Does HybridAI Chatbot have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is HybridAI Chatbot compatible with WordPress 6.8.5?

According to WordPress.org data, HybridAI Chatbot 1.3.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is HybridAI Chatbot compatible with PHP 7.2+?

HybridAI Chatbot requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is HybridAI Chatbot updated?

HybridAI Chatbot was last updated on Jul 17, 2025. Frequent updates are generally a positive security signal.

What is HybridAI Chatbot's security score?

HybridAI Chatbot has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HybridAI Chatbot Security & Risk Analysis

wordpress.org/plugins/hybridai-chatbot

Automatically integrates the HybridAI Chatbot into your WordPress site, allowing users to chat with an AI assistant powered by HybridAI.

0 active installs v1.3.5 PHP 7.2+ WP 5.0+ Updated Jul 17, 2025

ai-chatbotchatbothybridailive-chatopenai

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is HybridAI Chatbot Safe to Use in 2026?

Generally Safe

Score 100/100

HybridAI Chatbot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The hybridai-chatbot plugin v1.3.5 exhibits a generally good security posture, with no known vulnerabilities or critical taint flows. The static analysis reveals a limited attack surface, with all identified entry points (AJAX, REST API, shortcodes) appearing to have authentication or permission checks in place. The plugin also shows good practices in its use of prepared statements for SQL queries and includes a reasonable number of output escaping mechanisms, although not all are properly implemented.

Despite the positive indicators, there are areas for improvement. The percentage of properly escaped output (67%) suggests potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled meticulously in the remaining outputs. The presence of file operations and external HTTP requests, while not inherently insecure, warrants careful review to ensure they do not introduce vulnerabilities like insecure file uploads or SSRF. The plugin's minimal vulnerability history is a strong positive sign, indicating a mature and likely well-maintained codebase.

In conclusion, hybridai-chatbot v1.3.5 appears to be a relatively secure plugin. Its strengths lie in its limited attack surface and the absence of known critical security flaws. However, the unescaped output and the potential risks associated with file and network operations are minor but present concerns that should be addressed to further enhance its security.

Key Concerns

Unescaped output identified
File operation present
External HTTP request present

Vulnerabilities

None known

HybridAI Chatbot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

HybridAI Chatbot Release Timeline

v1.33

v1.32

v1.29

v1.28

v1.27

v1.26

v1.25

v1.24

v1.23

v1.3.5Current

v1.3.4

v1.3

Code Analysis

Analyzed Mar 17, 2026

HybridAI Chatbot Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

60 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

75% prepared8 total queries

Output Escaping

67% escaped90 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

hybridai_chatbot_logs_page (hybridai-chatbot.php:223)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

HybridAI Chatbot Attack Surface

Entry Points2

Unprotected0

REST API Routes 1

POST/wp-json/hybridai/v1/log-messagehybridai-chatbot.php:599

Shortcodes 1

[hybridai_content_chatbot] hybridai-chatbot.php:857

WordPress Hooks 11

actionadmin_menuhybridai-chatbot.php:63

actionwp_footerhybridai-chatbot.php:386

actionwp_footerhybridai-chatbot.php:394

actionwp_enqueue_scriptshybridai-chatbot.php:560

actiontemplate_redirecthybridai-chatbot.php:569

actionrest_api_inithybridai-chatbot.php:598

actioninithybridai-chatbot.php:736

actionadmin_initincludes\one-click-config.php:12

actionadmin_noticesincludes\one-click-config.php:13

actionadmin_enqueue_scriptsincludes\one-click-config.php:14

actionadmin_initincludes\settings.php:141

Maintenance & Trust

HybridAI Chatbot Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 17, 2025

PHP min version7.2

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs0

Alternatives

HybridAI Chatbot Alternatives

Inqyra

inqyra

100

AI-powered chatbot that answers visitor questions based on your own WordPress content. Bring your own API key — zero markup.

0 No CVEs

Lime Connect (formerly Userlike) – WordPress Live Chat plugin

userlike

100

Free live chat plugin to chat with the visitors of your website. Integrate a beautiful and fully customizable chat box. Hosted in Europe.

1K 1 CVE

Live Chat & AI Chatbot – onWebChat

onwebchat

Add live chat and a 24/7 AI chatbot to your site. Engage visitors instantly, automate support, and convert more visitors into customers.

700 1 CVE

Social Intents – Live Chat

live-chat-support-by-social-intents

AI Chatbot & Live Chat plugin for WordPress. Chat with visitors using ChatGPT, Claude, Gemini, Slack, Teams, and Google Chat.

400 1 unpatched

AI Chatbot for WordPress by Customerly

customerly

AI Chatbot to support customers, create engaging messages and send automated emails.

300 No CVEs

Developer Profile

HybridAI Chatbot Developer Profile

Stephan Noller

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect HybridAI Chatbot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hybridai-chatbot/assets/hai_logo_128x128_transparent.png/wp-content/plugins/hybridai-chatbot/assets/css/hybridai-chatbot-admin.css/wp-content/plugins/hybridai-chatbot/assets/js/hybridai-chatbot-admin.js/wp-content/plugins/hybridai-chatbot/assets/css/hybridai-chatbot-frontend.css/wp-content/plugins/hybridai-chatbot/assets/js/hybridai-chatbot-frontend.js

Script Paths

/wp-content/plugins/hybridai-chatbot/assets/js/hybridai-chatbot-frontend.js

Version Parameters

hybridai-chatbot/assets/css/hybridai-chatbot-frontend.css?ver=hybridai-chatbot/assets/js/hybridai-chatbot-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

hybridai-chatbot-info-box

Data Attributes

data-bot-id

JS Globals

hybridai_chatbot_config

Shortcode Output

[hybridai_content_chatbot]

FAQ