WP-Safety

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Security & Risk Analysis

wordpress.org/plugins/ai-product-tools

All-in-One AI Suite for WooCommerce: Bulk generate descriptions, titles, tags, FAQs, SEO Meta & AI Chatbot via OpenAI, Gemini, Claude & OpenRouter

400 active installs v2.5.11 PHP 7.4+ WP 5.0.0+ Updated Mar 13, 2026
ai-chatbotai-product-descriptionbulk-product-descriptionproduct-content-generatorwoocommerce-chatbot
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 20d ago
Risk Assessment

The plugin "ai-product-tools" v2.5.11 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in output escaping (98%) and a high adoption rate of prepared statements for SQL queries (87%). The absence of any recorded vulnerabilities or CVEs, including critical or high severity ones, suggests a generally secure development history. However, the plugin presents a notable attack surface with a significant number of unprotected entry points, specifically 12 out of 27 total. These unprotected AJAX handlers and REST API routes represent potential avenues for attackers if proper authorization and input validation are not meticulously implemented at the application level.

The static analysis reveals the presence of two instances of `preg_replace(/e)`, which, while not immediately a critical vulnerability, warrants careful review for potential regex injection or denial-of-service issues. The taint analysis showed zero flows, which is a positive sign, indicating no obvious paths for untrusted data to reach sensitive functions without proper sanitization. The inclusion of the Freemius v1.0 bundled library is a minor concern, as older versions of bundled libraries can sometimes harbor unpatched vulnerabilities, although without specific details on Freemius v1.0's security, this is a lower-priority flag.

In conclusion, the plugin has a solid foundation with good SQL and output handling. The primary concern lies in the substantial number of unprotected entry points, which significantly increases the risk of unauthorized access or data manipulation if not adequately secured by the WordPress application. While the vulnerability history is clean, proactive security measures for the identified unprotected entry points are crucial to maintain this positive track record. The `preg_replace(/e)` usage and the bundled library also warrant further investigation.

Key Concerns

  • 12 unprotected entry points
  • 2 instances of preg_replace(/e)
  • Bundled outdated library (Freemius v1.0)
Vulnerabilities
None known

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Code Analysis

Dangerous Functions
2
Raw SQL Queries
38
259 prepared
Unescaped Output
9
425 escaped
Nonce Checks
10
Capability Checks
44
File Operations
41
External Requests
12
Bundled Libraries
1

Dangerous Functions Found

preg_replace(/e)preg_replace('/<embed\b[^<]*(?:(?!<\/embed>)<[^<]*)*<\/esrc\Api\RestEndpoints.php:782
preg_replace(/e)preg_replace('/esrc\Core\ErrorHandler.php:287

Bundled Libraries

Freemius1.0

SQL Query Safety

87% prepared297 total queries

Output Escaping

98% escaped434 total outputs
Attack Surface
12 unprotected

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Attack Surface

Entry Points27
Unprotected12

AJAX Handlers 1

authwp_ajax_aipt_dismiss_sdk_conflictsrc\Core\FsManager.php:48

REST API Routes 25

GET/wp-json/aipt/v1/draft-contentsrc\Api\AutomationJobs\DraftContentController.php:36
GET/wp-json/aipt/v1/draft-content/(?P<id>\d+)/approvesrc\Api\AutomationJobs\DraftContentController.php:67
GET/wp-json/aipt/v1/draft-content/(?P<id>\d+)/rejectsrc\Api\AutomationJobs\DraftContentController.php:81
GET/wp-json/aipt/v1/draft-content/bulk-approvesrc\Api\AutomationJobs\DraftContentController.php:95
GET/wp-json/aipt/v1/draft-content/bulk-deletesrc\Api\AutomationJobs\DraftContentController.php:114
GET/wp-json/aipt/v1/draft-content/(?P<id>\d+)src\Api\AutomationJobs\DraftContentController.php:133
GET/wp-json/aipt/v1/faq-display-settingssrc\Api\BulkGenerator\FAQ\FAQDisplaySettingsController.php:47
POST/wp-json/aipt/v1/faq-generator/bulk-generatesrc\Api\BulkGenerator\FAQ\FAQGeneratorController.php:22
POST/wp-json/aipt/v1/faq-generator/bulk-applysrc\Api\BulkGenerator\FAQ\FAQGeneratorController.php:42
POST/wp-json/aipt/v1/faq-generator/bulk-rejectsrc\Api\BulkGenerator\FAQ\FAQGeneratorController.php:62
POST/wp-json/aipt/v1/standard-bulk-generator/generatesrc\Api\BulkGenerator\Standard\StandardBulkGeneratorController.php:25
POST/wp-json/aipt/v1/standard-bulk-generator/applysrc\Api\BulkGenerator\Standard\StandardBulkGeneratorController.php:44
POST/wp-json/aipt/v1/title-generator/bulk-generatesrc\Api\BulkGenerator\Title\TitleGeneratorController.php:22
POST/wp-json/aipt/v1/title-generator/bulk-applysrc\Api\BulkGenerator\Title\TitleGeneratorController.php:41
POST/wp-json/aipt/v1/title-generator/bulk-rejectsrc\Api\BulkGenerator\Title\TitleGeneratorController.php:57
GET/wp-json/aipt/v1/custom-fieldssrc\Api\CustomFields.php:24
GET/wp-json/aipt/v1/custom-variablessrc\Api\CustomFields.php:51
GET/wp-json/aipt/v1/prompt-templatessrc\Api\PromptTemplates\PromptTemplateController.php:33
GET/wp-json/aipt/v1/prompt-templates/(?P<id>\d+)src\Api\PromptTemplates\PromptTemplateController.php:56
GET/wp-json/aipt/v1/prompt-templates/(?P<id>\d+)/set-defaultsrc\Api\PromptTemplates\PromptTemplateController.php:92
GET/wp-json/wp/v2/aipt/limitssrc\Api\RestEndpoints.php:404
GET/wp-json/aipt/v1/taxonomy-generator/discover-taxonomiessrc\Api\TaxonomyGenerator\TaxonomyGeneratorController.php:26
GET/wp-json/aipt/v1/taxonomy-generator/termssrc\Api\TaxonomyGenerator\TaxonomyGeneratorController.php:36
POST/wp-json/aipt/v1/taxonomy-generator/generatesrc\Api\TaxonomyGenerator\TaxonomyGeneratorController.php:52
POST/wp-json/aipt/v1/taxonomy-generator/applysrc\Api\TaxonomyGenerator\TaxonomyGeneratorController.php:80

Shortcodes 1

[aipt_faq] src\Api\BulkGenerator\FAQ\FAQShortcode.php:27
WordPress Hooks 65
filterredirect_on_activationai-product-tools.php:98
filterdefault_redirect_on_activationai-product-tools.php:99
actionafter_uninstallai-product-tools.php:107
actionplugins_loadedai-product-tools.php:118
actionadmin_headsrc\Admin\NoticeManager.php:51
actionadmin_noticessrc\Admin\Notices\MigrationNotices.php:44
actionadmin_noticessrc\Admin\Notices.php:27
actionadmin_noticessrc\Admin\Notices.php:29
actionadmin_noticessrc\Admin\Notices.php:31
actionadmin_enqueue_scriptssrc\Admin\Notices.php:32
actioninitsrc\Api\AutomationJobs\JobExecutionHandler.php:26
actionwp_loadedsrc\Api\AutomationJobs\JobExecutionHandler.php:28
actionaipt_execute_any_jobsrc\Api\AutomationJobs\JobExecutionHandler.php:121
actionwp_headsrc\Api\BulkGenerator\FAQ\FAQSchemaGenerator.php:43
actionrest_api_initsrc\Core\CreditSystem\CreditRest.php:29
actionaipt_credit_syncsrc\Core\CreditSystem\CreditSystemBootstrap.php:47
actioninitsrc\Core\Database\Migration.php:62
actionupgrader_process_completesrc\Core\Database\Migration.php:67
actionbefore_delete_postsrc\Core\Database\OrphanCleaner.php:20
actionwp_loadedsrc\Core\FsManager.php:36
actionadmin_print_footer_scriptssrc\Core\FsManager.php:45
actionadmin_noticessrc\Core\FsManager.php:47
actionfs_after_license_changesrc\Core\FsManager.php:66
actionfs_after_premium_version_activationsrc\Core\FsManager.php:68
actionfs_after_premium_version_deactivationsrc\Core\FsManager.php:70
actionadmin_footersrc\Core\FsManager.php:680
actionadmin_initsrc\Core\Init.php:275
actionrest_api_initsrc\Core\Init.php:276
filterrest_post_dispatchsrc\Core\Init.php:277
actionadmin_enqueue_scriptssrc\Core\Init.php:278
actionadd_meta_boxes_productsrc\Core\Init.php:279
actionadmin_menusrc\Core\Init.php:280
actionadmin_headsrc\Core\Init.php:281
filteradmin_body_classsrc\Core\Init.php:282
actionadmin_headsrc\Core\Init.php:283
actionwp_loadedsrc\Core\Init.php:285
actioninitsrc\Core\Init.php:287
actioninitsrc\Core\Init.php:289
actioninitsrc\Core\Init.php:291
actionaipt_clean_history_recordssrc\Core\Init.php:293
actionaipt_clean_job_logssrc\Core\Init.php:295
actionaipt_chatbot_queue_cleanupsrc\Core\Init.php:299
actionadmin_initsrc\Core\Init.php:300
filtercron_schedulessrc\Core\Init.php:304
actionaipt_process_automation_jobssrc\Core\Init.php:305
actionaipt_monitor_automation_jobssrc\Core\Init.php:306
actionwp_loadedsrc\Core\Init.php:310
actionaipt_build_store_indexsrc\Core\Init.php:312
actionaipt_scheduled_index_rebuildsrc\Core\Init.php:313
actionaipt_store_index_build_completesrc\Core\Init.php:315
actionwp_enqueue_scriptssrc\Core\Init.php:317
actionwp_body_opensrc\Core\Init.php:319
actionwp_footersrc\Core\Init.php:320
actionwp_enqueue_scriptssrc\Core\Init.php:322
actionwp_headsrc\Core\Init.php:323
actionwoocommerce_after_single_product_summarysrc\Core\Init.php:324
actioninitsrc\Core\Init.php:330
actionwp_abilities_api_categories_initsrc\Core\Services\AbilityRegistrar.php:71
actionwp_abilities_api_initsrc\Core\Services\AbilityRegistrar.php:72
actioncreated_product_catsrc\Utils\ProductFilter\ProductFilterMapper.php:423
actionedited_product_catsrc\Utils\ProductFilter\ProductFilterMapper.php:424
actiondelete_product_catsrc\Utils\ProductFilter\ProductFilterMapper.php:425
actioncreated_product_tagsrc\Utils\ProductFilter\ProductFilterMapper.php:427
actionedited_product_tagsrc\Utils\ProductFilter\ProductFilterMapper.php:428
actiondelete_product_tagsrc\Utils\ProductFilter\ProductFilterMapper.php:429

Scheduled Events 4

aipt_process_automation_jobs
aipt_monitor_automation_jobs
aipt_credit_sync
aipt_chatbot_queue_cleanup
Maintenance & Trust

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 13, 2026
PHP min version7.4
Downloads12K

Community Trust

Rating94/100
Number of ratings15
Active installs400
Alternatives

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Alternatives

Live Chat & AI Chatbots – onWebChat

Live Chat & AI Chatbots – onWebChat

onwebchat

A
99

Enhance customer service with instant 24/7 AI-powered replies. Now with WooCommerce integration, so your chatbot understands your products and helps c &hellip;

800 1 CVE
ChatLab – AI Chatbot for WordPress and WooCommerce

ChatLab – AI Chatbot for WordPress and WooCommerce

chatlab-ai-chatbot-for-your-website-gpt-powered-customer-sales-assistant

A
100

ChatLab is an AI chatbot for WordPress that learns from your website content and answers visitor questions about your services and pages.

100 No CVEs
AI Product Description Generator for WooCommerce – Nexa AI Product Content SmartSuite

AI Product Description Generator for WooCommerce – Nexa AI Product Content SmartSuite

nexa-ai-product-content-smartsuite-for-woocommerce-lite

A
100

Generate product titles, descriptions, tags, and FAQs with AI. One-click WooCommerce content automation.

80 No CVEs
Ochatbot – AI Chatbot for eCommerce & Support

Ochatbot – AI Chatbot for eCommerce & Support

ochatbot-and-ometrics-conversion-optimization-tools

A
100

Increase eCommerce sales and leads with Ochatbot - a free AI Chatbot.

60 No CVEs
Promptor

Promptor

promptor

A
100

Your 24/7 AI Sales Assistant for WordPress. Convert visitors into leads with intelligent chat powered by your own content.

0 No CVEs
Developer Profile

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce Developer Profile

Dogu Pekgoz

1 plugin · 400 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ai-product-tools/assets/css/frontend/faq-frontend.css/wp-content/plugins/ai-product-tools/assets/js/frontend/faq-frontend.js
Script Paths
/wp-content/plugins/ai-product-tools/assets/js/frontend/faq-frontend.js
Version Parameters
ai-product-tools/assets/css/frontend/faq-frontend.css?ver=ai-product-tools/assets/js/frontend/faq-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
aipt-faq-accordion-itemaipt-faq-accordion-titleaipt-faq-accordion-content
HTML Comments
<!-- AIPT FAQ Frontend Renderer --><!-- AIPT FAQ Accordion -->
Data Attributes
data-aipt-faq-toggle-icondata-aipt-faq-accordion-itemdata-aipt-faq-accordion-titledata-aipt-faq-accordion-content
JS Globals
window.AIPT_FAQ_SETTINGSwindow.AIPT_FAQ_LOCALIZE
Shortcode Output
[ai_product_faqs]
FAQ

Frequently Asked Questions about AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce