WP-Safety

BenriBot for WooCommerce Security & Risk Analysis

wordpress.org/plugins/benribot-for-woocommerce

Integrates the BenriBot AI chat widget into your WooCommerce store with a modern React-based admin interface.

0 active installs v2.0.0 PHP + WP 5.0+ Updated Oct 30, 2025
aichatchatbotecommercewoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is BenriBot for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

BenriBot for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The plugin "benribot-for-woocommerce" v2.0.0 exhibits a generally good security posture based on the provided static analysis. It demonstrates strong practices by not utilizing dangerous functions, ensuring all SQL queries use prepared statements, and properly escaping all output. The absence of file operations and external HTTP requests further reduces potential attack vectors. The vulnerability history is also clean, with no recorded CVEs, indicating a potentially well-maintained and secure plugin.

However, there is a significant concern regarding the REST API. One out of four REST API routes lacks permission callbacks, creating an unprotected entry point. This is the most critical finding from the static analysis and presents a clear security risk. The lack of nonce checks on any entry points, while not explicitly flagged as a deduction based on the provided data (as it doesn't apply to the identified REST API vulnerability), is a generally recommended security practice for handling sensitive operations.

In conclusion, while the plugin benefits from robust coding practices in many areas and a clean vulnerability history, the unprotected REST API route represents a tangible risk that needs immediate attention. This single exposed endpoint could be exploited if it performs sensitive actions or exposes unintended data.

Key Concerns

  • Unprotected REST API route
Vulnerabilities
None known

BenriBot for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

BenriBot for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
4 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

100% escaped4 total outputs
Attack Surface
1 unprotected

BenriBot for WooCommerce Attack Surface

Entry Points4
Unprotected1

REST API Routes 4

GET/wp-json/benribot/v1/statusbenribot-for-woocommerce.php:101
POST/wp-json/benribot/v1/connectbenribot-for-woocommerce.php:113
POST/wp-json/benribot/v1/widget-togglebenribot-for-woocommerce.php:125
GET/wp-json/benribot/v1/callbackbenribot-for-woocommerce.php:137
WordPress Hooks 6
actionadmin_menubenribot-for-woocommerce.php:36
actionadmin_enqueue_scriptsbenribot-for-woocommerce.php:95
actionrest_api_initbenribot-for-woocommerce.php:147
filterscript_loader_tagbenribot-for-woocommerce.php:464
actionwp_footerbenribot-for-woocommerce.php:466
actionadmin_initbenribot-for-woocommerce.php:515
Maintenance & Trust

BenriBot for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 30, 2025
PHP min version
Downloads183

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

BenriBot for WooCommerce Alternatives

ConvertyBot – AI Sales Assistant for WooCommerce

ConvertyBot – AI Sales Assistant for WooCommerce

convertybot

A
100

Transform your WooCommerce store into a 24/7 sales machine! AI-powered chatbot that recommends products, generates coupons, and converts visitors into …

0 No CVEs
FukuroChat Connector

FukuroChat Connector

fukurochat-connector

A
100

Connect your WooCommerce store to FukuroChat AI Assistant. Automatic product sync, intelligent chatbot widget, and seamless integration.

0 No CVEs
MxChat – AI Chatbot & Content Generation for WordPress

MxChat – AI Chatbot & Content Generation for WordPress

mxchat-basic

A
98

The best free AI chatbot and content generation plugin for WordPress. Train ChatGPT, Claude, Gemini, or Grok on your website content.

1K 2 CVEs
Live Chat & AI Chatbots – onWebChat

Live Chat & AI Chatbots – onWebChat

onwebchat

A
99

Enhance customer service with instant 24/7 AI-powered replies. Now with WooCommerce integration, so your chatbot understands your products and helps c …

800 1 CVE
AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce

ai-product-tools

A
100

All-in-One AI Suite for WooCommerce: Bulk generate descriptions, titles, tags, FAQs, SEO Meta & AI Chatbot via OpenAI, Gemini, Claude & OpenRouter

400 No CVEs
Developer Profile

BenriBot for WooCommerce Developer Profile

BenriBot

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect BenriBot for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/benribot-for-woocommerce/build/index.js/wp-content/plugins/benribot-for-woocommerce/build/style-index.css
Script Paths
/wp-content/plugins/benribot-for-woocommerce/build/index.js
Version Parameters
benribot-for-woocommerce/build/index.asset.phpbenribot-adminbenribot-admin

HTML / DOM Fingerprints

CSS Classes
benribot-admin-app
Data Attributes
data-noncedata-api-urldata-logo-url
JS Globals
benribotAdmin
REST Endpoints
/benribot/v1/status/benribot/v1/connect/benribot/v1/widget-toggle/benribot/v1/callback
FAQ

Frequently Asked Questions about BenriBot for WooCommerce