Stames Floating Widget Security & Risk Analysis

wordpress.org/plugins/stames-floating-widget

In today’s digital world, businesses are overwhelmed with messages from multiple platforms—WhatsApp, Instagram, Facebook, Emails, Contact Forms, and m …

0 active installs v1.0.0 PHP + WP 5.0+ Updated Mar 5, 2025
communicationcrmfloating-widgetmessaging
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Stames Floating Widget Safe to Use in 2026?

Generally Safe

Score 92/100

Stames Floating Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "stames-floating-widget" plugin version 1.0.0 exhibits a strong security posture based on the provided static analysis. There are no identified vulnerabilities in the code signals, such as dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or lack of security checks like nonces and capabilities. The attack surface is also minimal, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events. The absence of any recorded vulnerabilities in its history further reinforces its secure design.

However, the analysis does reveal a complete absence of any identified security checks (nonces and capabilities) and a taint analysis that indicates zero flows were analyzed. While this can indicate clean code, it also means that the plugin hasn't been thoroughly tested for potential vulnerabilities that might arise from data flowing into the application, or that the static analysis tools were unable to find any entry points to analyze. This lack of explicit security controls, even in the absence of immediate risks, leaves room for potential issues if the plugin were to be expanded or interact with user-supplied data in the future without proper sanitization and authorization.

In conclusion, the "stames-floating-widget" v1.0.0 appears to be highly secure in its current state. The lack of any identified threats is a significant strength. The main area for consideration is the complete absence of nonce and capability checks, which, while not a current flaw, represents a missed opportunity to implement fundamental WordPress security best practices. The zero taint flows are positive, but the lack of analysis suggests a need for more comprehensive testing or a very limited scope of functionality.

Key Concerns

  • Missing nonce checks
  • Missing capability checks
  • No taint analysis performed
Vulnerabilities
None known

Stames Floating Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Stames Floating Widget Release Timeline

v1.0.0Current
Code Analysis
Analyzed Mar 17, 2026

Stames Floating Widget Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
13 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped13 total outputs
Attack Surface

Stames Floating Widget Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actionadmin_initstames-floating-widget.php:22
actionwp_enqueue_scriptsstames-floating-widget.php:49
actionwp_footerstames-floating-widget.php:58
actionadmin_menustames-floating-widget.php:65
Maintenance & Trust

Stames Floating Widget Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 5, 2025
PHP min version
Downloads653

Community Trust

Rating100/100
Number of ratings1
Active installs0
Developer Profile

Stames Floating Widget Developer Profile

Stames

1 plugin · 0 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Stames Floating Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/stames-floating-widget/assets/js/stamescta_20210417181738.min.js/wp-content/plugins/stames-floating-widget/assets/js/stamesco_20210417181738.min.js/wp-content/plugins/stames-floating-widget/assets/stames-logo.png
Script Paths
/wp-content/plugins/stames-floating-widget/assets/js/stamescta_20210417181738.min.js/wp-content/plugins/stames-floating-widget/assets/js/stamesco_20210417181738.min.js

HTML / DOM Fingerprints

CSS Classes
stames-btn
HTML Comments
<!-- Start Stames Tag --><!-- End Stames Tag -->
Data Attributes
data-key
JS Globals
stamesWidgetData
Shortcode Output
<stames-app
FAQ

Frequently Asked Questions about Stames Floating Widget