[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-k5btIpqTeipXKEudoY4L8WHvm0uzeFE99UOBb0rxl0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":137,"fingerprints":347},"website-toolbox-chat-rooms","Website Toolbox Chat Room","1.1.5","Website Toolbox LLC","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebsitetoolbox\u002F","\u003Cp>Not a Website Toolbox Chat Room owner? \u003Ca href=\"https:\u002F\u002Fwww.websitetoolbox.com\u002Fchat_room\u002Findex.html#wordpress\" rel=\"nofollow ugc\">Create a Chat Room Now!\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Website Toolbox allows you to easily add a Chat Room to your website without any coding or software headaches! The Website Toolbox Chat Room WordPress plugin is the easiest way to integrate a Website Toolbox Chat Room into your WordPress site.\u003C\u002Fp>\n\u003Cp>Ranked #1 by StarReviews!\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Login Integration: Automatically logs the user into your Website Toolbox Chat Room when they login to your WordPress website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Registration Integration: Automatically creates a Website Toolbox Chat Room user account when a user registers on your WordPress website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Embedded Chat Room: The Website Toolbox Chat Room is automatically embedded into the layout of your WordPress website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Chat Room Benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Instant Setup\u003C\u002Fli>\n\u003Cli>Phone\u002FChat\u002FEmail Support\u003C\u002Fli>\n\u003Cli>Mobile friendly\u003C\u002Fli>\n\u003Cli>Public or Private\u003C\u002Fli>\n\u003Cli>White Label\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key Chat Room Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Embeddable\u003C\u002Fli>\n\u003Cli>Multiple Rooms\u003C\u002Fli>\n\u003Cli>Private Messaging\u003C\u002Fli>\n\u003Cli>Searchable Message Archive\u003C\u002Fli>\n\u003Cli>Emoticons\u003C\u002Fli>\n\u003Cli>User Accounts\u003C\u002Fli>\n\u003Cli>Administrators\u003C\u002Fli>\n\u003Cli>Guest Users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.websitetoolbox.com\u002Fchat_room\u002Findex.html#wordpress\" rel=\"nofollow ugc\">Learn More\u003C\u002Fa>\u003C\u002Fp>\n","Website Toolbox is the easiest way to create a powerful Chat Room. This plugin embeds your Website Toolbox Chat Room and integrates single sign on.",10,11921,60,2,"2024-03-18T08:34:00.000Z","6.5.8","3.0.0","",[20,21,22,23,24],"chat","chat-room","chat-room-hosting","chatroom","saas-chat-room","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebsite-toolbox-chat-rooms.1.1.5.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":11,"trust_score":35,"computed_at":36},"websitetoolbox",90,92,88,"2026-04-04T14:19:16.064Z",[38,64,83,99,118],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":27,"last_vuln_date":63,"fetched_at":29},"rumbletalk-chat-a-chat-with-themes","RumbleTalk Live Group Chat – HTML5","6.3.9","RumbleTalk","https:\u002F\u002Fprofiles.wordpress.org\u002Frumbletalk\u002F","\u003Ch4>WordPress Group Chat Plugin\u003C\u002Fh4>\n\u003Cp>Live group chat plugin for WordPress. Integrate it into your website in minutes. Create one or multiple rooms effortlessly.\u003C\u002Fp>\n\u003Cp>We support 4 chat types:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Members-only group chat – Integrated with your user base.\u003C\u002Fli>\n\u003Cli>Queued chat – Admins approve every message.\u003C\u002Fli>\n\u003Cli>Social chat – Open chat room for online discussions.\u003C\u002Fli>\n\u003Cli>Experts chat – One-on-one chats (private chats).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>797,100 websites and online events are already using the \u003Ca href=\"https:\u002F\u002Frumbletalk.com\u002F\" rel=\"nofollow ugc\">RumbleTalk HTML Chat Platform\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The chat platform is a hosted professional \u003Cstrong>chat room plugin\u003C\u002Fstrong> with a quick integration to your WordPress members’ user base.\u003Cbr \u002F>\nYou may add it to any type of website, blog, or real-time event.\u003C\u002Fp>\n\u003Cp>Unique features that can be set in the admin panel:\u003C\u002Fp>\n\u003Cp>1) Integrate your users base with one click – your website members will then auto-login to the chat.\u003Cbr \u002F>\n2) Moderated chat mode for live events – approve every message before showing it to all.\u003Cbr \u002F>\n3) Private video and audio calls for private one-on-one video discussions\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F70_zc1fvUtM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>The ideal plugin for members chat, live online events, Group chats, live community, radio shows, fans clubs, stocks & forex trading, hobbies, sports, group discussions…and much more\u003C\u002Fp>\n\u003Ch3>Plug-in Name\u003C\u002Fh3>\n\u003Cp>rumbletalk-chat-a-chat-with-themes\u003C\u002Fp>\n\u003Ch3>WHAT IS A LIVE GROUP CHAT FOR WORDPRESS?\u003C\u002Fh3>\n\u003Cp>RumbleTalk platform is easy to set group chat plugin for WordPress, buddypress and bbpress\u003Cbr \u002F>\n1) Members-only website\u003Cbr \u002F>\n2) Social website\u003Cbr \u002F>\n3) Live online event website\u003Cbr \u002F>\n4) Integrated into any platform using our REST API.\u003C\u002Fp>\n\u003Cp>Adding one or many rooms is a no-brainer with the RumbleTalk plugin. Add a chat widget to your website in two minutes.\u003C\u002Fp>\n\u003Ch4>BuddyPress & BBpress Integration\u003C\u002Fh4>\n\u003Cp>This group chat plugin supports automatic user base integration with WordPress, BuddyPress and BBpress.\u003C\u002Fp>\n\u003Ch3>Chat Features\u003C\u002Fh3>\n\u003Cpre>\n\nNEW - Pin messages, files and videos\n\n* Poll options in the chat\n* Bio Description can be added in the username (ex: display name+bio)\n* Admin count in plan summary added\n* Admin button is added for easy access\n\n* support for avatar integration with different members' plugins.\n* Integration with WordPress users base avatar\n* Mark text as bold, italic, strike and code.\n* Admin mode - mute all users.\n* New lines - now you can add more lines in each message\n* Font size - increase\u002Fdecrease the web-based font size\n* Private chat - prevents automatic private chat window popup   \n\n* support for more currencies\n* Paid access, bug fixes\n* Experts chat, allows you to advice in a private conversation (with or without payment)\n* Control what username will show in the chat\n* Keywords feature - automatic text highlights\n* login type: Register before logging in\n\n* Better Sound Control\n* History search options\n* Export chat history to CSV or HTML\n* Video chat messages, record 30-second video messages.\n* Mobile video calls (android)\n* Set Private chats with registered users\n* Spam Filter applied also for users name\n* Create additional rooms directly from the plugin\n* Open settings from the WordPress admin\n* Delete Archive messages directly from the chat\n* Increase Font Size in mobile\n\n* Full Screen In mobile mode\n* Admin user avatar\n* BuddyPress integration\n* Export Chat Transcript from the chat interface\n* Auto login with your own users-base users name (API)\n* IP info\n\n* Upload Images from your mobile device\n* Take photos from your mobile version\n* One on One VIDEO and Audio calls\n* Upload Docs, Excel, PowerPoint, PDF files\n* Upload Images from your own PC\n\n* Take pictures from your PC camera\n* Easily Embed a group chat in your site.\n* Chatroom Theme Library\n* Talk from Mobile and Tablet.\n* Login, Share and Invite\n* Private chat\n\n* SSL - new secure channel TLS1.2\n* Design your own chat theme.\n* Design your chat with css (for advanced users)\n* Manage more than one chat.\n* Spam filter (create a black listed words).\n* Disconnect Trolls.\n\n* Ban users by IP.\n* Define moderators and rolls.\n* Archive your chat, Save log of your chat history.\n* Chat in 30 languages.\n* Offline Mode\n* Delete single messages\n* Flood control\n* Control the side of the floating icon\n* Advanced dashboard for managing your chat rooms\n* Send audio and video messages\n* Set your own sound for different types of actions\n* In-Chat payment options\n\n\u003C\u002Fpre>\n\u003Cp>BuddyPress Chat Room Integration\u003Cbr \u002F>\nThese members chat plugin supports automatic integration with BuddyPress plugin.\u003C\u002Fp>\n\u003Ch3>Languages\u003C\u002Fh3>\n\u003Cpre>\nEnglish, Español, Bahasa Indonesia, Català, Czech, Dansk sprog\nDeutsch, Français, Italiano, Magyar, فارسی, Nederlands, Dutch, Polski\nPortuguês, Română, ภาษาไทย, Slovenčina, Suomi, Svenska, Tiếng Việt\nTürkçe, ελληνικά, Български, Македонски, Русский язык\nСрбски, Українська, עברית , عربي\n\u003C\u002Fpre>\n","Live group chat plugin for WordPress. Integrate it into your website in minutes. Create one or multiple rooms effortlessly.",800,206700,68,21,"2026-02-04T13:53:00.000Z","6.9.4","3.6","5.2.0",[55,21,56,57,58],"buddypress-chat","community-chat","group-chat","members-chat","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frumbletalk-chat-a-chat-with-themes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frumbletalk-chat-a-chat-with-themes.6.3.9.zip",96,3,"2025-09-03 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":33,"num_ratings":74,"last_updated":75,"tested_up_to":51,"requires_at_least":76,"requires_php":18,"tags":77,"homepage":80,"download_link":81,"security_score":82,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"minnit-chat","Group chat for WordPress – Minnit Chat","4.1.4","minnitchat","https:\u002F\u002Fprofiles.wordpress.org\u002Fminnitchat\u002F","\u003Cp>Minnit Chat is an easy-to-use group chat service. You can appoint moderators to watch over your chat, customize the look and feel of your chat, and increase engagement by having your users be able to talk to one another in real time!\u003C\u002Fp>\n\u003Cp>Configure the chatroom to use Single Sign-On, and users who load the chat will automatically be logged in using their WordPress accounts. No need for additional sign-ups, onboarding, or any other steps — your users can get chatting right away!\u003C\u002Fp>\n\u003Cp>Many other features can be enabled or disabled, including support for sending GIFs, uploading files, direct messaging between users, and more.\u003C\u002Fp>\n\u003Cp>Get started in minutes and get chatting with Minnit!\u003C\u002Fp>\n","Cloud-based chat using your WordPress accounts. Minnit uses SSO to allow you and your WordPress users to communicate with one another.",600,35685,6,"2026-03-11T23:32:00.000Z","3.4",[20,78,79,23,57],"chat-group","chatbox","https:\u002F\u002Fminnit.chat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminnit-chat.zip",100,{"slug":21,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":82,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":97,"download_link":98,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"Chat Room","0.1.3","webdevstudios","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdevstudios\u002F","\u003Cp>The Chat Room plugin allows administrators to easily create chat rooms for their users to participate in. Chat rooms are created via the WordPress administrative interface. After creation, users can access it via the permalink for the chat room.\u003C\u002Fp>\n\u003Cp>The plugin currently will only support servers that have direct PHP filesystem access, which may not be available on all hosting environments.\u003C\u002Fp>\n\u003Cp>All official development on this plugin is on GitHub. Version bumps will still be published here on WordPress.org. You can find the repo at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002FChat-Room\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002FChat-Room\u003C\u002Fa>. Please file issues, bugs, and enhancement ideas there, when possible.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpluginize.com\u002F?utm_source=chat-room&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">Pluginize\u003C\u002Fa> was launched in 2016 by \u003Ca href=\"https:\u002F\u002Fwebdevstudios.com\u002F\" rel=\"nofollow ugc\">WebDevStudios\u003C\u002Fa> to promote, support, and house all of their \u003Ca href=\"https:\u002F\u002Fpluginize.com\u002Fshop\u002F?utm_source=chat-room&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">WordPress products\u003C\u002Fa>. Pluginize is not only creating new products for WordPress all the time, but also provides \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-post-type-ui\u002F\" rel=\"ugc\">ongoing support and development for WordPress community favorites like CPTUI\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcmb2\u002F\" rel=\"ugc\">CMB2\u003C\u002Fa>, and more.\u003C\u002Fp>\n","Create chat rooms on your site for users to participate in.",49660,84,13,"2017-03-11T03:54:00.000Z","4.7.32","3.3",[21],"http:\u002F\u002Fwebdevstudios.com\u002Fsupport\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchat-room.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":11,"downloaded":107,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":108,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":115,"download_link":116,"security_score":82,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":117},"kn-public-chat","KN Public Chat","1.0.2","Freddie Aziz Jasbindar","https:\u002F\u002Fprofiles.wordpress.org\u002Fkakinetwork\u002F","\u003Cul>\n\u003Cli>For anyone who has cbox.ws premium acc, you can use this plugin for your own purpose also!\u003C\u002Fli>\n\u003Cli>We use premium chatbox.ws as chatroom we will share the room! Anyone who install this plugin will get connected via this chat room. This plugin was intergrate in wordpress display name, so anyone who already registered in your wordpress, they can chat with their display name anytime.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>http:\u002F\u002Fwww.kakiheboh.com (widget)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Feature\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Implement your own cbox.ws premium account\u003C\u002Fli>\n\u003Cli>Widget\u003C\u002Fli>\n\u003Cli>Gravatar Intergration\u003C\u002Fli>\n\u003Cli>Display Name (from wordpress profile)\u003C\u002Fli>\n\u003Cli>Your own blog URL\u003C\u002Fli>\n\u003C\u002Ful>\n","KN Public Chat is a free WordPress Plugin that lets your visitors and visitor from anyone who install this plugin can chat together in 1 public chat r &hellip;",7392,"3.3.2","3.0.1",[111,112,21,113,114],"cbox","cbox-ws","live-chat","widget","http:\u002F\u002Fwww.KakiNetwork.Com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkn-public-chat.zip","2026-03-15T10:48:56.248Z",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":11,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":18,"tags":132,"homepage":135,"download_link":136,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"mblog","MBlog","0.37","Nordvind","https:\u002F\u002Fprofiles.wordpress.org\u002Fnordvind\u002F","\u003Cp>Puts a “wall” into a blog, where blog authors can chat. Wall can be hidden from unregistered users.\u003Cbr \u002F>\nIntended to use in community\u002Fcorporate blogs, for coordination between authors.\u003C\u002Fp>\n","A chatroom for blog authors",3955,20,1,"2011-06-25T00:08:00.000Z","3.1.4","2.8",[20,23,133,134,114],"microblog","wall","http:\u002F\u002Fmblog-wp.blogspot.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmblog.zip",{"attackSurface":138,"codeSignals":209,"taintFlows":241,"riskAssessment":331,"analyzedAt":346},{"hooks":139,"ajaxHandlers":205,"restRoutes":206,"shortcodes":207,"cronEvents":208,"entryPointCount":27,"unprotectedCount":27},[140,146,149,153,157,161,164,168,171,174,177,181,185,191,195,198,201],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_notices","wtbChatRoom_warning","chatHook.php",4,{"type":141,"name":147,"callback":148,"file":144,"line":74},"wp_head","wtb_chatroom_init",{"type":141,"name":150,"callback":151,"file":144,"line":152},"admin_menu","wtbChatRoom_add_admin_menu",8,{"type":141,"name":154,"callback":155,"file":144,"line":156},"admin_init","wtbchatroom_admin_init",9,{"type":141,"name":158,"callback":159,"file":144,"line":160},"user_register","wtbChatRoom_register_user",11,{"type":141,"name":162,"callback":163,"file":144,"line":92},"wp_login","wtbChatRoom_login_user",{"type":141,"name":165,"callback":166,"file":144,"line":167},"wp_footer","ssoChatRoomLoginLogout",15,{"type":141,"name":169,"callback":166,"file":144,"line":170},"admin_footer",16,{"type":141,"name":172,"callback":166,"file":144,"line":173},"login_footer",18,{"type":141,"name":175,"callback":176,"file":144,"line":127},"delete_user","delete_chatroom_user",{"type":141,"name":178,"callback":179,"priority":11,"file":144,"line":180},"profile_update","wtbUpdateChatRoomInfo",22,{"type":141,"name":182,"callback":183,"file":144,"line":184},"wp_dashboard_setup","checkChatRoomEnableOrInvalidAPI",24,{"type":186,"name":187,"callback":188,"file":189,"line":190},"filter","the_content","wtbChatRoom_lol","websitetoolboxChatRoom.php",95,{"type":186,"name":192,"callback":193,"priority":127,"file":189,"line":194},"page_link","filter_page_links_wtbchatroom",504,{"type":186,"name":192,"callback":196,"priority":127,"file":189,"line":197},"changeChatRoolLink",837,{"type":186,"name":187,"callback":199,"priority":127,"file":189,"line":200},"updateChatRoomPageContent",868,{"type":186,"name":202,"callback":203,"file":189,"line":204},"plugin_action_links_websitetoolboxChatRoom","addChatSettingsLink",944,[],[],[],[],{"dangerousFunctions":210,"sqlUsage":211,"outputEscaping":221,"fileOperations":27,"externalRequests":74,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":240},[],{"prepared":156,"raw":62,"locations":212},[213,216,219],{"file":189,"line":214,"context":215},312,"$wpdb->get_results() with variable interpolation",{"file":189,"line":217,"context":218},574,"$wpdb->query() with variable interpolation",{"file":189,"line":220,"context":215},736,{"escaped":14,"rawEcho":152,"locations":222},[223,226,228,230,232,234,236,238],{"file":189,"line":224,"context":225},176,"raw output",{"file":189,"line":227,"context":225},189,{"file":189,"line":229,"context":225},208,{"file":189,"line":231,"context":225},271,{"file":189,"line":233,"context":225},380,{"file":189,"line":235,"context":225},450,{"file":189,"line":237,"context":225},706,{"file":189,"line":239,"context":225},716,[],[242,260,269,279,306],{"entryPoint":243,"graph":244,"unsanitizedCount":128,"severity":259},"wtb_chatroom_username_option (websitetoolboxChatRoom.php:169)",{"nodes":245,"edges":256},[246,251],{"id":247,"type":248,"label":249,"file":189,"line":250},"n0","source","$_POST",170,{"id":252,"type":253,"label":254,"file":189,"line":224,"wp_function":255},"n1","sink","echo() [XSS]","echo",[257],{"from":247,"to":252,"sanitized":258},false,"medium",{"entryPoint":261,"graph":262,"unsanitizedCount":128,"severity":259},"wtb_chatroom_api_option (websitetoolboxChatRoom.php:182)",{"nodes":263,"edges":267},[264,266],{"id":247,"type":248,"label":249,"file":189,"line":265},183,{"id":252,"type":253,"label":254,"file":189,"line":227,"wp_function":255},[268],{"from":247,"to":252,"sanitized":258},{"entryPoint":270,"graph":271,"unsanitizedCount":14,"severity":259},"ssoChatRoomLoginLogout (websitetoolboxChatRoom.php:691)",{"nodes":272,"edges":277},[273,276],{"id":247,"type":248,"label":274,"file":189,"line":275},"$_COOKIE (x2)",703,{"id":252,"type":253,"label":254,"file":189,"line":237,"wp_function":255},[278],{"from":247,"to":252,"sanitized":258},{"entryPoint":280,"graph":281,"unsanitizedCount":62,"severity":305},"wtbchatroom_options_page (websitetoolboxChatRoom.php:214)",{"nodes":282,"edges":301},[283,286,289,293,295,299],{"id":247,"type":248,"label":284,"file":189,"line":285},"$_POST['wtb_chatroom_username']",283,{"id":252,"type":253,"label":287,"file":189,"line":285,"wp_function":288},"update_option() [Settings Manipulation]","update_option",{"id":290,"type":248,"label":291,"file":189,"line":292},"n2","$_POST['wtb_chatroom_api']",290,{"id":294,"type":253,"label":287,"file":189,"line":292,"wp_function":288},"n3",{"id":296,"type":248,"label":297,"file":189,"line":298},"n4","$_POST['wtb_chatroom_redirect']",308,{"id":300,"type":253,"label":287,"file":189,"line":298,"wp_function":288},"n5",[302,303,304],{"from":247,"to":252,"sanitized":258},{"from":290,"to":294,"sanitized":258},{"from":296,"to":300,"sanitized":258},"low",{"entryPoint":307,"graph":308,"unsanitizedCount":152,"severity":305},"\u003CwebsitetoolboxChatRoom> (websitetoolboxChatRoom.php:0)",{"nodes":309,"edges":325},[310,312,313,314,315,316,317,319,321,323],{"id":247,"type":248,"label":311,"file":189,"line":250},"$_POST (x3)",{"id":252,"type":253,"label":254,"file":189,"line":224,"wp_function":255},{"id":290,"type":248,"label":284,"file":189,"line":285},{"id":294,"type":253,"label":287,"file":189,"line":285,"wp_function":288},{"id":296,"type":248,"label":291,"file":189,"line":292},{"id":300,"type":253,"label":287,"file":189,"line":292,"wp_function":288},{"id":318,"type":248,"label":297,"file":189,"line":298},"n6",{"id":320,"type":253,"label":287,"file":189,"line":298,"wp_function":288},"n7",{"id":322,"type":248,"label":274,"file":189,"line":275},"n8",{"id":324,"type":253,"label":254,"file":189,"line":237,"wp_function":255},"n9",[326,327,328,329,330],{"from":247,"to":252,"sanitized":258},{"from":290,"to":294,"sanitized":258},{"from":296,"to":300,"sanitized":258},{"from":318,"to":320,"sanitized":258},{"from":322,"to":324,"sanitized":258},{"summary":332,"deductions":333},"The \"website-toolbox-chat-rooms\" v1.1.5 plugin exhibits a mixed security posture.  The static analysis reveals no immediate critical attack vectors such as unprotected AJAX handlers, REST API routes, or shortcodes, which is a positive sign. Furthermore, the absence of dangerous functions and file operations suggests a degree of defensive coding. However, significant concerns arise from the code signals.  A concerning 25% of SQL queries are not using prepared statements, potentially exposing the plugin to SQL injection vulnerabilities.  Equally worrying is the extremely low rate of proper output escaping, with only 20% of outputs being escaped, leaving the plugin highly susceptible to Cross-Site Scripting (XSS) attacks.  The lack of nonce checks and capability checks further exacerbates these risks, as there are no built-in mechanisms to verify user intent or authorization for actions that might be taken through the plugin's functionality.\n\nThe taint analysis, while showing no critical or high severity flows, did identify 5 flows with unsanitized paths. Coupled with the general lack of input validation indicated by the absence of nonce and capability checks, this suggests that user-supplied data, even if not immediately leading to a critical exploit in the analyzed flows, is not being handled securely and could be a vector for manipulation.  The plugin's vulnerability history is currently clean, with no recorded CVEs. While this is a strong positive, it should be viewed in conjunction with the identified code weaknesses.  The absence of past vulnerabilities might be due to the plugin's limited exposure, successful security practices in the past, or simply a lack of past diligent security auditing.  Therefore, while the plugin doesn't have a history of known exploits, the identified weaknesses in output escaping, SQL sanitization, and the absence of critical security checks present substantial inherent risks.",[334,336,338,341,343],{"reason":335,"points":11},"SQL queries not using prepared statements",{"reason":337,"points":152},"Low percentage of properly escaped output",{"reason":339,"points":340},"No nonce checks found",7,{"reason":342,"points":340},"No capability checks found",{"reason":344,"points":345},"Taint flows with unsanitized paths",5,"2026-03-17T00:02:59.134Z",{"wat":348,"direct":354},{"assetPaths":349,"generatorPatterns":351,"scriptPaths":352,"versionParams":353},[350],"\u002Fwp-content\u002Fplugins\u002Fwebsite-toolbox-chat-rooms\u002Fwtb-chat-rooms.php",[],[],[],{"cssClasses":355,"htmlComments":356,"htmlAttributes":357,"restEndpoints":358,"jsGlobals":359,"shortcodeOutput":360},[],[],[],[],[],[]]