Does Widget for Zendesk Chat via API have any unpatched vulnerabilities?

No. All known vulnerabilities in Widget for Zendesk Chat via API have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Widget for Zendesk Chat via API compatible with WordPress 6.8.5?

According to WordPress.org data, Widget for Zendesk Chat via API 1.12.12 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Widget for Zendesk Chat via API compatible with PHP 5.6+?

Widget for Zendesk Chat via API requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Widget for Zendesk Chat via API updated?

Widget for Zendesk Chat via API was last updated on Apr 16, 2025. Frequent updates are generally a positive security signal.

What is Widget for Zendesk Chat via API's security score?

Widget for Zendesk Chat via API has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Widget for Zendesk Chat via API Security & Risk Analysis

wordpress.org/plugins/widget-for-zendesk-chat-via-api

This plugin offers a faster way to load the Zendesk Chat Widget via API. It optimizes the page loading speed and it is quick and easy to implement.

200 active installs v1.12.12 PHP 5.6+ WP 3.5+ Updated Apr 16, 2025

chat-widgetspeed-optimizationzendeskzendesk-chatzendesk-speed

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Widget for Zendesk Chat via API Safe to Use in 2026?

Generally Safe

Score 100/100

Widget for Zendesk Chat via API has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "widget-for-zendesk-chat-via-api" plugin v1.12.12 exhibits a generally strong security posture in several areas. Notably, it has no known past vulnerabilities, no dangerous functions, and all SQL queries are properly prepared, which are significant strengths. The absence of file operations and external HTTP requests also reduces potential attack vectors. However, there are significant concerns regarding its attack surface. Three out of four AJAX handlers lack proper authentication checks, presenting a substantial risk of unauthorized access or actions if these handlers can be triggered by unauthenticated users. While the static analysis shows no critical or high severity taint flows, the presence of unsanitized paths in the taint analysis is a potential area of concern, though currently rated as low. The plugin also has a moderate rate of unescaped output, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully. The lack of documented vulnerabilities is positive, but the unprotected AJAX endpoints remain a primary concern that needs immediate attention.

Key Concerns

Unprotected AJAX handlers
Moderate rate of unescaped output
Taint flow with unsanitized paths (low severity)

Vulnerabilities

None known

Widget for Zendesk Chat via API Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Widget for Zendesk Chat via API Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

38 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

72% escaped53 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

options_page (includes\admin\admin.php:92)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Widget for Zendesk Chat via API Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 4

authwp_ajax_ps_widget_for_zendesk_chat_via_api_review_noticeincludes\admin\admin.php:25

authwp_ajax_ps_widget_for_zendesk_chat_via_api_deactivationincludes\admin\admin.php:59

authwp_ajax_widget_for_zendesk_chat_via_api_handle_subscription_requestincludes\admin\admin.php:69

authwp_ajax_widget_for_zendesk_chat_via_api_subscription_popup_shownincludes\admin\admin.php:74

WordPress Hooks 12

actionadmin_menuincludes\admin\admin.php:20

actionadmin_enqueue_scriptsincludes\admin\admin.php:31

actionadmin_noticesincludes\admin\admin.php:38

actionadmin_footerincludes\admin\admin.php:43

actionplugin_row_metaincludes\admin\admin.php:49

actionadmin_footerincludes\admin\admin.php:54

actionplugin_action_linksincludes\admin\admin.php:64

actionadd_meta_boxesincludes\admin\admin.php:79

actionsave_postincludes\admin\admin.php:80

filterps_widget_for_zendesk_chat_via_api_validate_codeincludes\admin\admin.php:82

actionadmin_noticesincludes\admin\admin.php:216

actionwp_footerwidget-for-zendesk-chat-via-api.php:41

Maintenance & Trust

Widget for Zendesk Chat via API Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 16, 2025

PHP min version5.6

Downloads5K

Community Trust

Rating100/100

Number of ratings6

Active installs200

Alternatives

Widget for Zendesk Chat via API Alternatives

Tawk.To Live Chat

tawkto-live-chat

(OFFICIAL tawk.to plugin) Instantly chat with visitors on your website with the free tawk.to chat widget. Website: http://tawk.to

100K 1 CVE

Fast Velocity Minify

fast-velocity-minify

Maximize GTmetrix, PageSpeed and enhance Web Vitals by minifying CSS/JS, lazy loading scripts, optimizing images, and improving load speed overall.

40K 2 CVEs

LeadConnector

leadconnector

LeadConnector: It helps you to add the LeadConnector chat widget and the LeadConnector funnel pages to your WordPress website.

30K 2 CVEs

Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist

bit-assist

Floating sticky chat button for WhatsApp Chat, Facebook Messenger, Telegram, Instagram, SMS, Call, Discord chat, TikTok, Line & 30+ channels

10K 7 CVEs

Sticky Chat Widget – Floating Chat Icons, Contact Form, Call, Click to Chat, Email & Message Buttons

sticky-chat-widget

100

Social chat buttons with WhatsApp, Messenger, WeChat, Telegram, Instagram, TikTok, Zalo & more — plus SMS, Call button, Contact form, and 20+ icons.

10K 1 CVE

Developer Profile

Widget for Zendesk Chat via API Developer Profile

Plugins and Snippets

4 plugins · 6K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

3 days

View full developer profile

Detection Fingerprints

How We Detect Widget for Zendesk Chat via API

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/widget-for-zendesk-chat-via-api/assets/admin/css/admin.min.css/wp-content/plugins/widget-for-zendesk-chat-via-api/assets/admin/js/admin.min.js

Script Paths

/wp-content/plugins/widget-for-zendesk-chat-via-api/assets/admin/js/admin.min.js

Version Parameters

widget-for-zendesk-chat-via-api/assets/admin/css/admin.min.css?ver=widget-for-zendesk-chat-via-api/assets/admin/js/admin.min.js?ver=

HTML / DOM Fingerprints

Data Attributes

name="ps_zendesk_chat_widget_api_code"name="ps_zendesk_chat_widget_api_delay_time"name="ps_zendesk_chat_widget_api_remove_data"name="ps_zendesk_chat_widget_api_code_disable"

FAQ