WP-Safety

Social Chat – Click To Chat App Button Security & Risk Analysis

wordpress.org/plugins/wp-whatsapp-chat

WhatsApp Chat🔥 allows you to enhance customer engagement! Integrate "WhatsApp" or "WhatsApp Business" with a single click.

200K active installs v8.3.2 PHP 5.6+ WP 4.7+ Updated Mar 12, 2026
click-to-chatwhatsappwhatsapp-businesswhatsapp-chatwoocommerce-whatsapp
100
A · Safe
CVEs total1
Unpatched0
Last CVEJul 18, 2022
Plugin page Download
Safety Verdict

Is Social Chat – Click To Chat App Button Safe to Use in 2026?

Generally Safe

Score 100/100

Social Chat – Click To Chat App Button has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jul 18, 2022Updated 22d ago
Risk Assessment

The "wp-whatsapp-chat" v8.3.3 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant positive. Furthermore, the low number of SQL queries (2 total) and the fact that none are unescaped is commendable, as is the high percentage (94%) of properly escaped outputs. The plugin also correctly implements nonce and capability checks for its limited code signals. However, the presence of one previous medium severity Cross-Site Scripting (XSS) vulnerability, even though it is currently patched, is a point of concern. This historical vulnerability, coupled with the fact that 0% of SQL queries are prepared, suggests potential areas where robust coding practices might have been lacking in past versions, and therefore, could be a risk in future updates if not carefully monitored. The single external HTTP request also warrants attention, as it could be a vector for supply chain attacks if not handled securely.

Key Concerns

  • 1 Medium CVE historically found
  • 0% of SQL queries use prepared statements
Vulnerabilities
1

Social Chat – Click To Chat App Button Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2022-2361medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP Social Chat – Click To Chat App <= 6.0.4 - Administrator+ Stored Cross-Site Scripting

Jul 18, 2022 Patched in 6.0.5 (554d)
Code Analysis
Analyzed Mar 16, 2026

Social Chat – Click To Chat App Button Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
7
104 escaped
Nonce Checks
2
Capability Checks
5
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

0% prepared2 total queries

Output Escaping

94% escaped111 total outputs
Attack Surface

Social Chat – Click To Chat App Button Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 36
filteroption_qlwappcompatibility\old.php:35
filterwpcompatibility\old.php:268
actioncustomize_registercompatibility\old.php:269
actionadmin_initcompatibility\old.php:270
filteroption_qlwappcompatibility\old.php:271
filterdefault_option_qlwappcompatibility\old.php:272
filterdefault_option_qlwapp_boxcompatibility\old.php:274
filterdefault_option_qlwapp_buttoncompatibility\old.php:280
filterdefault_option_qlwapp_displaycompatibility\old.php:286
filterdefault_option_qlwapp_schemecompatibility\old.php:292
filterdefault_option_qlwapp_settingscompatibility\old.php:298
filterdefault_option_qlwapp_woocommercecompatibility\old.php:304
filterdefault_option_qlwapp_contactscompatibility\old.php:310
actionwp_default_scriptsjetpack_vendor\automattic\jetpack-assets\actions.php:11
actionplugins_loadedjetpack_vendor\automattic\jetpack-assets\actions.php:12
filterwp_resource_hintsjetpack_vendor\automattic\jetpack-assets\src\class-assets.php:182
actionwp_loadedjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:38
actionenqueue_block_editor_assetsjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:52
actionshutdownjetpack_vendor\automattic\jetpack-status\src\class-errors.php:38
actionwp_network_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:36
actionwp_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:37
actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:95
actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:104
actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-required\src\Load.php:40
filterinstall_plugins_tabsjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:33
actioninstall_plugins_quadlayersjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:34
actionplugins_loadedjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:47
actionadmin_menujetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:50
actionadmin_initjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:55
filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:56
filterself_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:52
filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:53
filterplugin_row_metajetpack_vendor\quadlayers\wp-plugin-table-links\src\Load.php:36
actioninitvendor_packages\wp-notice-plugin-promote.php:4
actioninitvendor_packages\wp-plugin-table-links.php:4
actionbefore_woocommerce_initwp-whatsapp-chat.php:83
Maintenance & Trust

Social Chat – Click To Chat App Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version5.6
Downloads12.3M

Community Trust

Rating98/100
Number of ratings678
Active installs200K
Alternatives

Social Chat – Click To Chat App Button Alternatives

Click to Chat – HoliThemes

Click to Chat – HoliThemes

click-to-chat-for-whatsapp

A
96

WhatsApp Chat🔥. Let's make your Web page visitors contact you through 'WhatsApp', 'WhatsApp Business'. Add matching Widget✅

700K 3 CVEs
WP Chat App

WP Chat App

wp-whatsapp

A
97

Integrate WhatsApp experience directly into your WordPress website.

100K 6 CVEs
Contact Form to Chat Apps | Click to Chat to Order – FormyChat

Contact Form to Chat Apps | Click to Chat to Order – FormyChat

social-contact-form

A
100

Connect contact forms and WooCommerce to WhatsApp by live click to chat. Send form data to WhatsApp Business for instant customer engagement

3K No CVEs
ChatHelp – Click to Chat Button, Chat to Order, Floating Chat & Form

ChatHelp – Click to Chat Button, Chat to Order, Floating Chat & Form

chat-help

A
96

Add WhatsApp click to chat with floating chat button, chat to order for WooCommerce, and chat forms to convert visitors into customers.

1K 2 CVEs
Watso – Basic Help Chat Button

Watso – Basic Help Chat Button

watso-basic-chat

A
100

Lightweight and blazing-fast WhatsApp chat button for WordPress with full customization, UTM tracking, multi-agent support, and scheduling.

100 No CVEs
Developer Profile

Social Chat – Click To Chat App Button Developer Profile

quadlayers

17 plugins · 654K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
501 days
View full developer profile
Detection Fingerprints

How We Detect Social Chat – Click To Chat App Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-whatsapp-chat/assets/css/style.css/wp-content/plugins/wp-whatsapp-chat/assets/js/scripts.js
Script Paths
/wp-content/plugins/wp-whatsapp-chat/assets/js/scripts.js
Version Parameters
wp-whatsapp-chat/assets/css/style.css?ver=wp-whatsapp-chat/assets/js/scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes
qlwapp-chat-widget
Data Attributes
data-modedata-phonedata-message
JS Globals
qlwapp_config
Shortcode Output
[qlwapp]
FAQ

Frequently Asked Questions about Social Chat – Click To Chat App Button