Does AI have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is AI compatible with WordPress 7.0?

According to WordPress.org data, AI 0.7.0 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is AI compatible with PHP 7.4+?

AI requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is AI updated?

AI was last updated on Apr 9, 2026. Frequent updates are generally a positive security signal.

What is AI's security score?

AI has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AI Security & Risk Analysis

wordpress.org/plugins/ai

AI features, experiments and capabilities for WordPress.

1K active installs v0.7.0 PHP 7.4+ WP 7.0+ Updated Apr 9, 2026

abilitiesaiartificial-intelligenceexperimentsmcp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AI Safe to Use in 2026?

Generally Safe

Score 100/100

AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'ai' plugin version 0.5.0 demonstrates a generally strong security posture, with robust use of WordPress security features like nonce and capability checks. The plugin also avoids common pitfalls such as dangerous function usage and external HTTP requests. Its SQL queries are exclusively prepared, and a high percentage of output is properly escaped, indicating a good understanding of secure coding practices.

However, a significant concern arises from the taint analysis, which identified one flow with an unsanitized path. While this did not result in a high or critical severity finding and there are no recorded vulnerabilities, it represents a potential avenue for malicious input if not handled carefully. The presence of file operations without further context also warrants attention, as these can sometimes be associated with insecure practices if not implemented with strict sanitization and validation.

Given the complete absence of known vulnerabilities and a proactive approach to security features, the plugin is relatively safe. The primary weakness lies in the single unsanitized path identified in the taint analysis. This plugin is a good example of a developer who understands many security principles, but there's a specific area that needs verification to ensure it doesn't become a point of exploitation.

Key Concerns

Flow with unsanitized path found

Vulnerabilities

None known

AI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

AI Release Timeline

v0.7.0Current

v0.6.0

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.1

Code Analysis

Analyzed Mar 16, 2026

AI Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

141 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

94% escaped150 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths

render_test_runner (includes\Experiments\Abilities_Explorer\Admin_Page.php:243)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

AI Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_ai_ability_explorer_invokeincludes\Experiments\Abilities_Explorer\Admin_Page.php:35

REST API Routes 1

GET/wp-json/ai/v1/exampleincludes\Experiments\Example_Experiment\Example_Experiment.php:84

WordPress Hooks 33

actionwp_abilities_api_initincludes\Abilities\Utilities\Posts.php:39

actionadmin_noticesincludes\bootstrap.php:74

actionadmin_noticesincludes\bootstrap.php:103

actioninitincludes\bootstrap.php:182

actionwp_abilities_api_categories_initincludes\bootstrap.php:211

actionplugins_loadedincludes\bootstrap.php:241

actionadmin_enqueue_scriptsincludes\Experiments\Abilities_Explorer\Abilities_Explorer.php:49

actionadmin_menuincludes\Experiments\Abilities_Explorer\Admin_Page.php:34

actionwp_abilities_api_initincludes\Experiments\Alt_Text_Generation\Alt_Text_Generation.php:58

actionenqueue_block_editor_assetsincludes\Experiments\Alt_Text_Generation\Alt_Text_Generation.php:59

actionwp_enqueue_mediaincludes\Experiments\Alt_Text_Generation\Alt_Text_Generation.php:60

actionadmin_enqueue_scriptsincludes\Experiments\Alt_Text_Generation\Alt_Text_Generation.php:61

actionadd_meta_boxes_attachmentincludes\Experiments\Alt_Text_Generation\Alt_Text_Generation.php:62

filterattachment_fields_to_editincludes\Experiments\Alt_Text_Generation\Alt_Text_Generation.php:63

actionwp_footerincludes\Experiments\Example_Experiment\Example_Experiment.php:45

filterdocument_title_partsincludes\Experiments\Example_Experiment\Example_Experiment.php:46

actionrest_api_initincludes\Experiments\Example_Experiment\Example_Experiment.php:47

actionwp_abilities_api_initincludes\Experiments\Excerpt_Generation\Excerpt_Generation.php:48

actionadmin_enqueue_scriptsincludes\Experiments\Excerpt_Generation\Excerpt_Generation.php:49

actionwp_abilities_api_initincludes\Experiments\Image_Generation\Image_Generation.php:52

actionadmin_enqueue_scriptsincludes\Experiments\Image_Generation\Image_Generation.php:53

actionenqueue_block_editor_assetsincludes\Experiments\Image_Generation\Image_Generation.php:54

actionadmin_menuincludes\Experiments\Image_Generation\Image_Generation.php:55

actionadmin_footer-upload.phpincludes\Experiments\Image_Generation\Image_Generation.php:56

actionwp_abilities_api_initincludes\Experiments\Review_Notes\Review_Notes.php:52

actionenqueue_block_editor_assetsincludes\Experiments\Review_Notes\Review_Notes.php:53

filterrest_pre_insert_commentincludes\Experiments\Review_Notes\Review_Notes.php:54

actionwp_abilities_api_initincludes\Experiments\Summarization\Summarization.php:50

actionadmin_enqueue_scriptsincludes\Experiments\Summarization\Summarization.php:51

actionwp_abilities_api_initincludes\Experiments\Title_Generation\Title_Generation.php:48

actionadmin_enqueue_scriptsincludes\Experiments\Title_Generation\Title_Generation.php:49

actionadmin_menuincludes\Settings\Settings_Page.php:69

actionadmin_enqueue_scriptsincludes\Settings\Settings_Page.php:104

Maintenance & Trust

AI Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedApr 9, 2026

PHP min version7.4

Downloads9K

Community Trust

Rating100/100

Number of ratings3

Active installs1K

Alternatives

AI Alternatives

Abilities Bridge

abilities-bridge

100

MCP server for WordPress. Connect Claude AI or OpenAI to execute WordPress Abilities with configurable permissions.

50 No CVEs

AI Workflow Automation – AI Agent Hub

ai-workflow-automation-ai-agent-hub

100

AI-powered WordPress hub: 80+ abilities, MCP server, block editor AI experiments, RBAC, JWT auth, and workflows.

10 No CVEs

WebSamurai

websamurai

100

AI-powered features for WordPress with Model Context Protocol (MCP) server support and Advanced Chat

10 No CVEs

Angie – Agentic AI (Beta)

angie

100

Angie Code: Your expert WordPress developer, powered by AI. Build anything you can imagine without writing a single line of code.

10K No CVEs

Notification for Telegram

notification-for-telegram

Sends notifications to Telegram users or groups, when some events occur in WordPress.

4K 4 CVEs

Developer Profile

AI Developer Profile

WordPress.org

36 plugins · 14.9M total installs

trust score

Avg Security Score

97/100

Avg Patch Time

1718 days

View full developer profile

Detection Fingerprints

How We Detect AI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ai/build/index.js/wp-content/plugins/ai/build/style.css

Script Paths

/wp-content/plugins/ai/build/index.js

Version Parameters

ai/build/index.js?ver=ai/build/style.css?ver=

HTML / DOM Fingerprints

HTML Comments

JS Globals

window.ai

REST Endpoints

/wp-json/ai/v1/example

FAQ