Does ChatReact – AI Chatbot, Smart Forms & FAQs have any unpatched vulnerabilities?

No. All known vulnerabilities in ChatReact – AI Chatbot, Smart Forms & FAQs have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ChatReact – AI Chatbot, Smart Forms & FAQs compatible with WordPress 6.9.4?

According to WordPress.org data, ChatReact – AI Chatbot, Smart Forms & FAQs 1.1.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ChatReact – AI Chatbot, Smart Forms & FAQs compatible with PHP 7.4+?

ChatReact – AI Chatbot, Smart Forms & FAQs requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ChatReact – AI Chatbot, Smart Forms & FAQs updated?

ChatReact – AI Chatbot, Smart Forms & FAQs was last updated on Mar 5, 2026. Frequent updates are generally a positive security signal.

What is ChatReact – AI Chatbot, Smart Forms & FAQs's security score?

ChatReact – AI Chatbot, Smart Forms & FAQs has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ChatReact – AI Chatbot, Smart Forms & FAQs Security & Risk Analysis

wordpress.org/plugins/chatreact

Add an AI-powered chatbot, anti-spam contact forms, and FAQ accordions to your WordPress site. No coding required.

0 active installs v1.1.3 PHP 7.4+ WP 5.8+ Updated Mar 5, 2026

ai-chatchatbotcontact-formfaqlive-chat

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ChatReact – AI Chatbot, Smart Forms & FAQs Safe to Use in 2026?

Generally Safe

Score 100/100

ChatReact – AI Chatbot, Smart Forms & FAQs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 29d ago

Risk Assessment

The "chatreact" plugin v1.1.3 exhibits a generally strong security posture based on the provided static analysis. A significant strength is the complete absence of unprotected entry points, with all AJAX handlers and REST API routes appearing to have proper authentication and permission checks. The plugin also demonstrates good practices in its use of prepared statements for all SQL queries and a high percentage of properly escaped output. The low number of external HTTP requests and the presence of nonce checks further contribute to its secure design.

Despite these positive indicators, the taint analysis revealed two flows with unsanitized paths. While these did not escalate to critical or high severity in the static analysis, unsanitized paths represent a potential risk for input validation issues that could be exploited in certain scenarios, especially if combined with other less secure practices. The plugin's vulnerability history shows no recorded CVEs, which is a very positive sign indicating a lack of publicly known exploitable flaws. However, this can also be a reflection of limited testing or discovery rather than guaranteed absolute security.

In conclusion, "chatreact" v1.1.3 appears to be a securely coded plugin with robust access control and data handling mechanisms. The primary area of concern lies with the identified unsanitized paths, which, while not immediately critical, warrant attention and further investigation to ensure no exploitable vulnerabilities exist. The absence of past vulnerabilities is a strong indicator of developer diligence, but the presence of unsanitized paths necessitates vigilance.

Key Concerns

Flows with unsanitized paths detected

Vulnerabilities

None known

ChatReact – AI Chatbot, Smart Forms & FAQs Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ChatReact – AI Chatbot, Smart Forms & FAQs Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

103 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

94% escaped110 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

ajax_save_post_types (admin\class-admin.php:483)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ChatReact – AI Chatbot, Smart Forms & FAQs Attack Surface

Entry Points15

Unprotected0

AJAX Handlers 10

authwp_ajax_chatreact_save_assignmentadmin\class-admin.php:57

authwp_ajax_chatreact_update_assignmentadmin\class-admin.php:58

authwp_ajax_chatreact_delete_assignmentadmin\class-admin.php:59

authwp_ajax_chatreact_search_postsadmin\class-admin.php:60

authwp_ajax_chatreact_save_post_typesadmin\class-admin.php:61

authwp_ajax_chatreact_get_post_typesadmin\class-admin.php:62

authwp_ajax_chatreact_save_integration_keyadmin\class-admin.php:63

authwp_ajax_chatreact_save_sitemap_settingsadmin\class-admin.php:64

authwp_ajax_chatreact_clear_faq_cacheadmin\class-admin.php:65

authwp_ajax_chatreact_save_faq_cache_settingsadmin\class-admin.php:66

REST API Routes 2

GET/wp-json/chatreact/v1/sitemapincludes\class-rest-api.php:29

POST/wp-json/chatreact/v1/purge-faq-cacheincludes\class-rest-api.php:35

Shortcodes 3

[chatreact] includes\class-shortcodes.php:48

[chatreact_form] includes\class-shortcodes.php:49

[chatreact_faq] includes\class-shortcodes.php:50

WordPress Hooks 25

actionadmin_menuadmin\class-admin.php:55

actionadmin_enqueue_scriptsadmin\class-admin.php:56

actionwp_footerchatreact.php:63

actionplugins_loadedchatreact.php:65

actionelementor/widgets/registerelementor\class-elementor.php:59

actionelementor/elements/categories_registeredelementor\class-elementor.php:62

actioninitincludes\class-blocks.php:41

actioninitincludes\class-blocks.php:42

actionwp_footerincludes\class-chatreact.php:63

actioninitincludes\class-chatreact.php:64

actiontemplate_redirectincludes\class-chatreact.php:65

filterrocket_exclude_jsincludes\class-chatreact.php:74

filterrocket_minify_excluded_external_jsincludes\class-chatreact.php:76

filterrocket_delay_js_exclusionsincludes\class-chatreact.php:78

filterrocket_rucss_external_exclusionsincludes\class-chatreact.php:80

filterlitespeed_optimize_js_excludesincludes\class-chatreact.php:83

filterautoptimize_filter_js_excludeincludes\class-chatreact.php:86

filterquery_varsincludes\class-chatreact.php:451

filterredirect_canonicalincludes\class-chatreact.php:457

filterscript_loader_tagincludes\class-chatreact.php:596

actionadd_meta_boxesincludes\class-meta-boxes.php:48

actionsave_postincludes\class-meta-boxes.php:49

actionwp_footerincludes\class-meta-boxes.php:50

actionadmin_enqueue_scriptsincludes\class-meta-boxes.php:51

actionrest_api_initincludes\class-rest-api.php:25

Maintenance & Trust

ChatReact – AI Chatbot, Smart Forms & FAQs Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 5, 2026

PHP min version7.4

Downloads328

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

ChatReact – AI Chatbot, Smart Forms & FAQs Alternatives

Buttonizer – Live Chat, AI Chatbot, & Chat Widgets

button-contact-vr

Powerful platform with Live Chat, AI Chatbots, and Real-Time Visitor Monitoring! Also, create Call, Email, SMS, & Contact buttons to increase conv …

60K 3 CVEs

Lime Connect (formerly Userlike) – WordPress Live Chat plugin

userlike

100

Free live chat plugin to chat with the visitors of your website. Integrate a beautiful and fully customizable chat box. Hosted in Europe.

1K 1 CVE

Live Chat & AI Chatbots – onWebChat

onwebchat

Enhance customer service with instant 24/7 AI-powered replies. Now with WooCommerce integration, so your chatbot understands your products and helps c …

800 1 CVE

AI Chatbot for WordPress by Customerly

customerly

AI Chatbot to support customers, create engaging messages and send automated emails.

400 No CVEs

Social Intents – Live Chat

live-chat-support-by-social-intents

AI Chatbot & Live Chat plugin for WordPress. Chat with visitors using ChatGPT, Claude, Gemini, Slack, Teams, and Google Chat.

400 1 unpatched

Developer Profile

ChatReact – AI Chatbot, Smart Forms & FAQs Developer Profile

AdSimple

4 plugins · 620 total installs

trust score

Avg Security Score

94/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ChatReact – AI Chatbot, Smart Forms & FAQs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/chatreact/assets/css/admin.css/wp-content/plugins/chatreact/assets/js/admin.js

Script Paths

/wp-content/plugins/chatreact/assets/js/admin.js

Version Parameters

chatreact/assets/css/admin.css?ver=chatreact/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

chatreact-widget-containerchatreact-input-boxchatreact-send-buttonchatreact-message-bubblechatreact-quick-reply

Data Attributes

data-chatreact-widget-iddata-chatreact-settings

JS Globals

chatreactAdmin

REST Endpoints

/wp-json/chatreact/v1/assignments/wp-json/chatreact/v1/post_types/wp-json/chatreact/v1/integration-key/wp-json/chatreact/v1/sitemap-settings/wp-json/chatreact/v1/faq-cache/wp-json/chatreact/v1/faq-cache-settings

Shortcode Output

[chatreact_chatbot[chatreact_form[chatreact_faq

FAQ