Does AI Workflow Automation – AI Agent Hub have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is AI Workflow Automation – AI Agent Hub compatible with WordPress 7.0?

According to WordPress.org data, AI Workflow Automation – AI Agent Hub 1.5.0 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is AI Workflow Automation – AI Agent Hub compatible with PHP 7.4+?

AI Workflow Automation – AI Agent Hub requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is AI Workflow Automation – AI Agent Hub updated?

AI Workflow Automation – AI Agent Hub was last updated on Apr 13, 2026. Frequent updates are generally a positive security signal.

What is AI Workflow Automation – AI Agent Hub's security score?

AI Workflow Automation – AI Agent Hub has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AI Workflow Automation – AI Agent Hub Security & Risk Analysis

wordpress.org/plugins/ai-workflow-automation-ai-agent-hub

AI-powered WordPress hub: 80+ abilities, MCP server, block editor AI experiments, RBAC, JWT auth, and workflows.

10 active installs v1.5.0 PHP 7.4+ WP 6.8+ Updated Apr 13, 2026

abilities-apiaiautomationmcpworkflow

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AI Workflow Automation – AI Agent Hub Safe to Use in 2026?

Generally Safe

Score 100/100

AI Workflow Automation – AI Agent Hub has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "ai-workflow-automation-ai-agent-hub" plugin v1.5.0 demonstrates a generally good security posture, with several positive indicators. Notably, all SQL queries are properly prepared, and all identified outputs are correctly escaped, mitigating common injection and cross-site scripting vulnerabilities. The plugin also implements a robust number of capability checks and nonce checks, indicating an effort to secure its functionalities.

However, the analysis reveals a potential area of concern: one of the three REST API routes lacks a permission callback. This means that an unauthenticated user could potentially interact with this route, creating an entry point that might be exploitable if not carefully designed to handle public data or if it indirectly triggers sensitive actions. Despite this, the static analysis found no dangerous functions, no unsanitized paths in taint flows, and the vulnerability history is entirely clean, suggesting that this specific unprotected entry point may not currently lead to a severe vulnerability. Overall, the plugin is well-constructed, but the unprotected REST API route warrants attention for potential future hardening.

Key Concerns

REST API route without permission callback

Vulnerabilities

None known

AI Workflow Automation – AI Agent Hub Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

AI Workflow Automation – AI Agent Hub Release Timeline

v1.5.0Current

v1.4.2

v1.4.1

v1.4.0

v1.3.0

v1.2.1

v1.2.0

v1.1.0

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

AI Workflow Automation – AI Agent Hub Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

226 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared10 total queries

Output Escaping

100% escaped226 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

ajax_save_settings (src/Admin/MCP_Settings.php:152)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

AI Workflow Automation – AI Agent Hub Attack Surface

Entry Points7

Unprotected1

AJAX Handlers 4

authwp_ajax_wordpress_mcp_save_settingssrc/Admin/MCP_Settings.php:29

authwp_ajax_wordpress_mcp_toggle_toolsrc/Admin/MCP_Settings.php:30

authwp_ajax_atlas_plugins_refreshsrc/Admin/MCP_Settings.php:31

authwp_ajax_awfah_dismiss_pro_noticesrc/Admin/Pro_Upsell_Notice.php:29

REST API Routes 3

POST/wp-json/jwt-auth/v1/tokensrc/Auth/JwtAuth.php:129

POST/wp-json/jwt-auth/v1/revokesrc/Auth/JwtAuth.php:159

GET/wp-json/jwt-auth/v1/tokenssrc/Auth/JwtAuth.php:169

WordPress Hooks 33

actionadmin_noticesai-workflow-automation-ai-agent-hub.php:31

actioninitai-workflow-automation-ai-agent-hub.php:58

actionplugins_loadedai-workflow-automation-ai-agent-hub.php:68

actionenqueue_block_editor_assetssrc/Admin/Editor_Experiments.php:24

actionenqueue_block_editor_assetssrc/Admin/Editor_Experiments.php:25

actionenqueue_block_editor_assetssrc/Admin/Editor_Experiments.php:26

actionenqueue_block_editor_assetssrc/Admin/Editor_Experiments.php:27

actionenqueue_block_editor_assetssrc/Admin/Editor_Experiments.php:28

actioninitsrc/Admin/Editor_Experiments.php:29

actionwp_dashboard_setupsrc/Admin/Error_Dashboard_Widget.php:27

actionadmin_menusrc/Admin/MCP_Settings.php:26

actionadmin_initsrc/Admin/MCP_Settings.php:27

actionadmin_enqueue_scriptssrc/Admin/MCP_Settings.php:28

actionadmin_menusrc/Admin/Mcp_Page.php:14

actionadmin_menusrc/Admin/Menu.php:26

actionadmin_enqueue_scriptssrc/Admin/Menu.php:27

actionadmin_headsrc/Admin/Menu.php:28

actionadd_meta_boxessrc/Admin/Post_Meta_Box.php:14

actionadmin_enqueue_scriptssrc/Admin/Post_Meta_Box.php:15

actionadmin_noticessrc/Admin/Pro_Upsell_Notice.php:28

actionrest_api_initsrc/Auth/JwtAuth.php:118

filterrest_authentication_errorssrc/Auth/JwtAuth.php:119

filterawfah_authenticate_requestsrc/Auth/JwtAuth.php:121

actionadmin_initsrc/Plugin.php:114

actiontemplate_redirectsrc/Plugin.php:116

actionadmin_initsrc/Plugin.php:117

actionrest_api_initsrc/Plugin.php:611

actionwp_abilities_api_categories_initsrc/Plugin.php:626

actionwp_abilities_api_initsrc/Plugin.php:632

actionmcp_adapter_initsrc/Plugin.php:677

filtermcp_adapter_list_toolssrc/Plugin.php:684

filtermcp_adapter_can_call_toolsrc/Plugin.php:685

filterhttp_request_argssrc/Service/AI_Provider_Manager.php:275

Maintenance & Trust

AI Workflow Automation – AI Agent Hub Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedApr 13, 2026

PHP min version7.4

Downloads774

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

AI Workflow Automation – AI Agent Hub Alternatives

AI Chatbot & Workflow Automation by AIWU

ai-copilot-content-generator

AI automations you’ll actually use: Workflow Builder, AI Chatbot, AI Forms, Content Generation, Autoblogging, WooCommerce AI and MCP.

1K 1 unpatched

theMarketer – Email marketing, Newsletters, Automation & Loyalty for Woocommerce

themarketer

Collect subscribers. Send newsletters. Create 1:1 personalised emails using dynamic blocks. Activate one of almost 30 predefined workflows.

700 1 CVE

Easy MCP AI

easy-mcp-ai

100

Connect Claude, ChatGPT & any MCP-compatible AI to WordPress — create, edit & manage content without the admin panel. 100+ built-in tools. 100% free.

300 No CVEs

WPRaiz Content API Tool

wpraiz-content-api-tool

100

REST API + MCP Server for WordPress. Create, update, and manage posts programmatically. AI content generation with your own API keys (BYOK).

60 No CVEs

WPBot Automator – Automation for WordPress Visual No-Code WorkFlow Builder

wpbot

100

Automation plugin for WordPress with a visual no-code builder. Create automated workflows to connect WordPress, WooCommerce, WPForms, & more

30 No CVEs

Developer Profile

AI Workflow Automation – AI Agent Hub Developer Profile

Azizul Hasan

5 plugins · 4K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

53 days

View full developer profile

Detection Fingerprints

How We Detect AI Workflow Automation – AI Agent Hub

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ai-workflow-automation-ai-agent-hub/assets/js/experiments-build/excerpt-generation/index.js/wp-content/plugins/ai-workflow-automation-ai-agent-hub/assets/js/experiments-build/image-generation/index.js/wp-content/plugins/ai-workflow-automation-ai-agent-hub/assets/js/experiments-build/summarization/index.js/wp-content/plugins/ai-workflow-automation-ai-agent-hub/assets/js/experiments-build/title-generation/index.js/wp-content/plugins/ai-workflow-automation-ai-agent-hub/assets/js/experiments-build/alt-text-generation/index.js/wp-content/plugins/ai-workflow-automation-ai-agent-hub/assets/js/editor-experiments.js

Script Paths

Version Parameters

ai-workflow-automation-ai-agent-hub/assets/js/experiments-build/excerpt-generation/index.asset.phpai-workflow-automation-ai-agent-hub/assets/js/experiments-build/image-generation/index.asset.phpai-workflow-automation-ai-agent-hub/assets/js/experiments-build/summarization/index.asset.phpai-workflow-automation-ai-agent-hub/assets/js/experiments-build/title-generation/index.asset.phpai-workflow-automation-ai-agent-hub/assets/js/experiments-build/alt-text-generation/index.asset.phpai-workflow-automation-ai-agent-hub/assets/js/editor-experiments.asset.php

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-wp-edit-post="editorExperiments"

JS Globals

window.awfah_editor_experiments_data

REST Endpoints

/wp-json/ai-workflow-automation-ai-agent-hub/v1/get-settings/wp-json/wp/v2/types/attachment?context=edit

FAQ