WP-Safety

AI Chatbot for Support & E-Commerce Security & Risk Analysis

wordpress.org/plugins/ai-chatbot-for-support-e-commerce

AI-powered chatbot for WordPress and WooCommerce using OpenAI or Gemini, trained on your site content.

0 active installs v1.0.3 PHP 7.4+ WP 6.0+ Updated Feb 5, 2026
ai-assistantai-chatbotcustomer-supportgemini-aiopenai
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AI Chatbot for Support & E-Commerce Safe to Use in 2026?

Generally Safe

Score 100/100

AI Chatbot for Support & E-Commerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "ai-chatbot-for-support-e-commerce" plugin v1.0.3 exhibits a generally good security posture, with several positive indicators. The absence of dangerous functions, file operations, and raw SQL queries is commendable. Furthermore, all SQL queries utilize prepared statements, and the vast majority of output is properly escaped, reducing the risk of cross-site scripting (XSS) vulnerabilities. The presence of nonce and capability checks on most entry points also suggests an awareness of security best practices.

However, there are areas of concern that warrant attention. The static analysis reveals a total of 11 entry points, with 2 of them being unprotected. Specifically, 2 out of 3 REST API routes lack permission callbacks, making them potentially vulnerable to unauthorized access or manipulation. While no critical or high-severity taint flows were identified, and the vulnerability history is clean, these unprotected entry points represent a direct attack vector that could be exploited by malicious actors.

In conclusion, while the plugin demonstrates strengths in secure coding practices like prepared statements and output escaping, the presence of unprotected REST API routes is a significant weakness. The clean vulnerability history is a positive sign, indicating past diligence or perhaps a lack of past scrutiny. However, the identified unprotected entry points present a clear and immediate risk that should be addressed to improve the overall security of the plugin.

Key Concerns

  • REST API routes without permission callbacks
  • Unprotected AJAX handlers
Vulnerabilities
None known

AI Chatbot for Support & E-Commerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

AI Chatbot for Support & E-Commerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
45 escaped
Nonce Checks
6
Capability Checks
7
File Operations
0
External Requests
6
Bundled Libraries
0

Output Escaping

88% escaped51 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
handle_ai_config_save (includes\class-acsec-chatbot-admin.php:625)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

AI Chatbot for Support & E-Commerce Attack Surface

Entry Points11
Unprotected2

AJAX Handlers 6

authwp_ajax_acsec_chatbot_dismiss_domain_noticeincludes\class-acsec-chatbot-admin.php:43
authwp_ajax_acsec_chatbot_registerincludes\class-acsec-chatbot-admin.php:56
authwp_ajax_acsec_chatbot_push_dataincludes\class-acsec-chatbot-admin.php:57
authwp_ajax_acsec_chatbot_send_api_keysincludes\class-acsec-chatbot-admin.php:58
authwp_ajax_acsec_chatbot_save_configincludes\class-acsec-chatbot-admin.php:60
authwp_ajax_acsec_rag_search_pagesincludes\class-acsec-chatbot-admin.php:61

REST API Routes 3

POST/wp-json/acsec-chatbot/v1/api/chat/queryincludes\acsec-rest-endpoint.php:9
GET/wp-json/acsec-chatbot/v1/api/messagesincludes\acsec-rest-endpoint.php:16
GET/wp-json/acsec-chatbot/v1/challenge-tokenincludes\acsec-rest-endpoint.php:23

Shortcodes 2

[ACSEC_CHATBOT] includes\acsec-frontend-chat.php:15
[acsec_chatbot] includes\class-acsec-chatbot-frontend.php:33
WordPress Hooks 12
actionplugins_loadedai-chatbot-for-support-e-commerce.php:46
actionwp_footerincludes\acsec-frontend-chat.php:65
actionwp_loadedincludes\acsec-frontend-chat.php:68
actionwp_enqueue_scriptsincludes\acsec-frontend-chat.php:100
actionrest_api_initincludes\acsec-rest-endpoint.php:4
actionadmin_noticesincludes\class-acsec-chatbot-admin.php:42
actionadmin_menuincludes\class-acsec-chatbot-admin.php:49
actioninitincludes\class-acsec-chatbot-admin.php:51
actionadmin_initincludes\class-acsec-chatbot-admin.php:52
actionadmin_enqueue_scriptsincludes\class-acsec-chatbot-admin.php:53
actionwp_enqueue_scriptsincludes\class-acsec-chatbot-frontend.php:31
actionwp_footerincludes\class-acsec-chatbot-frontend.php:32
Maintenance & Trust

AI Chatbot for Support & E-Commerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 5, 2026
PHP min version7.4
Downloads132

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

AI Chatbot for Support & E-Commerce Alternatives

Zeno – AI-Powered Chatbot

Zeno – AI-Powered Chatbot

zeno-chatbot-ai

A
100

An AI-powered WordPress automation chatbot plugin that helps you automate support, engage visitors, and answer questions using OpenAI or Google Gemini

60 No CVEs
Gapify AI Customer Communication

Gapify AI Customer Communication

gapify-ai-customer-communication

A
100

AI-powered customer support and chat widget. Automate responses, increase sales, and provide 24/7 customer service with Gapify's intelligent chatbot.

20 No CVEs
TM Chatbot Assistant

TM Chatbot Assistant

tm-chatbot-assistant

A
100

A powerful AI chatbot for use with Wordpress that enables OpenAI's Assistants to provide intelligent, conversational support to your website visitors.

10 No CVEs
MxChat – AI Chatbot & Content Generation for WordPress

MxChat – AI Chatbot & Content Generation for WordPress

mxchat-basic

A
98

The best free AI chatbot and content generation plugin for WordPress. Train ChatGPT, Claude, Gemini, or Grok on your website content.

1K 2 CVEs
Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

support-genix-lite

A
97

Manage customer support with a powerful helpdesk & support ticket system — track customer tickets, resolve, and streamline your support workflow.

1K 3 CVEs
Developer Profile

AI Chatbot for Support & E-Commerce Developer Profile

Jatinder Singh

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AI Chatbot for Support & E-Commerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ai-chatbot-for-support-e-commerce/assets/css/chatbot-styles.css
Script Paths
/wp-content/plugins/ai-chatbot-for-support-e-commerce/chat-app-build/assets/index-BnRv7LeP.js
Version Parameters
ai-chatbot-for-support-e-commerce/assets/css/chatbot-styles.css?ver=ai-chatbot-for-support-e-commerce/chat-app-build/assets/index-BnRv7LeP.js?ver=ai-chatbot-for-support-e-commerce/chat-app-build/assets/index-BxZlaAnu.css?ver=

HTML / DOM Fingerprints

CSS Classes
acsec-chatbot-wrapperacsec-chatbot-buttonacsec-chatbot-modalacsec-chatbot-contentacsec-chatbot-closeacsec-chatbot-appacsec-chatbot-rootposition-right+1 more
HTML Comments
🧠 Chatbot Popup StructureFloating ButtonModalReact app will render here
Data Attributes
id="acsec-chatbot-wrapper"class="acsec-chatbot-id="acsec-chatbot-button"id="acsec-chatbot-modal"class="acsec-chatbot-content"id="acsec-chatbot-close"+9 more
JS Globals
ACSEC_CHAT
REST Endpoints
/wp-json/acsec-chatbot/v1/api/chat/query/wp-json/acsec-chatbot/v1/messages
Shortcode Output
[ACSEC_CHATBOT]
FAQ

Frequently Asked Questions about AI Chatbot for Support & E-Commerce