Does dAIrect Chat have any unpatched vulnerabilities?

No. All known vulnerabilities in dAIrect Chat have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is dAIrect Chat compatible with WordPress 6.8.5?

According to WordPress.org data, dAIrect Chat 1.1.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is dAIrect Chat updated?

dAIrect Chat was last updated on Unknown. Frequent updates are generally a positive security signal.

What is dAIrect Chat's security score?

dAIrect Chat has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

dAIrect Chat Security & Risk Analysis

wordpress.org/plugins/dairect-chat

dAIrect Chat is a lightweight Gemini AI chat widget for WordPress with multi-turn memory, voice input, and custom system instructions.

10 active installs v1.1.4 PHP + WP 6.0+ Updated Unknown

aichatbotgeminillmwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is dAIrect Chat Safe to Use in 2026?

Generally Safe

Score 100/100

dAIrect Chat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "dairect-chat" v1.1.4 plugin demonstrates a strong security posture based on the provided static analysis. It correctly utilizes prepared statements for all SQL queries and ensures all output is properly escaped, which are critical best practices for preventing common web vulnerabilities like SQL injection and cross-site scripting (XSS). The absence of dangerous functions and file operations further reinforces this positive assessment. The plugin also appears to implement nonce checks on its AJAX handlers, although capability checks are entirely absent, representing a potential area for improvement in access control.

The taint analysis found no unsanitized paths, indicating that data flowing through the plugin is likely handled safely. The external HTTP requests are a minor point of attention, as these could potentially introduce risks if the external services are compromised or if the data sent is sensitive. However, without further context on the nature of these requests, the immediate risk is considered low.

The plugin's vulnerability history is completely clean, with no recorded CVEs. This, combined with the strong static analysis results, suggests a well-developed and secure plugin. The absence of capability checks is the most significant omission identified, as it could lead to unauthorized access if not properly handled by the surrounding WordPress environment. Overall, "dairect-chat" v1.1.4 appears to be a secure plugin, with the main area for consideration being the implementation of role-based access control.

Key Concerns

Missing capability checks on entry points

Vulnerabilities

None known

dAIrect Chat Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

dAIrect Chat Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped29 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

dairect_chat_render_settings_page (admin\settings-page.php:30)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

dAIrect Chat Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 4

authwp_ajax_dairect_chatincludes\api-handler.php:78

noprivwp_ajax_dairect_chatincludes\api-handler.php:79

authwp_ajax_dairect_chat_clearincludes\api-handler.php:87

noprivwp_ajax_dairect_chat_clearincludes\api-handler.php:88

Shortcodes 1

[dairect_chat_widget] dairect-chat.php:35

WordPress Hooks 4

actionadmin_initadmin\settings-page.php:129

actionadmin_menudairect-chat.php:24

actionwp_enqueue_scriptsdairect-chat.php:49

actioninitincludes\api-handler.php:5

Maintenance & Trust

dAIrect Chat Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedUnknown

PHP min version

Downloads368

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

dAIrect Chat Alternatives

AI Bud – AI Content Generator, AI Chatbot, ChatGPT, Gemini, GPT-4o

aibuddy-openai-chatgpt

100

AI Bud an AI Content & Image Generation, AI ChatBot, ChatGPT, OpenAI, Perplexity, Gemini, GPT-4o, LLAMA, Mistral

3K No CVEs

AI Chatbot & Live Chat with ChatGPT Support by WebChatAgent

webchatagent

100

Add an AI chatbot and live chat to your WordPress site. Answer visitors 24/7, capture leads, book appointments and hand over chats to humans when it m …

400 No CVEs

SendPulse – Live Chat and Chatbot

sendpulse-live-chat-and-chatbot

100

Free live chat and chatbot plugin by SendPulse. Add live chats to your website to engage your site visitors and help solve their issues in real time.

100 No CVEs

Antimanual – Automate manual tasks with 24/7 AI Agent (Article Writer, AI Chatbot, Auto Posting, Auto Reply, FAQ Generator, Bulk Rewriter, Docs Generator etc)

antimanual

100

AI-powered WordPress plugin with smart chatbot, auto-posting, docs generator, bulk rewrite, FAQ generator, forum AI, and search. OpenAI & Gemini.

80 No CVEs

Limb AI Chatbot

limb-chatbot

100

AI chatbot with ChatGPT, Gemini 2.5, RAG technology, WooCommerce integration, live agent, and unlimited knowledge training.

70 No CVEs

Developer Profile

dAIrect Chat Developer Profile

rsnare

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect dAIrect Chat

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dairect-chat/public/chat-widget.js/wp-content/plugins/dairect-chat/public/chat-widget.css

Script Paths

/wp-content/plugins/dairect-chat/public/chat-widget.js

Version Parameters

dairect-chat/public/chat-widget.js?ver=dairect-chat/public/chat-widget.css?ver=

HTML / DOM Fingerprints

CSS Classes

dairect-chat-widgetchat-messageschat-inputchat-sendchat-clearchat-mic

Data Attributes

id="dairect-chat-widget"id="chat-messages"id="chat-input"id="chat-send"id="chat-clear"id="chat-mic"

JS Globals

DairectChatAjax

Shortcode Output

<div id="dairect-chat-widget">
    <div id="chat-messages"></div>
    <input type="text" id="chat-input" placeholder="Type a message..." />
    <div style="margin-top: 10px;">
      <button id="chat-send">Send</button>
      <button id="chat-clear">Clear Chat</button>
      <button id="chat-mic" title="Click to speak">🎤</button>
    </div>
  </div>

FAQ