Does Website Chat Button: Kommo integration have any unpatched vulnerabilities?

Yes — Website Chat Button: Kommo integration currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Website Chat Button: Kommo integration compatible with WordPress 6.8.5?

According to WordPress.org data, Website Chat Button: Kommo integration 1.3.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Website Chat Button: Kommo integration compatible with PHP 7.4+?

Website Chat Button: Kommo integration requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Website Chat Button: Kommo integration updated?

Website Chat Button: Kommo integration was last updated on Jul 24, 2025. Frequent updates are generally a positive security signal.

What is Website Chat Button: Kommo integration's security score?

Website Chat Button: Kommo integration has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Website Chat Button: Kommo integration Security & Risk Analysis

wordpress.org/plugins/website-chat-button-kommo-integration

Let your customers contact you directly from your website with a chat button, conveniently manage all interactions through Kommo.

1K active installs v1.3.1 PHP 7.4+ WP 6.4+ Updated Jul 24, 2025

chat-button-pluginchat-pluginwebsite-chatwebsite-chat-button

B · Generally Safe

CVEs total1

Unpatched1

Last CVESep 22, 2025

Plugin page Download

Safety Verdict

Is Website Chat Button: Kommo integration Safe to Use in 2026?

Mostly Safe

Score 78/100

Website Chat Button: Kommo integration is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Sep 22, 2025Updated 8mo ago

Risk Assessment

This plugin exhibits a generally good security posture based on the static analysis, with strong practices in SQL query preparation and output escaping. The absence of dangerous functions, file operations, and external HTTP requests further contributes to a secure foundation. However, the presence of a medium severity vulnerability in its history, specifically a "Missing Authorization" issue, is a significant concern. While the current version's static analysis shows no obvious vulnerabilities like unsanitized paths or critical taint flows, past vulnerabilities and the lack of capability checks in the identified AJAX handler warrant caution. The vulnerability history suggests a pattern of authorization-related flaws, and the absence of capability checks on its single AJAX entry point could be a contributing factor or a weakness that could be exploited if a similar vulnerability re-emerges. Therefore, while the code looks clean currently, the historical context and the specific missing capability checks are the primary areas of risk.

Key Concerns

Unpatched CVE in vulnerability history
Medium severity vulnerability in history (Missing Authorization)
Lack of capability checks on AJAX handlers

Vulnerabilities

Website Chat Button: Kommo integration Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-58666medium · 5.4Missing Authorization

Website Chat Button: Kommo integration <= 1.3.1 - Missing Authorization

Sep 22, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Website Chat Button: Kommo integration Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

142 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

SQL Query Safety

100% prepared6 total queries

Output Escaping

97% escaped147 total outputs

Attack Surface

Website Chat Button: Kommo integration Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_kommo_dashboard_actionwebsite-chat-button-kommo-integration.php:515

WordPress Hooks 9

actionwp_footerwebsite-chat-button-kommo-integration.php:507

actionadmin_menuwebsite-chat-button-kommo-integration.php:508

actioninitwebsite-chat-button-kommo-integration.php:510

actionadmin_enqueue_scriptswebsite-chat-button-kommo-integration.php:512

actionwp_enqueue_scriptswebsite-chat-button-kommo-integration.php:513

actionactivated_pluginwebsite-chat-button-kommo-integration.php:516

actionrest_api_initwebsite-chat-button-kommo-integration.php:518

filterload_textdomain_mofilewebsite-chat-button-kommo-integration.php:523

actionupgrader_process_completewebsite-chat-button-kommo-integration.php:529

Maintenance & Trust

Website Chat Button: Kommo integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 24, 2025

PHP min version7.4

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs1K

Alternatives

Website Chat Button: Kommo integration Alternatives

JivoChat Live Chat – WP live chat plugin for WordPress

jivochat

Omnichannel Live Chat and Help Desk plugin, optimized for WordPress. Free, fast, easy to install and to use. Turn your visitors into happy customers!

20K 1 CVE

Chaport — Live Chat & Chatbots

chaport

Modern live chat plugin for WordPress. Powerful features: multi-channel, chatbots, customization, etc. Free plan. Unlimited chats & websites.

2K 1 CVE

HelpCrunch – Live Chat, Chatbot & Knowledge Base for Customer Service

helpcrunch-live-chat

100

The one-stop platform for even stronger customer relations. Bolster your customer support with its live chat, chatbot, and knowledge base software.

2K No CVEs

Live Chat Plugin for WooCommerce – LiveChat

livechat-woocommerce

100

Live chat and help desk software plugin for WooCommerce. Add live chat to your WooCommerce store to connect immediately with customers.

1K 1 CVE

Replain

replain

Be in touch with your clients through Telegram, WhatsApp or Facebook Messenger. Fast, functional and free live-chat service for your website.

800 No CVEs

Developer Profile

Website Chat Button: Kommo integration Developer Profile

Kommo

1 plugin · 1K total installs

trust score

Avg Security Score

78/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Website Chat Button: Kommo integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/website-chat-button-kommo-integration/main/plugin_page/home_page/js/script.js/wp-content/plugins/website-chat-button-kommo-integration/main/script-admin-ext-integration.js/wp-content/plugins/website-chat-button-kommo-integration/script.js/wp-content/plugins/website-chat-button-kommo-integration/script-admin.js

Script Paths

main/script-admin-ext-integration.jsscript.jsscript-admin.jsmain/plugin_page/home_page/js/script.js

Version Parameters

plugins/website-chat-button-kommo-integration/main/script-admin-ext-integration.js?ver=plugins/website-chat-button-kommo-integration/script.js?ver=plugins/website-chat-button-kommo-integration/script-admin.js?ver=plugins/website-chat-button-kommo-integration/main/plugin_page/home_page/js/script.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-kommo-integration-chat-widgetdata-kommo-flash-account-sign-initdata-kommo-flash-trial-date-startdata-kommo-flash-account-sign-refererdata-kommo-flash-chat-button-data

JS Globals

kommo_admin_datakommoflash_home_page_datakommoflash_init

FAQ