Does Fast RAGbot have any unpatched vulnerabilities?

No. All known vulnerabilities in Fast RAGbot have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Fast RAGbot compatible with WordPress 6.8.5?

According to WordPress.org data, Fast RAGbot 2.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Fast RAGbot compatible with PHP 7.4+?

Fast RAGbot requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Fast RAGbot updated?

Fast RAGbot was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is Fast RAGbot's security score?

Fast RAGbot has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Fast RAGbot Security & Risk Analysis

wordpress.org/plugins/fast-ragbot

AI-powered chatbot with multi-LLM support (Gemini/OpenAI/Claude), multi-domain indexing, document upload, and conversation memory.

10 active installs v2.0.0 PHP 7.4+ WP 6.0+ Updated Dec 1, 2025

aichatbotgeminiopenairag

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Fast RAGbot Safe to Use in 2026?

Generally Safe

Score 100/100

Fast RAGbot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'fast-ragbot' plugin v2.0.0 exhibits a generally good security posture with several strengths. The absence of known CVEs and a history of vulnerabilities is a significant positive indicator, suggesting a proactive approach to security by the developers. Furthermore, the high percentage of SQL queries using prepared statements and properly escaped output are strong indicators of secure coding practices.

However, there are notable areas of concern. The presence of 13 AJAX handlers, with two lacking authentication checks, presents a direct attack vector. While taint analysis did not reveal any unsanitized paths, the exposed AJAX endpoints could potentially lead to unauthorized actions if they lack proper authorization or input validation. The plugin also has a moderate attack surface with 14 total entry points. The file operations and external HTTP requests, while not inherently dangerous without further context, represent potential points of interaction that could be exploited if not carefully secured.

In conclusion, 'fast-ragbot' v2.0.0 has a strong foundation in terms of its vulnerability history and core secure coding practices. The primary risk lies in the two unprotected AJAX handlers, which require immediate attention and remediation. Addressing these exposed entry points will significantly strengthen the plugin's overall security profile.

Key Concerns

Unprotected AJAX handlers detected
Moderate attack surface without auth checks

Vulnerabilities

None known

Fast RAGbot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Fast RAGbot Code Analysis

Dangerous Functions

Raw SQL Queries

22 prepared

Unescaped Output

111 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

71% prepared31 total queries

Output Escaping

79% escaped140 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

index_file (src\Admin\Actions.php:187)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Fast RAGbot Attack Surface

Entry Points14

Unprotected2

AJAX Handlers 13

authwp_ajax_ragbot_test_api_keysrc\Admin\Actions.php:14

authwp_ajax_ragbot_index_websitesrc\Admin\Actions.php:15

authwp_ajax_ragbot_clear_indexsrc\Admin\Actions.php:16

authwp_ajax_ragbot_index_filesrc\Admin\Actions.php:17

authwp_ajax_ragbot_get_sourcessrc\Admin\Actions.php:20

authwp_ajax_ragbot_save_sourcesrc\Admin\Actions.php:21

authwp_ajax_ragbot_delete_sourcesrc\Admin\Actions.php:22

authwp_ajax_ragbot_index_sourcesrc\Admin\Actions.php:23

authwp_ajax_ragbot_test_apisrc\Admin\Actions.php:24

authwp_ajax_ragbot_upload_docssrc\Admin\Actions.php:25

authwp_ajax_ragbot_get_statssrc\Admin\Actions.php:26

authwp_ajax_ragbot_chatsrc\Chat\Controller.php:17

noprivwp_ajax_ragbot_chatsrc\Chat\Controller.php:18

Shortcodes 1

[ragbot_chat] src\Plugin.php:31

WordPress Hooks 10

actionplugins_loadedfast-ragbot.php:171

actionadmin_initsrc\Admin\Actions.php:29

actionadmin_initsrc\Admin\SettingsPageV2.php:14

actionadmin_initsrc\Admin\SettingsPageV2.php:15

actionadmin_enqueue_scriptssrc\Admin\SettingsPageV2.php:16

filterpre_set_transient_settings_errorssrc\Admin\SettingsPageV2.php:18

actioninitsrc\Plugin.php:14

actionadmin_menusrc\Plugin.php:15

actionwp_enqueue_scriptssrc\Plugin.php:16

actionwp_footersrc\Plugin.php:28

Maintenance & Trust

Fast RAGbot Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 1, 2025

PHP min version7.4

Downloads228

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Fast RAGbot Alternatives

Antimanual – Automate manual tasks with 24/7 AI Agent (Article Writer, AI Chatbot, Auto Posting, Auto Reply, FAQ Generator, Bulk Rewriter, Docs Generator etc)

antimanual

100

AI-powered WordPress plugin with smart chatbot, auto-posting, docs generator, bulk rewrite, FAQ generator, forum AI, and search. OpenAI & Gemini.

80 No CVEs

AI Chatbot for Support & E-Commerce

ai-chatbot-for-support-e-commerce

100

AI-powered chatbot for WordPress and WooCommerce using OpenAI or Gemini, trained on your site content.

0 No CVEs

SmartAI Search

smartai-search

100

SmartAI Search AI system using OpenAI embeddings with local database vector store and frontend chat interface.

0 No CVEs

AI Engine – The Chatbot, AI Framework & MCP for WordPress

ai-engine

AI meets WordPress. Your site can now chat, write poetry, solve problems, and maybe make you coffee.

100K 22 CVEs

AI Puffer – Your AI engine for WordPress (formerly AI Power)

gpt3-ai-content-generator

Your AI engine for WordPress. Chat, write, automate, and generate — all in one workspace.

10K 10 CVEs

Developer Profile

Fast RAGbot Developer Profile

Muhammad Adnan Hanif

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Fast RAGbot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fast-ragbot/dist/css/widget.css/wp-content/plugins/fast-ragbot/dist/js/widget.js

Script Paths

/wp-content/plugins/fast-ragbot/dist/js/widget.js

Version Parameters

fast-ragbot/dist/css/widget.css?ver=fast-ragbot/dist/js/widget.js?ver=

HTML / DOM Fingerprints

CSS Classes

ragbot-widget-containerragbot-chat-headerragbot-chat-messageragbot-user-messageragbot-bot-messageragbot-input-arearagbot-send-button

HTML Comments

Data Attributes

data-ragbot-widgetdata-settings-url

JS Globals

FastRAGbotWidget

REST Endpoints

/wp-json/fast-ragbot/v1/chat

FAQ