WP-Safety

Laxi AI for WooCommerce Security & Risk Analysis

wordpress.org/plugins/laxi-ai-for-woocommerce

Integrate AI-powered chatbots with your WooCommerce store to provide instant customer support and product recommendations.

0 active installs v1.1.0 PHP 7.2+ WP 5.6+ Updated May 29, 2025
aichatbotcustomer-supportproduct-recommendationswoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Laxi AI for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Laxi AI for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago
Risk Assessment

The "laxi-ai-for-woocommerce" plugin v1.1.0 demonstrates several good security practices, including the use of prepared statements for all SQL queries and proper output escaping for all identified outputs. The lack of reported vulnerabilities in its history is also a positive indicator of a relatively secure development process.

However, the static analysis reveals a notable concern: one of the four AJAX handlers is not protected by authentication checks. This creates a potential attack vector where unauthenticated users could interact with this handler, leading to unexpected or malicious actions. While the taint analysis found no critical or high-severity issues with unsanitized paths, the presence of an unprotected AJAX endpoint represents a direct security risk that could be exploited.

Overall, the plugin has a decent security foundation with its handling of database queries and output. The absence of known CVEs is reassuring. The primary weakness lies in the unprotected AJAX endpoint, which significantly lowers its security posture. Developers should prioritize addressing this single unprotected entry point to mitigate the identified risk.

Key Concerns

  • Unprotected AJAX handler without auth checks
Vulnerabilities
None known

Laxi AI for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Laxi AI for WooCommerce Release Timeline

v1.1.0Current
v1.0.3
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Laxi AI for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
0
4 escaped
Nonce Checks
3
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped4 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
ajax_toggle_chatbot (laxi-chatbot.php:145)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Laxi AI for WooCommerce Attack Surface

Entry Points4
Unprotected1

AJAX Handlers 4

authwp_ajax_laxi_get_connection_statuslaxi-chatbot.php:69
authwp_ajax_laxi_toggle_chatbotlaxi-chatbot.php:70
authwp_ajax_laxi_authlaxi-chatbot.php:71
authwp_ajax_laxi_get_chatbot_statuslaxi-chatbot.php:74
WordPress Hooks 7
actionadmin_noticeslaxi-chatbot.php:55
actionadmin_menulaxi-chatbot.php:67
actionadmin_enqueue_scriptslaxi-chatbot.php:68
actionwp_footerlaxi-chatbot.php:78
actionadmin_noticeslaxi-chatbot.php:484
actionplugins_loadedlaxi-chatbot.php:493
actionbefore_woocommerce_initlaxi-chatbot.php:495
Maintenance & Trust

Laxi AI for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMay 29, 2025
PHP min version7.2
Downloads656

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Laxi AI for WooCommerce Alternatives

AxiaChat AI – Free AI Chatbot (Answers Customers Automatically)

AxiaChat AI – Free AI Chatbot (Answers Customers Automatically)

axiachat-ai

A
100

The best AI Chatbot for WordPress. Like having ChatGPT trained on your content — turn your site into a 24/7 sales & support machine.

1K No CVEs
MxChat – AI Chatbot & Content Generation for WordPress

MxChat – AI Chatbot & Content Generation for WordPress

mxchat-basic

A
98

The best free AI chatbot and content generation plugin for WordPress. Train ChatGPT, Claude, Gemini, or Grok on your website content.

1K 2 CVEs
Live Chat & AI Chatbot – onWebChat

Live Chat & AI Chatbot – onWebChat

onwebchat

A
99

Add live chat and a 24/7 AI chatbot to your site. Engage visitors instantly, automate support, and convert more visitors into customers.

700 1 CVE
Muchat – AI Chatbot (with Autosync)

Muchat – AI Chatbot (with Autosync)

muchat-ai

A
100

Integrate MuChat: AI Chatbot for WordPress/WooCommerce, with auto-sync for enhanced customer support

300 No CVEs
ILACHAT – AI Chatbot & Live Chat

ILACHAT – AI Chatbot & Live Chat

ilachat

A
100

AI-powered chatbot and live chat for WordPress & WooCommerce. Boost support, sales, and lead capture with real-time data.

200 No CVEs
Developer Profile

Laxi AI for WooCommerce Developer Profile

galaxiusmons

2 plugins · 10 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Laxi AI for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/laxi-ai-for-woocommerce/assets/js/admin.js
Script Paths
/wp-content/plugins/laxi-ai-for-woocommerce/assets/js/vendor/react.development.js/wp-content/plugins/laxi-ai-for-woocommerce/assets/js/vendor/react-dom.development.js
Version Parameters
laxi-ai-for-woocommerce/assets/js/admin.js?ver=

HTML / DOM Fingerprints

Data Attributes
id="laxi-admin-root"
JS Globals
laxiData
REST Endpoints
/wp-json/laxi/v1/connection-status/wp-json/laxi/v1/chatbot-status/wp-json/laxi/v1/toggle-chatbot/wp-json/laxi/v1/auth-url
FAQ

Frequently Asked Questions about Laxi AI for WooCommerce