Does Fast RAGbot have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Fast RAGbot compatible with WordPress 6.8.5?

According to WordPress.org data, Fast RAGbot 2.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Fast RAGbot compatible with PHP 7.4+?

Fast RAGbot requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Fast RAGbot updated?

Fast RAGbot was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is Fast RAGbot's security score?

Fast RAGbot has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Fast RAGbot Security & Risk Analysis

wordpress.org/plugins/fast-ragbot

AI-powered chatbot with multi-LLM support (Gemini/OpenAI/Claude), multi-domain indexing, document upload, and conversation memory.

10 active installs v2.0.0 PHP 7.4+ WP 6.0+ Updated Dec 1, 2025

aichatbotgeminiopenairag

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Fast RAGbot Safe to Use in 2026?

Generally Safe

Score 100/100

Fast RAGbot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The 'fast-ragbot' plugin v2.0.0 exhibits a generally good security posture with several strengths. The absence of known CVEs and a history of vulnerabilities is a significant positive indicator, suggesting a proactive approach to security by the developers. Furthermore, the high percentage of SQL queries using prepared statements and properly escaped output are strong indicators of secure coding practices.

However, there are notable areas of concern. The presence of 13 AJAX handlers, with two lacking authentication checks, presents a direct attack vector. While taint analysis did not reveal any unsanitized paths, the exposed AJAX endpoints could potentially lead to unauthorized actions if they lack proper authorization or input validation. The plugin also has a moderate attack surface with 14 total entry points. The file operations and external HTTP requests, while not inherently dangerous without further context, represent potential points of interaction that could be exploited if not carefully secured.

In conclusion, 'fast-ragbot' v2.0.0 has a strong foundation in terms of its vulnerability history and core secure coding practices. The primary risk lies in the two unprotected AJAX handlers, which require immediate attention and remediation. Addressing these exposed entry points will significantly strengthen the plugin's overall security profile.

Key Concerns

Unprotected AJAX handlers detected
Moderate attack surface without auth checks

Vulnerabilities

None known

Fast RAGbot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Fast RAGbot Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Fast RAGbot Code Analysis

Dangerous Functions

Raw SQL Queries

22 prepared

Unescaped Output

111 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

71% prepared31 total queries

Output Escaping

79% escaped140 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

index_file (src\Admin\Actions.php:187)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Fast RAGbot Attack Surface

Entry Points14

Unprotected2

AJAX Handlers 13

authwp_ajax_ragbot_test_api_keysrc\Admin\Actions.php:14

authwp_ajax_ragbot_index_websitesrc\Admin\Actions.php:15

authwp_ajax_ragbot_clear_indexsrc\Admin\Actions.php:16

authwp_ajax_ragbot_index_filesrc\Admin\Actions.php:17

authwp_ajax_ragbot_get_sourcessrc\Admin\Actions.php:20

authwp_ajax_ragbot_save_sourcesrc\Admin\Actions.php:21

authwp_ajax_ragbot_delete_sourcesrc\Admin\Actions.php:22

authwp_ajax_ragbot_index_sourcesrc\Admin\Actions.php:23

authwp_ajax_ragbot_test_apisrc\Admin\Actions.php:24

authwp_ajax_ragbot_upload_docssrc\Admin\Actions.php:25

authwp_ajax_ragbot_get_statssrc\Admin\Actions.php:26

authwp_ajax_ragbot_chatsrc\Chat\Controller.php:17

noprivwp_ajax_ragbot_chatsrc\Chat\Controller.php:18

Shortcodes 1

[ragbot_chat] src\Plugin.php:31

WordPress Hooks 10

actionplugins_loadedfast-ragbot.php:171

actionadmin_initsrc\Admin\Actions.php:29

actionadmin_initsrc\Admin\SettingsPageV2.php:14

actionadmin_initsrc\Admin\SettingsPageV2.php:15

actionadmin_enqueue_scriptssrc\Admin\SettingsPageV2.php:16

filterpre_set_transient_settings_errorssrc\Admin\SettingsPageV2.php:18

actioninitsrc\Plugin.php:14

actionadmin_menusrc\Plugin.php:15

actionwp_enqueue_scriptssrc\Plugin.php:16

actionwp_footersrc\Plugin.php:28

Maintenance & Trust

Fast RAGbot Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 1, 2025

PHP min version7.4

Downloads228

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Fast RAGbot Alternatives

Antimanual – Automate manual tasks with 24/7 AI Agent

antimanual

100

AI-powered plugin with smart Chatbot, AI Search Form, Email Campaigns, Auto-Posting, Docs Generator, Bulk Rewrite, FAQ Generator, Forum AI.

80 No CVEs

AI Chatbot for Support & E-Commerce

ai-chatbot-for-support-e-commerce

100

AI-powered chatbot for WordPress and WooCommerce using OpenAI or Gemini, trained on your site content.

0 No CVEs

Inqyra

inqyra

100

AI-powered chatbot that answers visitor questions based on your own WordPress content. Bring your own API key — zero markup.

0 No CVEs

Intellichat – AI Chatbot For WordPress with RAG

intellichat-ai-chatbot

100

AI Chatbot with RAG, Gemini & Floating Widget. Train on your content, customize the widget, and answer visitor questions instantly.

0 No CVEs

Rapls AI Chatbot

rapls-ai-chatbot

100

AI chatbot for WordPress with OpenAI, Claude, Gemini, and OpenRouter. Site learning, knowledge base, web search, and MCP server.

0 No CVEs

Developer Profile

Fast RAGbot Developer Profile

Muhammad Adnan Hanif

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Fast RAGbot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fast-ragbot/dist/css/widget.css/wp-content/plugins/fast-ragbot/dist/js/widget.js

Script Paths

/wp-content/plugins/fast-ragbot/dist/js/widget.js

Version Parameters

fast-ragbot/dist/css/widget.css?ver=fast-ragbot/dist/js/widget.js?ver=

HTML / DOM Fingerprints

CSS Classes

ragbot-widget-containerragbot-chat-headerragbot-chat-messageragbot-user-messageragbot-bot-messageragbot-input-arearagbot-send-button

HTML Comments

Data Attributes

data-ragbot-widgetdata-settings-url

JS Globals

FastRAGbotWidget

REST Endpoints

/wp-json/fast-ragbot/v1/chat

FAQ

Fast RAGbot Security & Risk Analysis

Is Fast RAGbot Safe to Use in 2026?

Generally Safe

Key Concerns

Fast RAGbot Security Vulnerabilities

Fast RAGbot Release Timeline

Fast RAGbot Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Fast RAGbot Attack Surface

AJAX Handlers 13

Shortcodes 1

Fast RAGbot Maintenance & Trust

Maintenance Signals

Community Trust

Fast RAGbot Alternatives

Antimanual – Automate manual tasks with 24/7 AI Agent

AI Chatbot for Support & E-Commerce

Inqyra

Intellichat – AI Chatbot For WordPress with RAG

Rapls AI Chatbot

Fast RAGbot Developer Profile

How We Detect Fast RAGbot

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Fast RAGbot