WP-Safety

FAQSmith – AI-Powered FAQ Generator Security & Risk Analysis

wordpress.org/plugins/faqsmith

Generate AI-powered FAQs from any WordPress post or page and automatically add Google-ready FAQ Schema.

10 active installs v0.1.0 PHP 7.4+ WP 5.8+ Updated Dec 15, 2025
ai-generatorfaqfaq-blockjson-ldschema-markup
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is FAQSmith – AI-Powered FAQ Generator Safe to Use in 2026?

Generally Safe

Score 100/100

FAQSmith – AI-Powered FAQ Generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The plugin "faqsmith" v0.1.0 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests are all positive indicators. Furthermore, the plugin demonstrates good practices by implementing proper output escaping for nearly all outputs and utilizing nonce and capability checks for its entry points.

While the attack surface is minimal, with only three entry points, and all appear to be protected, the lack of taint analysis results (0 flows analyzed) means there's no concrete evidence of how user-supplied data is handled after entering the plugin. This is a significant gap in the analysis, as it prevents a thorough assessment of potential injection vulnerabilities. The vulnerability history being completely clear is a positive sign, suggesting a lack of previously discovered flaws or that the plugin has been well-maintained in that regard.

In conclusion, "faqsmith" v0.1.0 presents a promising security profile due to its robust implementation of common security best practices. However, the incomplete taint analysis leaves a question mark regarding the handling of potentially malicious user input. This, combined with the very early version number, suggests a need for continued vigilance and potentially more comprehensive security auditing as the plugin matures.

Key Concerns

  • Taint analysis flows not analyzed
  • Early plugin version number (v0.1.0)
Vulnerabilities
None known

FAQSmith – AI-Powered FAQ Generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

FAQSmith – AI-Powered FAQ Generator Release Timeline

v0.1.0Current
Code Analysis
Analyzed Mar 17, 2026

FAQSmith – AI-Powered FAQ Generator Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
28 escaped
Nonce Checks
3
Capability Checks
3
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

97% escaped29 total outputs
Attack Surface

FAQSmith – AI-Powered FAQ Generator Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_faqsmith_generate_faqsincludes\class-faqsmith-admin.php:23
authwp_ajax_faqsmith_test_apiincludes\class-faqsmith-admin.php:26

Shortcodes 1

[faqsmith] includes\class-faqsmith-schema.php:14
WordPress Hooks 9
actionadmin_menuincludes\class-faqsmith-admin.php:15
actionadmin_initincludes\class-faqsmith-admin.php:16
actionadd_meta_boxesincludes\class-faqsmith-admin.php:18
actionsave_postincludes\class-faqsmith-admin.php:19
actionadmin_enqueue_scriptsincludes\class-faqsmith-admin.php:21
actioninitincludes\class-faqsmith-blocks.php:3
actionwp_enqueue_scriptsincludes\class-faqsmith-frontend.php:4
actionplugins_loadedincludes\class-faqsmith-plugin.php:32
actionwp_headincludes\class-faqsmith-schema.php:13
Maintenance & Trust

FAQSmith – AI-Powered FAQ Generator Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 15, 2025
PHP min version7.4
Downloads182

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

FAQSmith – AI-Powered FAQ Generator Alternatives

Ultimate FAQ Accordion Plugin

Ultimate FAQ Accordion Plugin

ultimate-faqs

A
89

Full-featured FAQ and accordion plugin with advanced search, simple UI and easy-to-use FAQ blocks and shortcodes.

30K 7 CVEs
Easy Accordion Block

Easy Accordion Block

easy-accordion-block

A
99

Easy Accordion Block allows you to create an accordion or a FAQs section in Gutenberg editor easily.

7K 1 CVE
FAQ Block For Gutenberg

FAQ Block For Gutenberg

faq-block-for-gutenberg

A
92

This plugin provides a quick and easy way to add FAQ's block using Gutenberg visual editor.

4K No CVEs
FAQly – Ultimate FAQ

FAQly – Ultimate FAQ

faqly-ultimate-faq

A
100

FAQly – Ultimate FAQ Plugin: A plugin to manage FAQs and display them as an accordion using a shortcode.

1K No CVEs
FAQ Schema for Elementor

FAQ Schema for Elementor

faq-schema-for-elementor

A
85

Adds an Elementor widget that inserts FAQ schema (structured data) in JSON-LD format.

900 No CVEs
Developer Profile

FAQSmith – AI-Powered FAQ Generator Developer Profile

Ajay Kumar

3 plugins · 40 total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect FAQSmith – AI-Powered FAQ Generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/faqsmith/assets/js/faqsmith-admin.js/wp-content/plugins/faqsmith/assets/css/faqsmith-admin.css
Script Paths
/wp-content/plugins/faqsmith/assets/js/faqsmith-admin.js
Version Parameters
faqsmith/assets/js/faqsmith-admin.js?ver=faqsmith/assets/css/faqsmith-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes
faqsmith-notice-changedfaqsmith-notice-emptyfaqsmith-test-api-resultfaqsmith-generate-faqs-button
Data Attributes
id="faqsmith-test-api-btn"id="faqsmith-test-api-result"id="faqsmith-generate-faqs-button"name="faqsmith_settings_group"name="faqsmith-settings"name="faqsmith_openai_api_key"+1 more
JS Globals
faqsmith_ajax_object
REST Endpoints
/wp-json/faqsmith/v1/generate
FAQ

Frequently Asked Questions about FAQSmith – AI-Powered FAQ Generator