Boei – Chat Widget & AI Chatbot with 50+ Channels Security & Risk Analysis
wordpress.org/plugins/boei-helpCapture every lead. Reply instantly. Close more deals. AI chatbot, 50+ contact channels, single inbox, and lead tracking—all in one WordPress plugin.
Is Boei – Chat Widget & AI Chatbot with 50+ Channels Safe to Use in 2026?
Generally Safe
Score 100/100Boei – Chat Widget & AI Chatbot with 50+ Channels has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "boei-help" v1.8.0 plugin exhibits a generally good security posture, with no known vulnerabilities in its history and a well-protected attack surface. The plugin utilizes prepared statements for all SQL queries and includes nonce and capability checks for its single AJAX entry point. This demonstrates a commitment to following secure development practices.
However, a notable concern arises from the taint analysis, which identified two flows with unsanitized paths. While no critical or high severity issues were flagged, the presence of unsanitized paths, even if not leading to immediate exploitation in this analysis, represents a potential risk. Furthermore, the output escaping is only properly implemented for 49% of outputs, suggesting a risk of cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed.
Overall, the plugin is strong in its defense against common web vulnerabilities like SQL injection and unauthorized access. The absence of a vulnerability history is a positive indicator. The primary weaknesses lie in the potential for unsanitized path issues and insufficient output escaping, which could be exploited in conjunction with other factors or if the plugin's functionality changes. Addressing these areas would significantly enhance its security.
Key Concerns
- Unsanitized paths identified in taint analysis
- Low percentage of properly escaped output
Boei – Chat Widget & AI Chatbot with 50+ Channels Security Vulnerabilities
Boei – Chat Widget & AI Chatbot with 50+ Channels Code Analysis
Output Escaping
Data Flow Analysis
Boei – Chat Widget & AI Chatbot with 50+ Channels Attack Surface
AJAX Handlers 1
WordPress Hooks 4
Maintenance & Trust
Boei – Chat Widget & AI Chatbot with 50+ Channels Maintenance & Trust
Maintenance Signals
Community Trust
Boei – Chat Widget & AI Chatbot with 50+ Channels Alternatives
Sticky Chat Widget – Floating Chat Icons, Contact Form, Call, Click to Chat, Email & Message Buttons
sticky-chat-widget
Social chat buttons with WhatsApp, Messenger, WeChat, Telegram, Instagram, TikTok, Zalo & more — plus SMS, Call button, Contact form, and 20+ icons.
WS Form LITE – Drag & Drop Contact Form Builder
ws-form
Contact form builder for WordPress. Create professional, accessible, mobile-friendly forms in minutes without coding.
Chatbot for WordPress by Collect.chat ⚡️
collectchat
Chatbots without AI are the easiest way to collect leads & data from visitors. Create a free chatbot without coding using Collect.chat.
Contact Forms by Cimatti
contact-forms
Create and publish forms in your WordPress website with drag and drop. Contact forms, landing page forms, invitations, and more.
Lead Generation Form
lead-generation-form
Create lead forms with drag-and-drop builder, capture leads, and export data easily.
Boei – Chat Widget & AI Chatbot with 50+ Channels Developer Profile
1 plugin · 1K total installs
How We Detect Boei – Chat Widget & AI Chatbot with 50+ Channels
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/boei-help/boei-help.jshttps://app.boei.help/embed/k/https://cdn.boei.help/hello.jsHTML / DOM Fingerprints
boei-carddata-boei-keyBoeiWidgetSettings/wp-json/boei-help/v1/settings