WP-Safety

Neexa | Sales AI Agent for B2C Businesses Security & Risk Analysis

wordpress.org/plugins/neexa-ai

This plugin seamlessly integrates Neexa.AI's 24/7 AI Powered Sales Agent/Assistant onto any WordPress site. Please note that the functionality of …

50 active installs v2.1.0 PHP 7.0+ WP 4.7+ Updated May 21, 2025
agentaiai-assistantchatbotsalesbot
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Neexa | Sales AI Agent for B2C Businesses Safe to Use in 2026?

Generally Safe

Score 100/100

Neexa | Sales AI Agent for B2C Businesses has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The neexa-ai v2.1.0 plugin presents a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries and has no recorded vulnerabilities or CVEs. This suggests a diligent approach to core security areas. However, the plugin has a significant concern regarding its attack surface. It exposes three AJAX handlers, all of which lack authentication checks, creating a direct entry point for unauthenticated actions. While taint analysis did not reveal critical or high severity issues, two flows with unsanitized paths are present, which warrants attention. Furthermore, the output escaping is only 42% proper, indicating a risk of Cross-Site Scripting (XSS) vulnerabilities in exposed areas. The absence of historical vulnerabilities is a good sign, but the current static analysis findings, particularly the unprotected AJAX endpoints and poor output escaping, introduce notable risks that need to be addressed.

Key Concerns

  • Unprotected AJAX handlers
  • Low output escaping rate
  • Unsanitized paths in taint flows
Vulnerabilities
None known

Neexa | Sales AI Agent for B2C Businesses Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Neexa | Sales AI Agent for B2C Businesses Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
52
37 escaped
Nonce Checks
2
Capability Checks
1
File Operations
0
External Requests
3
Bundled Libraries
0

Output Escaping

42% escaped89 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
save_access_token (admin\class-neexa-ai-admin.php:198)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Neexa | Sales AI Agent for B2C Businesses Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_save_neexa_ai_deploymentincludes\class-neexa-ai.php:179
authwp_ajax_save_neexa_ai_access_tokenincludes\class-neexa-ai.php:180
authwp_ajax_neexa_fetch_agentsincludes\class-neexa-ai.php:181
WordPress Hooks 11
actionplugins_loadedincludes\class-neexa-ai.php:162
actionadmin_post_deactivation_feedbackincludes\class-neexa-ai.php:178
actionadmin_enqueue_scriptsincludes\class-neexa-ai.php:182
actionadmin_enqueue_scriptsincludes\class-neexa-ai.php:183
actionadmin_noticesincludes\class-neexa-ai.php:184
actionadmin_menuincludes\class-neexa-ai.php:185
actionadmin_initincludes\class-neexa-ai.php:186
actionadmin_initincludes\class-neexa-ai.php:187
actionadmin_initincludes\class-neexa-ai.php:188
actionwp_enqueue_scriptsincludes\class-neexa-ai.php:203
actionwp_enqueue_scriptsincludes\class-neexa-ai.php:204
Maintenance & Trust

Neexa | Sales AI Agent for B2C Businesses Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 21, 2025
PHP min version7.0
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs50
Alternatives

Neexa | Sales AI Agent for B2C Businesses Alternatives

Instant AI Chatbot

Instant AI Chatbot

ultimo-bots

A
100

Ultimo Bots helps you add a powerful AI assistant to your site - effortlessly.

40 No CVEs
Lime Connect (formerly Userlike) – WordPress Live Chat plugin

Lime Connect (formerly Userlike) – WordPress Live Chat plugin

userlike

A
100

Free live chat plugin to chat with the visitors of your website. Integrate a beautiful and fully customizable chat box. Hosted in Europe.

1K 1 CVE
AI Chatbot for WordPress by Customerly

AI Chatbot for WordPress by Customerly

customerly

A
85

AI Chatbot to support customers, create engaging messages and send automated emails.

400 No CVEs
StoreAgent – WooCommerce AI Chatbot & AI Content Tools

StoreAgent – WooCommerce AI Chatbot & AI Content Tools

storeagent-ai-for-woocommerce

A
100

WooCommerce AI Chatbot for stores with built-in AI content tools. Generate product descriptions, answer customer questions & more with AI.

200 No CVEs
BuddyBot – OpenAI Assistants, AI Chatbots and Support Agents for WordPress

BuddyBot – OpenAI Assistants, AI Chatbots and Support Agents for WordPress

buddybot-ai-custom-ai-assistant-and-chat-agent

A
100

Discover AI Chatbots for WordPress, only plugin built on native OpenAI assistants. Explore a new different way to chat!

100 No CVEs
Developer Profile

Neexa | Sales AI Agent for B2C Businesses Developer Profile

neexa

1 plugin · 50 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Neexa | Sales AI Agent for B2C Businesses

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/neexa-ai/css/neexa-ai-admin.css/wp-content/plugins/neexa-ai/js/neexa-ai-admin.js
Script Paths
js/neexa-ai-admin.js
Version Parameters
neexa-ai-admin.css?ver=neexa-ai-admin.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-neexa-ai-widget-iddata-neexa-ai-elementdata-neexa-ai-agent
JS Globals
neexa_ai_env_vars
FAQ

Frequently Asked Questions about Neexa | Sales AI Agent for B2C Businesses