WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Zero Bs Crm safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Zero Bs Crm WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: zero-bs-crm
  • Requires PHP: 7.4+
  • Max supported PHP (analyzed): <8.0

Known vulnerabilities

  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.4.3 [CVE-2022-3919, Jetpack CRM <= 5.4.2 - Authenticated (Administrator+) Cross-Site Scripting, Jetpack CRM &lt; 5.4.3 - Admin+ Cross-Site Scripting]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.5 [CVE-2022-4497, WordPress Jetpack CRM Plugin < 5.5 is vulnerable to Cross Site Scripting (XSS), Jetpack CRM <= 5.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting, Jetpack CRM &lt; 5.5 - Contributor+ Stored XSS]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.5.0 [CVE-2023-27429, WordPress Jetpack CRM Plugin <= 5.4.4 is vulnerable to Cross Site Scripting (XSS), Jetpack CRM <= 5.4.4 - Authenticated (Administrator+) Stored Cross-Site Scripting, Jetpack CRM &lt; 5.5.0 - Admin+ Stored XSS]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.4.0 [CVE-2022-3342, WordPress Jetpack CRM Plugin <= 5.3.1 is vulnerable to Cross Site Request Forgery (CSRF), Jetpack CRM <= 5.3.1 - Cross-Site Request Forgery and PHAR Deserialization, Jetpack CRM &lt; 5.4.0 - PHAR Deserialisation via CSRF]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.5.1 [Jetpack CRM <= 5.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting]
+ 5 more known vulnerabilities
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.5.1 [Jetpack CRM <= 5.5.0 - Authenticated (Client+) Stored Cross-Site Scripting]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.5.1 [Jetpack CRM &lt; 5.5.1 - Client+ XSS]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 5.5.1 [Jetpack CRM &lt; 5.5.1 - CRM Admin+ XSS]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 4.2.4 [Jetpackcrm Ext Woo Connect < 2.13 - Sensitive Information Exposure]
  • Jetpack CRM &#8211; Clients, Leads, Invoices, Billing, Email Marketing, &amp; Automation [zero-bs-crm] < 6.7.1 [CVE-2026-22356, Jetpack CRM <= 6.7.0 - Unauthenticated Local File Inclusion]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.