Does IKAROS Ai Commerce Infrastructure have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is IKAROS Ai Commerce Infrastructure compatible with WordPress 6.9.4?

According to WordPress.org data, IKAROS Ai Commerce Infrastructure 2.3.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is IKAROS Ai Commerce Infrastructure compatible with PHP 7.4+?

IKAROS Ai Commerce Infrastructure requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is IKAROS Ai Commerce Infrastructure updated?

IKAROS Ai Commerce Infrastructure was last updated on Mar 13, 2026. Frequent updates are generally a positive security signal.

What is IKAROS Ai Commerce Infrastructure's security score?

IKAROS Ai Commerce Infrastructure has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IKAROS Ai Commerce Infrastructure Security & Risk Analysis

wordpress.org/plugins/ikaros-ai-manifest

Prepare your WooCommerce store for the AI internet.

20 active installs v2.3.2 PHP 7.4+ WP 6.0+ Updated Mar 13, 2026

aibot-analyticsecommerceseowoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is IKAROS Ai Commerce Infrastructure Safe to Use in 2026?

Generally Safe

Score 100/100

IKAROS Ai Commerce Infrastructure has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The plugin "ikaros-ai-manifest" v2.3.2 exhibits a generally strong security posture with good coding practices observed. The majority of SQL queries utilize prepared statements, and output escaping is handled effectively, with 95% of outputs being properly escaped. The plugin also demonstrates a robust use of nonces and capability checks, suggesting an awareness of common WordPress vulnerabilities. Furthermore, the absence of any known CVEs, past or present, indicates a history of secure development or prompt patching.

However, there are specific areas that warrant attention. The presence of 13 AJAX handlers, with 4 lacking authentication checks, represents a significant attack surface that could be exploited. While taint analysis did not reveal critical or high-severity issues, the two flows with unsanitized paths, although not classified further, still pose a potential risk if user-supplied data is not handled with extreme care. The file operation and external HTTP requests, while not explicitly flagged as risky, should be monitored for potential abuse in conjunction with the unprotected AJAX endpoints.

In conclusion, while the plugin has many strengths, particularly in its secure handling of SQL and output, the unprotected AJAX endpoints are a notable weakness. The lack of historical vulnerabilities is a positive sign, but the current findings of unprotected entry points and unsanitized paths necessitate a cautious approach. Further investigation into the specific AJAX handlers and taint flows would be beneficial to fully mitigate potential risks.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths (2)

Vulnerabilities

None known

IKAROS Ai Commerce Infrastructure Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

IKAROS Ai Commerce Infrastructure Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

IKAROS Ai Commerce Infrastructure Code Analysis

Dangerous Functions

Raw SQL Queries

84 prepared

Unescaped Output

629 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

72% prepared117 total queries

Output Escaping

95% escaped659 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths

show_product_readiness_bulk_notice (includes\class-admin-controller.php:1443)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

IKAROS Ai Commerce Infrastructure Attack Surface

Entry Points14

Unprotected4

AJAX Handlers 13

authwp_ajax_ikaros_verify_geminiincludes\class-admin-controller.php:52

authwp_ajax_ikaros_save_api_keyincludes\class-admin-controller.php:53

authwp_ajax_ikaros_generate_summaryincludes\class-admin-controller.php:54

authwp_ajax_ikaros_save_languageincludes\class-admin-controller.php:55

authwp_ajax_ikaros_clear_logsincludes\class-admin-controller.php:58

authwp_ajax_ikaros_export_csvincludes\class-admin-controller.php:59

authwp_ajax_ikaros_test_llms_txtincludes\class-admin-controller.php:60

authwp_ajax_ikaros_save_policyincludes\class-admin-controller.php:63

authwp_ajax_ikaros_get_policyincludes\class-admin-controller.php:64

authwp_ajax_ikaros_add_to_cartincludes\class-manifest-server.php:33

noprivwp_ajax_ikaros_add_to_cartincludes\class-manifest-server.php:34

authwp_ajax_ikaros_checkoutincludes\class-manifest-server.php:35

noprivwp_ajax_ikaros_checkoutincludes\class-manifest-server.php:36

REST API Routes 1

GET/wp-json/ikaros/v1/ai-capabilitiesincludes\class-aigentic-protocols.php:39

WordPress Hooks 41

filterquery_varsikaros-ai-manifest.php:71

actioninitikaros-ai-manifest.php:77

actionwp_loadedikaros-ai-manifest.php:82

actionplugins_loadedikaros-ai-manifest.php:345

actionplugins_loadedikaros-ai-manifest.php:346

actionikaros_check_endpoint_healthikaros-ai-manifest.php:584

actionikaros_check_llms_txt_healthikaros-ai-manifest.php:624

actionadmin_menuincludes\class-admin-controller.php:29

actionadmin_enqueue_scriptsincludes\class-admin-controller.php:30

actionadmin_initincludes\class-admin-controller.php:31

actionwp_dashboard_setupincludes\class-admin-controller.php:32

filterwoocommerce_product_data_tabsincludes\class-admin-controller.php:35

actionwoocommerce_product_data_panelsincludes\class-admin-controller.php:36

actionwoocommerce_process_product_metaincludes\class-admin-controller.php:37

filtermanage_product_posts_columnsincludes\class-admin-controller.php:40

actionmanage_product_posts_custom_columnincludes\class-admin-controller.php:41

filtermanage_edit-product_sortable_columnsincludes\class-admin-controller.php:42

actionrestrict_manage_postsincludes\class-admin-controller.php:43

actionpre_get_postsincludes\class-admin-controller.php:44

filterbulk_actions-edit-productincludes\class-admin-controller.php:45

filterhandle_bulk_actions-edit-productincludes\class-admin-controller.php:46

actionadmin_noticesincludes\class-admin-controller.php:47

actionsave_post_productincludes\class-admin-controller.php:48

actionwoocommerce_after_product_object_saveincludes\class-admin-controller.php:49

actionwp_headincludes\class-admin-controller.php:4343

actionrest_api_initincludes\class-aigentic-protocols.php:29

actioninitincludes\class-aigentic-protocols.php:32

filterrobots_txtincludes\class-bot-bridge.php:14

actionadmin_noticesincludes\class-bot-bridge.php:15

actionsend_headersincludes\class-bot-bridge.php:16

actioninitincludes\class-bot-bridge.php:17

actionparse_requestincludes\class-bot-bridge.php:18

actiontemplate_redirectincludes\class-bot-bridge.php:19

actionwp_headincludes\class-frontend.php:15

actionwoocommerce_single_product_summaryincludes\class-frontend.php:18

actiontemplate_redirectincludes\class-llms-txt-generator.php:21

actionwpincludes\class-manifest-server.php:29

actionsave_post_productincludes\class-manifest-server.php:39

actiondelete_post_productincludes\class-manifest-server.php:40

actionwoocommerce_after_product_object_saveincludes\class-manifest-server.php:41

filterwoocommerce_structured_data_productincludes\class-schema-handler.php:15

Scheduled Events 4

ikaros_check_endpoint_health

ikaros_check_llms_txt_health

ikaros_check_endpoint_health

ikaros_check_llms_txt_health

Maintenance & Trust

IKAROS Ai Commerce Infrastructure Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 13, 2026

PHP min version7.4

Downloads562

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

IKAROS Ai Commerce Infrastructure Alternatives

MailerLite – WooCommerce integration

woo-mailerlite

Powerful e-commerce email marketing tools that are easy to use. Grow your store with automated emails, pop-ups, product blocks, sales tracking + more.

30K 4 CVEs

ActiveCampaign for WooCommerce

activecampaign-for-woocommerce

100

Autonomous marketing to transform your store. Fuel your customer journeys with personalized experiences across email, SMS, and WhatsApp.

6K 1 CVE

WP WooCommerce Mailchimp

woocommerce-mailchimp

100

Simple and flexible Mailchimp integration for WooCommerce.

6K No CVEs

AIKTP

aiktp

AI-powered content automation. Generate SEO-optimized articles and WooCommerce product descriptions with bulk generation support.

3K 1 CVE

All In One SEO Pack for WooCommerce

woocommerce-all-in-one-seo-pack

Manage All in One SEO Pack meta details for WooCommerce Products within the Add/Edit Products view within the WordPress Administration.

3K No CVEs

Developer Profile

IKAROS Ai Commerce Infrastructure Developer Profile

Ikaros Ai

1 plugin · 20 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IKAROS Ai Commerce Infrastructure

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

+4 more

REST Endpoints

/wp-json/ikaros-ai-manifest/v1//wp-json/aigentic/v1//wp-json/aigentic/v1/mcp/tools

FAQ