Does Support Hero have any unpatched vulnerabilities?

No. All known vulnerabilities in Support Hero have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Support Hero compatible with WordPress 4.9.29?

According to WordPress.org data, Support Hero 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Support Hero compatible with PHP 5.6+?

Support Hero requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Support Hero updated?

Support Hero was last updated on May 9, 2018. Frequent updates are generally a positive security signal.

What is Support Hero's security score?

Support Hero has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Support Hero Security & Risk Analysis

wordpress.org/plugins/support-hero

Make your customers happier by educating them through self-help support

10 active installs v1.0.0 PHP 5.6+ WP 4.0+ Updated May 9, 2018

knowledge-baseself-help-supportsupport

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Support Hero Safe to Use in 2026?

Generally Safe

Score 85/100

Support Hero has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the "support-hero" plugin v1.0.0 exhibits a strong security posture. The absence of any identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly reduces the attack surface. Furthermore, the code signals are generally positive, with 100% of SQL queries using prepared statements and a high percentage of output escaping. The presence of a capability check is also a good sign of basic access control.

Key Concerns

Zero nonce checks observed
High percentage of unescaped output (19%)

Vulnerabilities

None known

Support Hero Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Support Hero Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

81% escaped27 total outputs

Attack Surface

Support Hero Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_menuincludes\admin\class-supporthero-admin.php:19

actionadmin_initincludes\admin\class-supporthero-admin.php:20

actionwp_footerincludes\class-supporthero-widget.php:18

actioninitsupporthero.php:46

actionplugins_loadedsupporthero.php:94

Maintenance & Trust

Support Hero Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedMay 9, 2018

PHP min version5.6

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Support Hero Alternatives

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

support-genix-lite

Manage customer support with a powerful helpdesk & support ticket system — track customer tickets, resolve, and streamline your support workflow.

1K 3 CVEs

Freshdesk (official)

freshdesk-support

Quickly embed the Freshdesk help widget, convert WordPress comments to tickets and seamlessly log your WordPress users into your support portal.

900 3 CVEs

Knowledge Base

knowledgebase

Effortlessly build a comprehensive knowledge base for unlimited products on your WordPress site and elevate your customer support experience.

100 4 CVEs

DearDocs – Documentation, Knowledge Base, Help Center & FAQs

deardocs

100

Create a searchable Documentation site, Knowledge Base, or Help Center. Manage your support wiki and product docs with this powerful WordPress plugin.

0 No CVEs

FloatyFAQ

floatyfaq

100

Interactive FAQ system with floating balloon, categories, search and statistics.

0 No CVEs

Developer Profile

Support Hero Developer Profile

Fernando Acosta

7 plugins · 109K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect Support Hero

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

/wp-content/plugins/support-hero/includes/js/widget.js

Version Parameters

support-hero/widget.js?ver=

HTML / DOM Fingerprints

JS Globals

window.supportHeroWidget

FAQ