WP-Safety

Aspired Chatbot Security & Risk Analysis

wordpress.org/plugins/aspired-chatbot

A WordPress chatbot plugin with a manual knowledge base, site scanner, analytics, and OpenAI-powered replies restricted to approved site information.

0 active installs v1.0.2 PHP 7.4+ WP 6.0+ Updated Mar 27, 2026
ai-chatbotchatbotknowledge-baseopenaisupport-chatbot
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Aspired Chatbot Safe to Use in 2026?

Generally Safe

Score 100/100

Aspired Chatbot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'aspired-chatbot' plugin v1.0.2 demonstrates several positive security practices, including 100% use of prepared statements for SQL queries and proper output escaping, which are crucial for preventing common web vulnerabilities. The absence of known CVEs and a clean vulnerability history further suggests a generally secure development approach. The presence of numerous nonce and capability checks indicates an effort to implement standard WordPress security measures.

However, a significant concern arises from the static analysis: one unprotected REST API route within the plugin's attack surface. This represents a direct entry point that could be exploited if it handles user-supplied data without proper authorization or sanitization. While taint analysis found no specific issues, the existence of an unprotected REST API route alone is a notable risk that needs immediate attention. The plugin's limited attack surface overall is a strength, but the presence of even one unprotected component is a critical oversight.

In conclusion, the plugin has a strong foundation in secure coding practices for SQL and output handling, and a positive track record. The primary weakness is the single, unprotected REST API endpoint. Addressing this single point of failure would significantly improve the plugin's security posture.

Key Concerns

  • Unprotected REST API route
Vulnerabilities
None known

Aspired Chatbot Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Aspired Chatbot Release Timeline

v1.0.2Current
v1.0.1
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

Aspired Chatbot Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
24 prepared
Unescaped Output
0
436 escaped
Nonce Checks
15
Capability Checks
14
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared24 total queries

Output Escaping

100% escaped436 total outputs
Attack Surface
1 unprotected

Aspired Chatbot Attack Surface

Entry Points1
Unprotected1

REST API Routes 1

POST/wp-json/aspich/v1/chatincludes/class-aspich-rest.php:34
WordPress Hooks 15
actionadmin_menuincludes/class-aspich-admin-pages.php:75
actionadmin_enqueue_scriptsincludes/class-aspich-admin-pages.php:76
actionadmin_post_ASPICH_add_scan_to_kbincludes/class-aspich-admin-pages.php:77
actionadmin_post_ASPICH_bulk_add_scan_to_kbincludes/class-aspich-admin-pages.php:78
actionadmin_post_ASPICH_add_manual_kb_entryincludes/class-aspich-admin-pages.php:79
actionadmin_post_ASPICH_update_manual_kb_entryincludes/class-aspich-admin-pages.php:80
actionadmin_post_ASPICH_remove_kb_entryincludes/class-aspich-admin-pages.php:81
actionadd_meta_boxesincludes/class-aspich-admin-pages.php:82
actionsave_postincludes/class-aspich-admin-pages.php:83
actionadmin_post_aspich_export_analytics_csvincludes/class-aspich-analytics.php:25
actionadmin_post_aspich_delete_all_analyticsincludes/class-aspich-analytics.php:26
actionwp_enqueue_scriptsincludes/class-aspich-frontend.php:23
actionwp_footerincludes/class-aspich-frontend.php:24
actionrest_api_initincludes/class-aspich-rest.php:25
actionadmin_initincludes/class-aspich-settings.php:69
Maintenance & Trust

Aspired Chatbot Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 27, 2026
PHP min version7.4
Downloads130

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Aspired Chatbot Alternatives

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

Support Genix – Helpdesk, AI Chatbot, Knowledge Base & Customer Support Ticketing System

support-genix-lite

A
97

AI-powered helpdesk & support ticket system with chatbot, knowledge base, and smart automation for WordPress.

1K 3 CVEs
Chatbot with ChatGPT WordPress

Chatbot with ChatGPT WordPress

smartsearchwp

A
94

Turn your WordPress content into a ChatGPT-powered AI assistant with semantic search, contextual answers, and full control.

100 4 CVEs
TM Chatbot Assistant

TM Chatbot Assistant

tm-chatbot-assistant

A
100

A powerful AI chatbot for use with Wordpress that enables OpenAI's Assistants to provide intelligent, conversational support to your website visitors.

10 No CVEs
A1AI Chatbot

A1AI Chatbot

a1ai-chatbot

A
100

AI-powered chatbot solution for WordPress powered by OpenAI's language models.

0 No CVEs
AI Assistant: GPT ChatBot

AI Assistant: GPT ChatBot

ai-assistant-gpt-chatbot

A
100

The AI Assistant WordPress plugin integrates an AI-driven chat feature on your WordPress site.

0 No CVEs
Developer Profile

Aspired Chatbot Developer Profile

aspiredwebsites

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Aspired Chatbot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/aspired-chatbot/assets/css/admin.css/wp-content/plugins/aspired-chatbot/assets/js/admin.js
Version Parameters
aspired-chatbot/assets/css/admin.css?ver=aspired-chatbot/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
aspich-upgrade-menu-label
Data Attributes
name="aspich_page_starters"id="aspich_page_starters_nonce"name="aspich_page_starters_nonce"
FAQ

Frequently Asked Questions about Aspired Chatbot