:23

actioninitincludes\sbw-utility-functions.php:10

Maintenance & Trust

SnatchBot Webchat Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedMay 20, 2020

PHP min version5.2.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

SnatchBot Webchat Alternatives

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

WPvivid — Backup, Migration & Staging

wpvivid-backuprestore

Migrate, staging, backup WordPress, all in one.

900K 26 CVEs

GTM4WP – A Google Tag Manager (GTM) plugin for WordPress

duracelltomi-google-tag-manager

Advanced tag management for WordPress with Google Tag Manager

700K 3 CVEs

PixelYourSite – Your smart PIXEL (TAG) & API Manager

pixelyoursite

Add Meta Pixel with Conversion API, Google Analytics (GA4) + Consent Mode, Google Tag Manager, and Head & Footer scripts.

500K 11 CVEs

AddQuicktag

addquicktag

This plugin makes it easy to add Quicktags to the html - and visual-editor.

100K No CVEs

Developer Profile

SnatchBot Webchat Developer Profile

SnatchBot

1 plugin · 200 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SnatchBot Webchat

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/snatchbot-webchat/assets/css/BotsTableCSS.css/wp-content/plugins/snatchbot-webchat/assets/css/easyDeployCSS.css/wp-content/plugins/snatchbot-webchat/assets/images/favicons/favicon.ico/wp-content/plugins/snatchbot-webchat/assets/js/embedCodeJS.js

Script Paths

https://account.snatchbot.me/script.js

Version Parameters

snatchbot-webchat/assets/css/BotsTableCSS.css?ver=snatchbot-webchat/assets/css/easyDeployCSS.css?ver=snatchbot-webchat/assets/js/embedCodeJS.js?ver=

HTML / DOM Fingerprints

JS Globals

snatchBot

FAQ