WP Beacon

Wise Chat

wise-chat · by marcinlawrowski · wordpress.org ↗ · SVN ↗
Active installs
6k+
Current version
3.4
Added
2014-12-06
Last updated
2026-03-09 (1mo ago)
First seen by beacon
11d ago
Total downloads
424,593

Alerts (0)

No open alerts.

Show 1 resolved alert
Critical code_pattern Resolved · false_positive_documented_feature 2026-04-30 15:25:30 (2d ago)
Slugwise-chat
Patterndirect_mysqli_connect
Kindbuiltin
Version3.4
Hit count1
First hit
File
src/Endpoints/Ultra/index.php
Line
70
Snippet
$dbWC = new mysqli($constants['DB_HOST'], $constants['DB_USER'], $constants['DB_PASSWORD'], $constants['DB_NAME']);
Explanationplugin instantiates `new mysqli($var['host'], ...)` — a direct MySQL connection bypassing `$wpdb`. Legitimate WordPress plugins always go through `$wpdb` (which already has the connection); a raw `mysqli` connect using parsed wp-config credentials is the credential-harvesting backdoor shape.
View raw JSON
{
    "slug": "wise-chat",
    "pattern": "direct_mysqli_connect",
    "kind": "builtin",
    "version": "3.4",
    "hit_count": 1,
    "first_hit": {
        "file": "src/Endpoints/Ultra/index.php",
        "line": 70,
        "snippet": "$dbWC = new mysqli($constants['DB_HOST'], $constants['DB_USER'], $constants['DB_PASSWORD'], $constants['DB_NAME']);"
    },
    "explanation": "plugin instantiates `new mysqli($var['host'], ...)` \u2014 a direct MySQL connection bypassing `$wpdb`. Legitimate WordPress plugins always go through `$wpdb` (which already has the connection); a raw `mysqli` connect using parsed wp-config credentials is the credential-harvesting backdoor shape."
}

SVN committers (2)

Accounts with actual commit access to wise-chat on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer Member since Commits First commit Latest commit
Marcin Young account 2014-11-24 111 2014-12-06 · r1039353 2026-03-09 · r3477967
plugin-master 2007-03-09 1 2014-12-01 · r1036159 2014-12-01 · r1036159

Readme contributors (1)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor Member since SVN access Status
Marcin 2014-11-24 Active

Versions (52 most recent)

Version Released Download
3.4 2026-03-09 · 1mo ago zip
3.3.5 2025-06-03 · 11mo ago zip
3.3.4 2025-05-06 · 12mo ago zip
3.3.3 2025-04-07 · 1y ago zip
3.3.2 2025-01-03 · 1y ago zip
3.3.1 2024-06-14 · 1y ago zip
3.3 2024-06-13 · 1y ago zip
3.2 2024-01-09 · 2y ago zip
3.1.7 2023-10-15 · 2y ago zip
3.1.6 2023-08-30 · 2y ago zip
3.1.5 2023-07-12 · 2y ago zip
3.1.4 2023-05-07 · 2y ago zip
3.1.3 2023-04-21 · 3y ago zip
3.1.2 2023-04-18 · 3y ago zip
3.1.1 2023-01-21 · 3y ago zip
3.1 2022-08-14 · 3y ago zip
3.0 2022-07-02 · 3y ago zip
2.9.7 2021-12-27 · 4y ago zip
2.9.5 2021-02-23 · 5y ago zip
2.9.4 2020-11-15 · 5y ago zip
2.9.3 2020-11-11 · 5y ago zip
2.9.2 2020-10-27 · 5y ago zip
2.9.1 2020-10-27 · 5y ago zip
2.9 2020-07-18 · 5y ago zip
2.8.4 2020-07-02 · 5y ago zip
2.8.3 2020-04-12 · 6y ago zip
2.8.2 2019-12-23 · 6y ago zip
2.8.1 2019-11-15 · 6y ago zip
2.8 2019-03-14 · 7y ago zip
2.7 2019-01-22 · 7y ago zip
2.6.3 2018-06-24 · 7y ago zip
2.6.2 2018-03-10 · 8y ago zip
2.6.1 2018-01-01 · 8y ago zip
2.6 2017-10-04 · 8y ago zip
2.5 2017-03-11 · 9y ago zip
2.4.3 2017-01-29 · 9y ago zip
2.4.2 2016-10-31 · 9y ago zip
2.4.1 2016-09-22 · 9y ago zip
2.4 2016-09-22 · 9y ago zip
2.3 2016-05-20 · 9y ago zip
2.2.0 2016-03-27 · 10y ago zip
2.1.0 2015-12-11 · 10y ago zip
2.0.1 2015-11-18 · 10y ago zip
2.0.0 2015-11-18 · 10y ago zip
1.8.0 2015-09-01 · 10y ago zip
1.7.0 2015-07-11 · 10y ago zip
1.6.0 2015-05-26 · 10y ago zip
1.5.0 2015-04-16 · 11y ago zip
1.4.0 2015-03-09 · 11y ago zip
1.3.0 2015-02-17 · 11y ago zip
1.2.0 2015-01-27 · 11y ago zip
1.0.0 2014-12-06 · 11y ago zip