Does dAIrect Chat have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is dAIrect Chat compatible with WordPress 6.8.5?

According to WordPress.org data, dAIrect Chat 1.1.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is dAIrect Chat updated?

dAIrect Chat was last updated on Jul 6, 2025. Frequent updates are generally a positive security signal.

What is dAIrect Chat's security score?

dAIrect Chat has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

dAIrect Chat Security & Risk Analysis

wordpress.org/plugins/dairect-chat

dAIrect Chat is a lightweight Gemini AI chat widget for WordPress with multi-turn memory, voice input, and custom system instructions.

10 active installs v1.1.4 PHP + WP 6.0+ Updated Jul 6, 2025

aichatbotgeminillmwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is dAIrect Chat Safe to Use in 2026?

Generally Safe

Score 100/100

dAIrect Chat has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The "dairect-chat" v1.1.4 plugin demonstrates a strong security posture based on the provided static analysis. It correctly utilizes prepared statements for all SQL queries and ensures all output is properly escaped, which are critical best practices for preventing common web vulnerabilities like SQL injection and cross-site scripting (XSS). The absence of dangerous functions and file operations further reinforces this positive assessment. The plugin also appears to implement nonce checks on its AJAX handlers, although capability checks are entirely absent, representing a potential area for improvement in access control.

The taint analysis found no unsanitized paths, indicating that data flowing through the plugin is likely handled safely. The external HTTP requests are a minor point of attention, as these could potentially introduce risks if the external services are compromised or if the data sent is sensitive. However, without further context on the nature of these requests, the immediate risk is considered low.

The plugin's vulnerability history is completely clean, with no recorded CVEs. This, combined with the strong static analysis results, suggests a well-developed and secure plugin. The absence of capability checks is the most significant omission identified, as it could lead to unauthorized access if not properly handled by the surrounding WordPress environment. Overall, "dairect-chat" v1.1.4 appears to be a secure plugin, with the main area for consideration being the implementation of role-based access control.

Key Concerns

Missing capability checks on entry points

Vulnerabilities

None known

dAIrect Chat Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

dAIrect Chat Release Timeline

v1.1.4Current

v1.1.3

Code Analysis

Analyzed Mar 16, 2026

dAIrect Chat Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped29 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

dairect_chat_render_settings_page (admin\settings-page.php:30)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

dAIrect Chat Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 4

authwp_ajax_dairect_chatincludes\api-handler.php:78

noprivwp_ajax_dairect_chatincludes\api-handler.php:79

authwp_ajax_dairect_chat_clearincludes\api-handler.php:87

noprivwp_ajax_dairect_chat_clearincludes\api-handler.php:88

Shortcodes 1

[dairect_chat_widget] dairect-chat.php:35

WordPress Hooks 4

actionadmin_initadmin\settings-page.php:129

actionadmin_menudairect-chat.php:24

actionwp_enqueue_scriptsdairect-chat.php:49

actioninitincludes\api-handler.php:5

Maintenance & Trust

dAIrect Chat Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 6, 2025

PHP min version

Downloads412

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

dAIrect Chat Alternatives

Intellichat – AI Chatbot For WordPress with RAG

intellichat-ai-chatbot

100

AI Chatbot with RAG, Gemini & Floating Widget. Train on your content, customize the widget, and answer visitor questions instantly.

0 No CVEs

AI Bud – AI Content Generator, AI Chatbot, ChatGPT, Gemini, GPT-4o

aibuddy-openai-chatgpt

100

AI Bud an AI Content & Image Generation, AI ChatBot, ChatGPT, OpenAI, Perplexity, Gemini, GPT-4o, LLAMA, Mistral

3K No CVEs

AxiaChat AI – Free AI Chatbot (Answers Customers Automatically)

axiachat-ai

100

The best AI Chatbot for WordPress. Like having ChatGPT trained on your content — turn your site into a 24/7 sales & support machine.

1K No CVEs

AI Chatbot, Live Chat & Lead Generation for WordPress

ai-chatbot-live-chat-for-wordpress-using-chatgpt

100

Add a WordPress AI Chatbot to your site powered by Google Gemini. Manage AI agents, knowledge bases, live chat, and analytics from your dashboard.

100 No CVEs

SendPulse – Live Chat and Chatbot

sendpulse-live-chat-and-chatbot

100

Free live chat and chatbot plugin by SendPulse. Add live chats to your website to engage your site visitors and help solve their issues in real time.

100 No CVEs

Developer Profile

dAIrect Chat Developer Profile

rsnare

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect dAIrect Chat

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dairect-chat/public/chat-widget.js/wp-content/plugins/dairect-chat/public/chat-widget.css

Script Paths

/wp-content/plugins/dairect-chat/public/chat-widget.js

Version Parameters

dairect-chat/public/chat-widget.js?ver=dairect-chat/public/chat-widget.css?ver=

HTML / DOM Fingerprints

CSS Classes

dairect-chat-widgetchat-messageschat-inputchat-sendchat-clearchat-mic

Data Attributes

id="dairect-chat-widget"id="chat-messages"id="chat-input"id="chat-send"id="chat-clear"id="chat-mic"

JS Globals

DairectChatAjax

Shortcode Output

<div id="dairect-chat-widget">
    <div id="chat-messages"></div>
    <input type="text" id="chat-input" placeholder="Type a message..." />
    <div style="margin-top: 10px;">
      <button id="chat-send">Send</button>
      <button id="chat-clear">Clear Chat</button>
      <button id="chat-mic" title="Click to speak">🎤</button>
    </div>
  </div>

FAQ