Site hacked

Hi @anthonyaxford,

Based on our security review, Click to Chat does not have any vulnerabilities that could cause hacking.

It seems like the site might have been compromised before enabling the plugin. Sometimes, malicious code remains dormant until certain conditions are met.

We understand how frustrating it can be to deal with a hacked website, and we’re here to help. However, we want to clarify a few points:

Security Assurance:

✅ Click to Chat does not have any functionality that allows hacking, malware injection, or external access.
✅ The plugin is actively used on 600,000+ websites, and we have not received similar reports for version 4.19.
✅ WordPress and security plugins regularly scan for vulnerabilities, and any potential risks would have been flagged.

Possible Causes of Hacking:
• Website hacks are often caused by vulnerable themes, outdated plugins, weak passwords, or compromised hosting environments.
• If your site was compromised before activating Click to Chat, it’s possible that malicious code was already injected and is being triggered under certain conditions.
• A “compromised” website means its security has been breached, allowing attackers to modify files, inject spam, or cause other issues
• If the issue started before activating Click to Chat, there might be an existing infection on your site that reactivates when any plugin is turned on.

How to Check & Fix the Issue:
1. Run a Security Scan: Use security plugins like Wordfence or Sucuri to scan for malware.
2. Check for Unauthorized Changes: Look for unknown admin users, modified core files, or injected scripts in your database (e.g., the wp_options table).
3. Manually Reinstall Click to Chat: Download a fresh copy from WordPress.org to ensure there are no tampered files.

Next Steps:

If you suspect an issue directly related to Click to Chat, please provide
• Error logs
• Steps to reproduce the issue
• Any suspicious file changes detected

If the issue is related to Click to Chat, we are happy to investigate and fix it. The problem might be unrelated to the plugin, as hacking incidents are often due to pre-existing malware or vulnerabilities.

Please check your website for:
• Injected malicious code in files or the database.
• Unauthorized access by hackers.
• Exploited vulnerabilities in themes, plugins, or hosting.
• Weak security measures like easy-to-guess passwords.

We’re committed to ensuring Click to Chat works seamlessly for everyone. We are working hard on this.

Please investigate the issue further. 
We’d greatly appreciate it if you could update your review—this would be very helpful for our hard work.

Best regards,
Click to Chat Support Team

sure, please create a support question here at the WordPress Click to Chat forum?

https://wordpress.org/support/plugin/click-to-chat-for-whatsapp/#new-topic-0

please reinstall the ‘click to chat’ plugin.
https://wordpress.org/plugins/click-to-chat-for-whatsapp/

If there’s any issue caused by the plugin, we’re happy to investigate and fix it to ensure it works smoothly for everyone.

Please check if any malicious code is injected, into any of the website/server files or in the database.

Click to Chat does not have any functionality that allows hacking, malware injection, or external access.

If a security issue were present, security plugins or WordPress itself would likely detect and flag it.

WordPress has a strong security ecosystem, and if a plugin poses a risk, it is promptly reviewed and appropriate action is taken.

Have a nice day,
Thank you