WP-Safety

Webcamconsult Security & Risk Analysis

wordpress.org/plugins/webcamconsult

Your visitor can start a real-time video call with you when you are available and from any page you want to offer this service.

40 active installs v1.6.0 PHP + WP 3.0.1+ Updated Jan 15, 2025
consultconsulting-hourvideo-callvideo-chatvideo-conference
91
A · Safe
CVEs total1
Unpatched0
Last CVEJan 17, 2025
Plugin page Download
Safety Verdict

Is Webcamconsult Safe to Use in 2026?

Generally Safe

Score 91/100

Webcamconsult has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 17, 2025Updated 1yr ago
Risk Assessment

The "webcamconsult" v1.6.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL query handling, exclusively using prepared statements, and has no known unpatched vulnerabilities. The absence of bundled libraries and external HTTP requests further reduces potential attack vectors. However, significant concerns arise from the plugin's attack surface. Two AJAX handlers are present, and crucially, both lack authentication checks, creating direct entry points for potential unauthorized actions. While taint analysis did not reveal critical or high severity unsanitized paths, the presence of two flows with unsanitized paths, albeit of lower severity, warrants attention in conjunction with the unprotected AJAX endpoints. The vulnerability history shows one past CVE, a medium severity Cross-Site Request Forgery (CSRF), which, although patched, indicates a historical susceptibility to such attacks. Overall, the plugin has strengths in secure data handling but suffers from a poorly protected attack surface, which is a primary risk.

Key Concerns

  • AJAX handlers without auth checks
  • Flows with unsanitized paths (lower severity)
  • Past medium severity vulnerability (CSRF)
  • Missing capability checks
Vulnerabilities
1

Webcamconsult Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-13432medium · 6.1Cross-Site Request Forgery (CSRF)

Webcamconsult <= 1.5.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Jan 17, 2025 Patched in 1.6.0 (1d)
Code Analysis
Analyzed Mar 16, 2026

Webcamconsult Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
15
39 escaped
Nonce Checks
1
Capability Checks
0
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

72% escaped54 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
set_client_id (admin\class-webcamconsult-admin.php:131)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Webcamconsult Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_get_widgetsincludes\class-webcamconsult.php:158
authwp_ajax_set_client_idincludes\class-webcamconsult.php:159
WordPress Hooks 7
actionplugins_loadedincludes\class-webcamconsult.php:139
actionadmin_enqueue_scriptsincludes\class-webcamconsult.php:154
actionadmin_enqueue_scriptsincludes\class-webcamconsult.php:155
actionadmin_menuincludes\class-webcamconsult.php:156
actionwidgets_initincludes\class-webcamconsult.php:157
actionwp_enqueue_scriptsincludes\class-webcamconsult.php:174
actionwp_enqueue_scriptsincludes\class-webcamconsult.php:175
Maintenance & Trust

Webcamconsult Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedJan 15, 2025
PHP min version
Downloads7K

Community Trust

Rating100/100
Number of ratings1
Active installs40
Alternatives

Webcamconsult Alternatives

FlexMeeting – Webinar & Meeting Plugin for Jitsi Meet

FlexMeeting – Webinar & Meeting Plugin for Jitsi Meet

webinar-and-video-conference-with-jitsi-meet

A
99

Host webinars and video conferences directly on your site. Add branded Jitsi-based meetings and live sessions easily.

1K 2 CVEs
Consolto Video Chat

Consolto Video Chat

consolto-videochat

A
100

4-in-1: video chat, appointment scheduling, AI & live chat and forms for Sales, Support and Consultants.

300 No CVEs
Plug-N-Meet web conference integration

Plug-N-Meet web conference integration

plugnmeet

A
100

x-release-please-start-version Stable tag: 2.1.1 # x-release-please-end Requires PHP: 8.2.0 License: GPLv2 or later License URI: http://www.gnu.

100 No CVEs
Video Conferencing with Zoom

Video Conferencing with Zoom

video-conferencing-with-zoom-api

A
95

Gives you the power to manage Zoom Meetings, Zoom Webinars, Recordings, Reports and create users directly from your WordPress dashboard.

20K 9 CVEs
eRoom – Webinar & Meeting Plugin for Zoom, Google Meet, Microsoft Teams

eRoom – Webinar & Meeting Plugin for Zoom, Google Meet, Microsoft Teams

eroom-zoom-meetings-webinar

A
92

eRoom is the best WordPress Zoom Meeting and Webinar Plugin. eRoom Zoom WordPress plugin enables integration with Zoom, Google Meet, Microsoft Teams.

10K 7 CVEs
Developer Profile

Webcamconsult Developer Profile

Sjoerd Handofsky

1 plugin · 40 total installs

94
trust score
Avg Security Score
91/100
Avg Patch Time
1 days
View full developer profile
Detection Fingerprints

How We Detect Webcamconsult

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/webcamconsult/admin/css/webcamconsult-admin.css/wp-content/plugins/webcamconsult/admin/js/webcamconsult-admin.js
Script Paths
/wp-content/plugins/webcamconsult/admin/js/webcamconsult-admin.js
Version Parameters
webcamconsult-admin.css?ver=webcamconsult-admin.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Webcamconsult