WP-Safety

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Security & Risk Analysis

wordpress.org/plugins/social-contact-form

Connect contact forms and WooCommerce to WhatsApp by live click to chat. Send form data to WhatsApp Business for instant customer engagement

3K active installs v2.15.1 PHP 5.6+ WP 5.0+ Updated Feb 9, 2026
click-to-chatlive-chatwhatsapp-businesswhatsapp-chatwoocommerce-whatsapp
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Contact Form to Chat Apps | Click to Chat to Order – FormyChat Safe to Use in 2026?

Generally Safe

Score 100/100

Contact Form to Chat Apps | Click to Chat to Order – FormyChat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "social-contact-form" plugin v2.15.1 exhibits a mixed security posture. While it demonstrates good practices by avoiding dangerous functions, file operations, and external HTTP requests, and utilizing prepared statements for a majority of its SQL queries, significant concerns arise from its attack surface. A notable number of AJAX handlers (4 out of 5) and REST API routes (2 out of 20) lack proper authentication or permission checks, exposing these entry points to potential unauthorized access and manipulation. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating potential vulnerabilities that could lead to data compromise or code execution if exploited. The absence of any recorded CVEs is a positive sign, suggesting a history of stable and secure releases. However, this does not negate the risks identified in the static and taint analysis.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • High severity taint flows with unsanitized paths
  • SQL queries not using prepared statements
  • Outputs not properly escaped
Vulnerabilities
None known

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Code Analysis

Dangerous Functions
0
Raw SQL Queries
26
38 prepared
Unescaped Output
35
197 escaped
Nonce Checks
7
Capability Checks
13
File Operations
0
External Requests
5
Bundled Libraries
0

SQL Query Safety

59% prepared64 total queries

Output Escaping

85% escaped232 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

9 flows4 with unsanitized paths
template_redirect (includes\public\class-widget-form.php:85)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
6 unprotected

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Attack Surface

Entry Points25
Unprotected6

AJAX Handlers 5

authwp_ajax_ff_save_formychat_settingsincludes\forms\fluentform\class-fluentform-admin.php:33
authwp_ajax_formychat_get_formidable_entryincludes\forms\formidable\class-formidable-frontend.php:35
noprivwp_ajax_formychat_get_formidable_entryincludes\forms\formidable\class-formidable-frontend.php:36
authwp_ajax_formychat_get_gf_entryincludes\forms\gravity-forms\class-gf-frontend.php:24
noprivwp_ajax_formychat_get_gf_entryincludes\forms\gravity-forms\class-gf-frontend.php:25

REST API Routes 20

GET/wp-json/formychat/woocommerce/settingsincludes\addons\woocommerce\class-admin.php:76
POST/wp-json/formychat/woocommerce/settingsincludes\addons\woocommerce\class-admin.php:88
GET/wp-json/formychat/woocommerce/product-settingsincludes\addons\woocommerce\class-admin.php:100
POST/wp-json/formychat/woocommerce/product-settingsincludes\addons\woocommerce\class-admin.php:112
GET/wp-json/formychat/integrationsincludes\admin\class-integrations.php:113
POST/wp-json/formychat/integrationsincludes\admin\class-integrations.php:120
POST/wp-json/formychat/integrations/installincludes\admin\class-integrations.php:127
GET/wp-json/formychat/integrations/google-sheets/statusincludes\admin\class-integrations.php:134
POST/wp-json/formychat/integrations/google-sheets/disconnectincludes\admin\class-integrations.php:141
POST/wp-json/formychat/integrations/google-sheets/userinfoincludes\admin\class-integrations.php:148
POST/wp-json/formychat/integrations/google-sheets/tokenincludes\admin\class-integrations.php:155
GET/wp-json/formychat/integrations/google-sheets/spreadsheetsincludes\admin\class-integrations.php:162
POST/wp-json/formychat/integrations/google-sheets/spreadsheetsincludes\admin\class-integrations.php:169
GET/wp-json/formychat/integrations/google-sheets/sync-settingsincludes\admin\class-integrations.php:176
POST/wp-json/formychat/integrations/google-sheets/sync-settingsincludes\admin\class-integrations.php:183
POST/wp-json/formychat/integrations/google-sheets/syncincludes\admin\class-integrations.php:190
POST/wp-json/formychat/integrations/google-sheets/resyncincludes\admin\class-integrations.php:197
GET/wp-json/formychat/integrations/google-sheets/sync-statusincludes\admin\class-integrations.php:204
POST/wp-json/formychat/v1/submit-formincludes\public\class-rest.php:49
GET/wp-json/formychat/v1/get-formincludes\public\class-rest.php:60
WordPress Hooks 91
actionformychat_admin_menuincludes\addons\woocommerce\class-admin.php:38
actionrest_api_initincludes\addons\woocommerce\class-admin.php:39
filterformychat_admin_varsincludes\addons\woocommerce\class-admin.php:40
actionwp_enqueue_scriptsincludes\addons\woocommerce\class-frontend.php:50
actionwp_headincludes\addons\woocommerce\class-frontend.php:51
actionwoocommerce_after_shop_loop_itemincludes\addons\woocommerce\class-frontend.php:55
actionadmin_enqueue_scriptsincludes\admin\class-admin-assets.php:36
actionadmin_initincludes\admin\class-admin-hooks.php:41
actionadmin_initincludes\admin\class-admin-hooks.php:42
actionadmin_menuincludes\admin\class-admin-hooks.php:43
filterappsero_is_localincludes\admin\class-admin-hooks.php:188
actionrest_api_initincludes\admin\class-admin-rest.php:46
filterformychat_form_fields_cf7includes\admin\class-admin-rest.php:55
filterformychat_form_fields_gravityincludes\admin\class-admin-rest.php:56
filterformychat_form_fields_wpformsincludes\admin\class-admin-rest.php:57
filterformychat_form_fields_fluentformincludes\admin\class-admin-rest.php:58
filterformychat_form_fields_forminatorincludes\admin\class-admin-rest.php:59
filterformychat_form_fields_formidableincludes\admin\class-admin-rest.php:60
filterformychat_form_fields_ninjaincludes\admin\class-admin-rest.php:61
actioninitincludes\admin\class-google-sheets-cron.php:33
filtercron_schedulesincludes\admin\class-google-sheets-cron.php:62
actionformychat_lead_createdincludes\admin\class-google-sheets-sync.php:66
actionadmin_initincludes\admin\class-google-sheets-token.php:43
actionrest_api_initincludes\admin\class-integrations.php:20
actionadmin_initincludes\admin\class-integrations.php:23
actionswitch_themeincludes\appsero\src\Insights.php:135
actionswitch_themeincludes\appsero\src\Insights.php:136
actionadmin_footerincludes\appsero\src\Insights.php:147
actionadmin_noticesincludes\appsero\src\Insights.php:163
actionadmin_initincludes\appsero\src\Insights.php:166
filtercron_schedulesincludes\appsero\src\Insights.php:172
actionadmin_menuincludes\appsero\src\License.php:232
actionafter_switch_themeincludes\appsero\src\License.php:805
actionswitch_themeincludes\appsero\src\License.php:806
filterformychat_inline_cssincludes\compatibility\class-compatibility.php:41
actioninitincludes\core\class-database.php:28
actionwpcf7_save_contact_formincludes\forms\contact-form\class-cf7-admin.php:44
filterwpcf7_editor_panelsincludes\forms\contact-form\class-cf7-admin.php:53
actionwpcf7_skip_mailincludes\forms\contact-form\class-cf7-frontend.php:33
filterwpcf7_feedback_responseincludes\forms\contact-form\class-cf7-frontend.php:35
actionfluentform/form_settings_menuincludes\forms\fluentform\class-fluentform-admin.php:27
actionfluentform/form_settings_container_form_settingsincludes\forms\fluentform\class-fluentform-admin.php:30
filterfluentform/submission_confirmationincludes\forms\fluentform\class-fluentform-frontend.php:23
filterfrm_add_form_settings_sectionincludes\forms\formidable\class-formidable-admin.php:34
filterfrm_form_options_before_updateincludes\forms\formidable\class-formidable-admin.php:35
actionfrm_page_footerincludes\forms\formidable\class-formidable-admin.php:37
filterfrm_success_filterincludes\forms\formidable\class-formidable-frontend.php:38
actionformychat_footerincludes\forms\formidable\class-formidable-frontend.php:39
actionfrm_after_create_entryincludes\forms\formidable\class-formidable-frontend.php:42
filtergform_form_settings_menuincludes\forms\gravity-forms\class-gf-admin.php:23
actiongform_form_settings_page_formychatincludes\forms\gravity-forms\class-gf-admin.php:24
actionadmin_footerincludes\forms\gravity-forms\class-gf-admin.php:25
actiongform_form_settings_saveincludes\forms\gravity-forms\class-gf-admin.php:26
actiongform_after_save_formincludes\forms\gravity-forms\class-gf-admin.php:28
filtergform_confirmationincludes\forms\gravity-forms\class-gf-frontend.php:27
actionwp_footerincludes\forms\gravity-forms\class-gf-frontend.php:162
filterninja_forms_register_actionsincludes\forms\ninjaforms\class-ninjaforms-admin.php:182
filterninja_forms_action_formychat_settingsincludes\forms\ninjaforms\class-ninjaforms-admin.php:187
filterwpforms_builder_settings_sectionsincludes\forms\wpforms\class-wpforms-admin.php:23
actionwpforms_form_settings_panel_contentincludes\forms\wpforms\class-wpforms-admin.php:24
filterwpforms_ajax_submit_success_responseincludes\forms\wpforms\class-wpforms-frontend.php:24
actionwp_enqueue_scriptsincludes\public\class-assets.php:32
actionrest_api_initincludes\public\class-rest.php:36
actionformychat_lead_createdincludes\public\class-rest.php:39
actionwp_footerincludes\public\class-widget-form.php:35
actiontemplate_redirectincludes\public\class-widget-form.php:36
actionformychat_widget_not_found_errorincludes\public\class-widget-form.php:39
actionformychat_form_not_found_errorincludes\public\class-widget-form.php:40
actionformychat_widget_not_foundincludes\public\class-widget-form.php:43
actionformychat_form_not_foundincludes\public\class-widget-form.php:44
actionformychat_before_formincludes\public\class-widget-form.php:46
actionformychat_form_contentincludes\public\class-widget-form.php:47
actionformychat_after_formincludes\public\class-widget-form.php:48
actionformychat_footerincludes\public\class-widget-form.php:49
actionformychat_form_cf7includes\public\class-widget-form.php:52
actionformychat_form_wpformsincludes\public\class-widget-form.php:53
actionformychat_form_gravityincludes\public\class-widget-form.php:54
actionformychat_form_fluentformincludes\public\class-widget-form.php:55
actionformychat_form_forminatorincludes\public\class-widget-form.php:56
actionformychat_form_formidableincludes\public\class-widget-form.php:57
actionformychat_form_ninjaincludes\public\class-widget-form.php:58
filtershow_admin_barincludes\public\class-widget-form.php:100
filterwp_dark_mode_is_excludedincludes\public\class-widget-form.php:297
actionadmin_enqueue_scriptsincludes\wppool\class-plugin.php:274
actionadmin_footerincludes\wppool\class-plugin.php:275
actionelementor/editor/after_enqueue_scriptsincludes\wppool\class-plugin.php:278
actionelementor/editor/headerincludes\wppool\class-plugin.php:279
filterwppool_pluginsincludes\wppool\class-plugin.php:1241
filterwppool_pluginsincludes\wppool\class-plugin.php:1280
filterappsero_is_localincludes\wppool\class-plugin.php:1293
actionplugins_loadedincludes\wppool\class-plugin.php:1296
Maintenance & Trust

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 9, 2026
PHP min version5.6
Downloads55K

Community Trust

Rating100/100
Number of ratings6
Active installs3K
Alternatives

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Alternatives

Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
Social Chat – Click To Chat App Button

Social Chat – Click To Chat App Button

wp-whatsapp-chat

A
100

WhatsApp Chat🔥 allows you to enhance customer engagement! Integrate "WhatsApp" or "WhatsApp Business" with a single click.

200K 1 CVE
WP Chat App

WP Chat App

wp-whatsapp

A
97

Integrate WhatsApp experience directly into your WordPress website.

100K 6 CVEs
Animated Floating Chat Button

Animated Floating Chat Button

animated-floating-chat-button

A
100

Adds an animated floating chat button to the WordPress site, making communication easier.

1K No CVEs
ChatHelp – Click to Chat Button, Chat to Order, Floating Chat & Form

ChatHelp – Click to Chat Button, Chat to Order, Floating Chat & Form

chat-help

A
96

Add WhatsApp click to chat with floating chat button, chat to order for WooCommerce, and chat forms to convert visitors into customers.

1K 2 CVEs
Developer Profile

Contact Form to Chat Apps | Click to Chat to Order – FormyChat Developer Profile

WPPOOL

16 plugins · 32K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
322 days
View full developer profile
Detection Fingerprints

How We Detect Contact Form to Chat Apps | Click to Chat to Order – FormyChat

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/social-contact-form/public/css/woocommerce.min.css/wp-content/plugins/social-contact-form/public/js/woocommerce.min.js
Script Paths
/wp-content/plugins/social-contact-form/public/js/woocommerce.min.js
Version Parameters
social-contact-form/public/css/woocommerce.min.css?ver=social-contact-form/public/js/woocommerce.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
formychat-product-datawc-block-productwoocommerce-loop-product__titlewoocommerce-Price-amountwoocommerce-LoopProduct-link
Data Attributes
data-product_iddata-product_skudata-product_price
JS Globals
formychat_woo_vars
REST Endpoints
/wp-json/wc/store/v1/products
Shortcode Output
<script type="application/json" class="formychat-product-data">
FAQ

Frequently Asked Questions about Contact Form to Chat Apps | Click to Chat to Order – FormyChat