WP-Safety

AI Content Writing Assistant Security & Risk Analysis

wordpress.org/plugins/ai-content-writing-assistant

AI Content Writing Assistant - Content Writer, ChatGPT, Image Generator All in One generates high-quality, unique content and stunning images with jus …

900 active installs v1.1.7 PHP 5.6.4+ WP 5.0+ Updated Oct 11, 2024
aichatgptcontentgptwriter
68
C · Use Caution
CVEs total2
Unpatched1
Last CVEDec 31, 2025
Plugin page Download
Safety Verdict

Is AI Content Writing Assistant Safe to Use in 2026?

Use With Caution

Score 68/100

AI Content Writing Assistant has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

2 known CVEs 1 unpatched Last CVE: Dec 31, 2025Updated 1yr ago
Risk Assessment

The AI Content Writing Assistant plugin exhibits a mixed security posture. While it demonstrates good practices in output escaping and avoids dangerous functions, significant concerns arise from its attack surface and vulnerability history. The plugin exposes a substantial number of AJAX handlers (23 total) with a concerning 19 lacking authentication checks, creating a broad entry point for potential attackers. The taint analysis reveals two flows with unsanitized paths, which, although not classified as critical or high severity, warrant attention as they represent potential avenues for exploitation if data is improperly handled.

The plugin's vulnerability history is a major red flag, with two known CVEs, one of which remains unpatched. The common vulnerability types of Missing Authorization and Cross-Site Request Forgery (CSRF) further align with the code analysis findings of numerous unprotected AJAX handlers. This pattern suggests recurring authorization and input validation issues. The recent unpatched vulnerability (dated 2025-12-31) indicates a lack of timely remediation, increasing the risk of exploitation. While the plugin has some strengths in code quality, the high number of unprotected entry points and the presence of unpatched vulnerabilities present a significant security risk.

Key Concerns

  • Unpatched CVE (medium severity)
  • Large attack surface without auth (AJAX)
  • Flows with unsanitized paths (taint analysis)
  • Missing Authorization (from vuln history)
  • Cross-Site Request Forgery (from vuln history)
  • SQL queries without prepared statements
  • Missing nonce checks
Vulnerabilities
2

AI Content Writing Assistant Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2025-62154medium · 4.3Missing Authorization

AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One <= 1.1.7 - Missing Authorization

Dec 31, 2025Unpatched
CVE-2023-45063medium · 4.3Cross-Site Request Forgery (CSRF)

AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One <= 1.1.6 - Cross-Site Request Forgery

Oct 3, 2023 Patched in 1.1.7 (175d)
Code Analysis
Analyzed Mar 16, 2026

AI Content Writing Assistant Code Analysis

Dangerous Functions
0
Raw SQL Queries
10
8 prepared
Unescaped Output
90
640 escaped
Nonce Checks
4
Capability Checks
6
File Operations
3
External Requests
2
Bundled Libraries
0

SQL Query Safety

44% prepared18 total queries

Output Escaping

88% escaped730 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
ajax (admin\includes\ajax-requests\get-intro-and-conc.php:18)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
19 unprotected

AI Content Writing Assistant Attack Surface

Entry Points23
Unprotected19

AJAX Handlers 23

authwp_ajax_aiwa_add_scheduled_postadmin\includes\ajax-requests\add-scheduled-post.php:15
authwp_ajax_ai_writing_assistant_save_settingsadmin\includes\ajax-requests\ajax-save-settings.php:13
authwp_ajax_aiwa_chatting_with_gptadmin\includes\ajax-requests\chatting-with-gpt.php:15
authwp_ajax_aiwa_check_is_scheduled_image_generatedadmin\includes\ajax-requests\check-is-scheduled-image-generated.php:15
authwp_ajax_aiwa_delete_scheduled_postadmin\includes\ajax-requests\delete-scheduled-post.php:15
authwp_ajax_aiwa_generate_ai_responseadmin\includes\ajax-requests\generate-ai-response.php:15
authwp_ajax_aiwa_generate_imageadmin\includes\ajax-requests\generate-image.php:15
authwp_ajax_generate_placeholdersadmin\includes\ajax-requests\generate-placeholders.php:15
authwp_ajax_aiwa_generate_variation_imagesadmin\includes\ajax-requests\generate-variation-images.php:15
authwp_ajax_ai_writing_assistant_ai_dataadmin\includes\ajax-requests\get-ai-data.php:13
authwp_ajax_get_intro_and_concadmin\includes\ajax-requests\get-intro-and-conc.php:15
authwp_ajax_aiwa_prompt_based_generationadmin\includes\ajax-requests\prompt-based-command-generation.php:13
authwp_ajax_aiwa_rating_box_closedadmin\includes\ajax-requests\rating-box-closed.php:15
authwp_ajax_aiwa_replace_with_suggested_titleadmin\includes\ajax-requests\replace-post-titles.php:15
authwp_ajax_aiwa_save_image_to_media_libraryadmin\includes\ajax-requests\save-image-to-media-library.php:15
authwp_ajax_aiwa_set_scheduled_postsadmin\includes\ajax-requests\save-scheduled-posts.php:15
authwp_ajax_aiwa_save_single_post_generationadmin\includes\ajax-requests\save-single-generated-post.php:15
authwp_ajax_aiwa_suggest_post_titlesadmin\includes\ajax-requests\suggest-post-titles.php:15
authwp_ajax_aiwa_update_scheduled_postadmin\includes\ajax-requests\update-scheduled-post.php:15
authwp_ajax_aiwa_notice_has_clickedadmin\includes\notices.php:110
noprivwp_ajax_aiwa_notice_has_clickedadmin\includes\notices.php:111
authwp_ajax_aiwa_wp_plugin_dismiss_noticeadmin\includes\review-notice.php:42
authwp_ajax_aiwa_wp_plugin_close_noticeadmin\includes\review-notice.php:52
WordPress Hooks 34
actionadmin_enqueue_scriptsadmin\AI_Writing_Assistant_Admin.php:86
actionpost_row_actionsadmin\AI_Writing_Assistant_Admin.php:87
actionpage_row_actionsadmin\AI_Writing_Assistant_Admin.php:88
actionadmin_menuadmin\includes\add-menu-page.php:13
actionadmin_print_scriptsadmin\includes\cdata.php:21
filtercomment_row_actionsadmin\includes\class-generate-comment-reply.php:24
actionadmin_enqueue_scriptsadmin\includes\class-generate-comment-reply.php:25
filtercron_schedulesadmin\includes\Cron_Tasks.php:13
actionaiwa_per_minutes_cron_taskadmin\includes\Cron_Tasks.php:19
actionaiwa_codeboxadmin\includes\image-generator-class.php:15
filteraiwa_promptbox_titleadmin\includes\image-generator-class.php:16
filteraiwa_metabox_settingsadmin\includes\image-generator-class.php:17
filteraiwa_generate_button_textadmin\includes\image-generator-class.php:18
actionaiwa_promptbox_footer_buttonsadmin\includes\image-generator-class.php:19
actionaiwa_after_promptbox_fieldsadmin\includes\image-generator-class.php:20
actionaiwa_daily_schedulesadmin\includes\notices.php:8
actionaiwa_right_side_noticeadmin\includes\notices.php:60
actionadmin_noticesadmin\includes\notices.php:106
actionadmin_print_footer_scriptsadmin\includes\notices.php:230
actionadmin_footeradmin\includes\register-meta-boxes.php:22
actionadd_meta_boxesadmin\includes\register-meta-boxes.php:23
actionadmin_noticesadmin\includes\review-notice.php:32
actionadmin_print_footer_scriptsadmin\includes\review-notice.php:88
actionadmin_footeradmin\includes\save-image-to-gallery-modal.php:41
actionaiwa_after_promptbox_languageadmin\includes\scheduled-post-generator-functions.php:15
actionaiwa_codeboxadmin\includes\scheduled-post-generator-functions.php:16
filteraiwa_promptbox_titleadmin\includes\scheduled-post-generator-functions.php:17
filteraiwa_metabox_settingsadmin\includes\scheduled-post-generator-functions.php:18
filteraiwa_after_promptbox_formadmin\includes\scheduled-post-generator-functions.php:19
filteraiwa_generate_button_textadmin\includes\scheduled-post-generator-functions.php:20
actionadmin_footeradmin\includes\title-suggestion-modal.php:20
actionadmin_initai-writing-assistant.php:64
actionaiwa_ai_generate_imageincludes\global-functions.php:847
actionhttp_api_curlincludes\OpenAi.php:24

Scheduled Events 3

aiwa_per_minutes_cron_task
aiwa_daily_schedules
aiwa_ai_generate_image
Maintenance & Trust

AI Content Writing Assistant Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedOct 11, 2024
PHP min version5.6.4
Downloads38K

Community Trust

Rating92/100
Number of ratings39
Active installs900
Alternatives

AI Content Writing Assistant Alternatives

WP Wand – Unlimited Content Generation using AI – for OpenAI, Claude, Openrouter and Deepseek

WP Wand – Unlimited Content Generation using AI – for OpenAI, Claude, Openrouter and Deepseek

ai-content-generation

B
76

WP Wand is a powerful AI Content Writer for WordPress. Your AI Co-Pilot for generating content, powered by OpenAI, Claude, OpenRouter and Deepseek.

1K 1 unpatched
ContentBot AI Writer (ChatGPT, GPT4)

ContentBot AI Writer (ChatGPT, GPT4)

content-bot

B
71

Get ideas, inspiration, and content in a few clicks with our AI Writer. All content is unique and original. Simply tweak it and go.

600 1 unpatched
Assistini – WP AI Text Writer, Content Generator, Auto Image Generator and SEO Optimizer with ChatGPT

Assistini – WP AI Text Writer, Content Generator, Auto Image Generator and SEO Optimizer with ChatGPT

assistini

A
100

Create, edit and SEO-optimize WordPress posts and generate images automatically with ChatGPT, Gemini, Claude.ai

60 No CVEs
AI Tools – Chatbot, ChatGPT, Content Generator, Image Generator, Artificial Intelligence GPT

AI Tools – Chatbot, ChatGPT, Content Generator, Image Generator, Artificial Intelligence GPT

artificial-intelligence-auto-content-generator

B
70

Auto content generator based on OpenAi\'s gpt-3 model

50 1 unpatched
AI Generated Post

AI Generated Post

ai-generated-post

A
100

1 WordPress AI Post Generator plugin. Only by writing simple prompt generate a full post without no hassle.

20 No CVEs
Developer Profile

AI Content Writing Assistant Developer Profile

recorp

6 plugins · 10K total installs

80
trust score
Avg Security Score
88/100
Avg Patch Time
52 days
View full developer profile
Detection Fingerprints

How We Detect AI Content Writing Assistant

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ai-content-writing-assistant/admin/css/style.css/wp-content/plugins/ai-content-writing-assistant/admin/js/admin.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-resource.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-select.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-multiselect.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-form-generator.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/moment.min.js+41 more
Script Paths
/wp-content/plugins/ai-content-writing-assistant/admin/js/admin.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-resource.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-select.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-multiselect.min.js/wp-content/plugins/ai-content-writing-assistant/admin/js/vendors/vue-form-generator.min.js+39 more
Version Parameters
ai-writing-assistant/style.css?ver=ai-writing-assistant/admin/js/admin.js?ver=ai-writing-assistant/admin/js/vendors/vue.min.js?ver=ai-writing-assistant/admin/js/vendors/vue-resource.min.js?ver=ai-writing-assistant/admin/js/vendors/vue-select.js?ver=ai-writing-assistant/admin/js/vendors/vue-multiselect.min.js?ver=ai-writing-assistant/admin/js/vendors/vue-form-generator.min.js?ver=ai-writing-assistant/admin/js/vendors/moment.min.js?ver=ai-writing-assistant/admin/js/vendors/v-calendar.umd.min.js?ver=ai-writing-assistant/admin/js/vendors/quill.min.js?ver=ai-writing-assistant/admin/js/vendors/quill-better-table.min.js?ver=ai-writing-assistant/admin/js/vendors/vue-quill-editor.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/tinymce.min.js?ver=ai-writing-assistant/admin/js/vendors/jquery.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/wordcount/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/emoticons/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/autolink/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/autosave/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/lists/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/link/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/image/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/charmap/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/print/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/preview/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/anchor/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/searchreplace/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/visualblocks/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/code/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/fullscreen/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/insertdatetime/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/media/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/plugins/table/plugin.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/themes/silver/theme.min.js?ver=ai-writing-assistant/admin/js/vendors/tinymce/skins/ui/silver/skin.min.css?ver=ai-writing-assistant/admin/js/vendors/tinymce/skins/content/default/content.min.css?ver=ai-writing-assistant/admin/js/add-menu-page.js?ver=ai-writing-assistant/admin/js/settings-menu-items.js?ver=ai-writing-assistant/admin/js/ajax-requests.js?ver=ai-writing-assistant/admin/js/register-meta-boxes.js?ver=ai-writing-assistant/admin/js/cdata.js?ver=ai-writing-assistant/admin/js/notices.js?ver=ai-writing-assistant/admin/js/review-notice.js?ver=ai-writing-assistant/admin/js/Cron_Tasks.js?ver=ai-writing-assistant/admin/js/title-suggestion-modal.js?ver=ai-writing-assistant/admin/js/save-image-to-gallery-modal.js?ver=ai-writing-assistant/admin/js/scheduled-post-generator-functions.js?ver=ai-writing-assistant/admin/js/image-generator-class.js?ver=ai-writing-assistant/includes/css/admin.css?ver=ai-writing-assistant/includes/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
ai_writing_assistant__aiwa_wrapper
HTML Comments
<!-- Link to settings page from plugins screen --><!-- Required WP Admin Menu --><!-- Ajax Requests --><!-- Notices -->+6 more
Data Attributes
data-key="ai_writing_assistant__"
JS Globals
AI_Writing_AssistantAIWA_VERSIONAIWA_NAMEAIWA_DIR_PATHAIWA_PLUGIN_BASENAMEAIWA_DIR_URL+2 more
FAQ

Frequently Asked Questions about AI Content Writing Assistant