WP-Safety

CraftEngineer SmartCommerce AI Security & Risk Analysis

wordpress.org/plugins/craftengineer-smartcommerce-ai

AI tools for WordPress and WooCommerce with chatbot, content generation, recommendations, SEO helpers, and custom post type builder.

0 active installs v1.0.0 PHP 7.4+ WP 5.8+ Updated Apr 2, 2026
aichatbotcontentseowoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is CraftEngineer SmartCommerce AI Safe to Use in 2026?

Generally Safe

Score 100/100

CraftEngineer SmartCommerce AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The craftengineer-smartcommerce-ai plugin v1.0.0 exhibits a generally strong security posture based on the provided static analysis. The complete absence of unprotected AJAX handlers, REST API routes, and the use of prepared statements for all SQL queries are significant positive indicators. Furthermore, the plugin demonstrates good practices with a high percentage of properly escaped output, the presence of nonce checks for its AJAX handlers, and capability checks, all contributing to a reduced attack surface. The lack of file operations and known vulnerabilities further strengthens this positive outlook.

However, there are a few areas that warrant attention. While the total number of AJAX handlers is notable, the lack of specific details on the implementation of the capability checks leaves a slight ambiguity. The presence of external HTTP requests, while not inherently a vulnerability, represents a potential indirect attack vector if the external services are compromised. The absence of any recorded vulnerability history, while excellent, could also be interpreted as the plugin being relatively new or having limited exposure, meaning future vulnerabilities are still possible.

Overall, the plugin appears to be developed with security in mind, adhering to many best practices. The identified strengths significantly outweigh the minor concerns. Continued vigilance and regular security audits are always recommended, especially as the plugin evolves and its user base grows.

Key Concerns

  • External HTTP requests made
Vulnerabilities
None known

CraftEngineer SmartCommerce AI Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

CraftEngineer SmartCommerce AI Release Timeline

v1.0.0Current
Code Analysis
Analyzed Apr 16, 2026

CraftEngineer SmartCommerce AI Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
9 prepared
Unescaped Output
11
169 escaped
Nonce Checks
14
Capability Checks
12
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared9 total queries

Output Escaping

94% escaped180 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
ajax_generate_layout (modules/cpt-builder/class-ssai-cpt-builder.php:422)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

CraftEngineer SmartCommerce AI Attack Surface

Entry Points15
Unprotected0

AJAX Handlers 14

authwp_ajax_ssai_test_apiincludes/class-ssai-admin.php:10
authwp_ajax_ssai_chatmodules/chatbot/class-ssai-chatbot.php:11
noprivwp_ajax_ssai_chatmodules/chatbot/class-ssai-chatbot.php:12
authwp_ajax_ssai_generate_product_descmodules/content-generator/class-ssai-content-generator.php:14
authwp_ajax_ssai_generate_seo_metamodules/content-generator/class-ssai-content-generator.php:15
authwp_ajax_ssai_generate_tagsmodules/content-generator/class-ssai-content-generator.php:16
authwp_ajax_ssai_generate_blog_postmodules/content-generator/class-ssai-content-generator.php:17
authwp_ajax_ssai_generate_image_promptmodules/content-generator/class-ssai-content-generator.php:18
authwp_ajax_ssai_generate_cptmodules/cpt-builder/class-ssai-cpt-builder.php:10
authwp_ajax_ssai_save_cptmodules/cpt-builder/class-ssai-cpt-builder.php:11
authwp_ajax_ssai_delete_cptmodules/cpt-builder/class-ssai-cpt-builder.php:12
authwp_ajax_ssai_generate_layoutmodules/cpt-builder/class-ssai-cpt-builder.php:13
authwp_ajax_ssai_list_cptsmodules/cpt-builder/class-ssai-cpt-builder.php:14
authwp_ajax_ssai_save_seo_metamodules/seo/class-ssai-seo.php:10

Shortcodes 1

[ssai_recommendations] modules/recommendations/class-ssai-recommendations.php:10
WordPress Hooks 13
actioninitcraftengineer-smartcommerce-ai.php:48
actionplugins_loadedcraftengineer-smartcommerce-ai.php:49
actionadmin_menuincludes/class-ssai-admin.php:7
actionadmin_enqueue_scriptsincludes/class-ssai-admin.php:8
actionadmin_initincludes/class-ssai-admin.php:9
actionwp_enqueue_scriptsmodules/chatbot/class-ssai-chatbot.php:9
actionwp_footermodules/chatbot/class-ssai-chatbot.php:10
actionadd_meta_boxesmodules/content-generator/class-ssai-content-generator.php:10
actionadmin_enqueue_scriptsmodules/content-generator/class-ssai-content-generator.php:11
actioninitmodules/cpt-builder/class-ssai-cpt-builder.php:9
actionadd_meta_boxesmodules/cpt-builder/class-ssai-cpt-builder.php:94
actionwoocommerce_after_single_product_summarymodules/recommendations/class-ssai-recommendations.php:11
actionwp_headmodules/seo/class-ssai-seo.php:9
Maintenance & Trust

CraftEngineer SmartCommerce AI Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 2, 2026
PHP min version7.4
Downloads79

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

CraftEngineer SmartCommerce AI Alternatives

AIKTP

AIKTP

aiktp

A
99

AI-powered content automation. Generate SEO-optimized articles and WooCommerce product descriptions with bulk generation support.

3K 1 CVE
MxChat – AI Chatbot & Content Generation for WordPress

MxChat – AI Chatbot & Content Generation for WordPress

mxchat-basic

A
98

The best free AI chatbot and content generation plugin for WordPress. Train ChatGPT, Claude, Gemini, or Grok on your website content.

1K 2 CVEs
AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce

ai-product-tools

A
100

All-in-One AI Suite for WooCommerce: Bulk generate descriptions, titles, tags, FAQs, SEO Meta & AI Chatbot via OpenAI, Gemini, Claude & OpenRouter

400 No CVEs
StoreAgent – WooCommerce AI Chatbot & AI Content Tools

StoreAgent – WooCommerce AI Chatbot & AI Content Tools

storeagent-ai-for-woocommerce

A
100

WooCommerce AI Chatbot for stores with built-in AI content tools. Generate product descriptions, answer customer questions & more with AI.

300 No CVEs
Adeait Product Writer for WooCommerce

Adeait Product Writer for WooCommerce

adeait-product-writer-for-woocommerce

A
100

Generate professional product titles, descriptions and SEO meta in one click using Claude AI by Anthropic.

0 No CVEs
Developer Profile

CraftEngineer SmartCommerce AI Developer Profile

WP Craft Engineer

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CraftEngineer SmartCommerce AI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/craftengineer-smartcommerce-ai/admin/css/admin.css/wp-content/plugins/craftengineer-smartcommerce-ai/admin/js/admin.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/css/chatbot.css/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/chatbot.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/css/recommendations.css/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/recommendations.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/css/seo.css/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/seo.js+3 more
Script Paths
/wp-content/plugins/craftengineer-smartcommerce-ai/admin/js/admin.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/chatbot.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/recommendations.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/seo.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/content-generator.js/wp-content/plugins/craftengineer-smartcommerce-ai/public/js/cpt-builder.js
Version Parameters
craftengineer-smartcommerce-ai/admin/css/admin.css?ver=craftengineer-smartcommerce-ai/admin/js/admin.js?ver=craftengineer-smartcommerce-ai/public/css/chatbot.css?ver=craftengineer-smartcommerce-ai/public/js/chatbot.js?ver=craftengineer-smartcommerce-ai/public/css/recommendations.css?ver=craftengineer-smartcommerce-ai/public/js/recommendations.js?ver=craftengineer-smartcommerce-ai/public/css/seo.css?ver=craftengineer-smartcommerce-ai/public/js/seo.js?ver=craftengineer-smartcommerce-ai/public/js/content-generator.js?ver=craftengineer-smartcommerce-ai/public/css/cpt-builder.css?ver=craftengineer-smartcommerce-ai/public/js/cpt-builder.js?ver=

HTML / DOM Fingerprints

CSS Classes
ssai-chatbot-widgetssai-chatbot-input-areassai-chatbot-messagesssai-recommendations-widgetssai-seo-analyzer-resultsssai-cpt-builder-form
HTML Comments
<!-- SSAI Chatbot Widget --><!-- SSAI Recommendations Widget --><!-- SSAI SEO Analyzer --><!-- SSAI CPT Builder -->
Data Attributes
data-ssai-chatbot-endpointdata-ssai-recommendations-endpointdata-ssai-seo-endpointdata-ssai-cpt-builder-endpoint
JS Globals
ssai_adminssai_chatssai_recommendationsssai_seossai_content_generatorssai_cpt_builder
REST Endpoints
/wp-json/ssai/v1/chat/wp-json/ssai/v1/recommendations/wp-json/ssai/v1/seo-analyze/wp-json/ssai/v1/cpt-save
Shortcode Output
[wceai_cpt_list]
FAQ

Frequently Asked Questions about CraftEngineer SmartCommerce AI