Does Post Bot have any unpatched vulnerabilities?

No. All known vulnerabilities in Post Bot have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Post Bot compatible with WordPress 6.0.11?

According to WordPress.org data, Post Bot 1.0.2 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

How often is Post Bot updated?

Post Bot was last updated on Nov 1, 2022. Frequent updates are generally a positive security signal.

What is Post Bot's security score?

Post Bot has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Post Bot Security & Risk Analysis

wordpress.org/plugins/post-bot

Post bot is the fastest and simplest way to create posts to your website.

0 active installs v1.0.2 PHP + WP 4.4+ Updated Nov 1, 2022

chatbotcreate-post-chatboteasy-postpost-boxwordpress-post-bot

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Post Bot Safe to Use in 2026?

Generally Safe

Score 85/100

Post Bot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "post-bot" plugin v1.0.2 exhibits a concerning security posture due to its unprotected AJAX handlers, which represent its entire attack surface. While the plugin demonstrates good practices by not using dangerous functions, performing all SQL queries with prepared statements, and avoiding file operations and external HTTP requests, the lack of authentication on its two AJAX endpoints is a significant vulnerability. This means any authenticated user could potentially trigger these AJAX actions, leading to unintended consequences or further exploitation if logic flaws exist within those handlers.

The static analysis also reveals that 55% of output is not properly escaped, posing a risk of cross-site scripting (XSS) vulnerabilities. The taint analysis indicates a flow with an unsanitized path, though it's not categorized as critical or high severity, it still warrants attention. The plugin's clean vulnerability history is a positive sign, suggesting a lack of publicly known security flaws. However, this does not negate the inherent risks presented by the unprotected entry points and output escaping issues identified in the current version. The overall security is weakened by these specific exploitable components despite other well-implemented security controls.

Key Concerns

Unprotected AJAX handlers
Unescaped output detected
Flow with unsanitized path

Vulnerabilities

None known

Post Bot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Post Bot Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

55% escaped29 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<functions> (includes\functions.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Post Bot Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_aspc_get_msgsincludes\functions.php:8

authwp_ajax_aspc_auto_chat_responseincludes\functions.php:23

WordPress Hooks 4

actionwp_footerincludes\functions.php:305

actionadmin_menuincludes\functions.php:319

actionwp_enqueue_scriptspost-bot.php:61

actionadmin_enqueue_scriptspost-bot.php:74

Maintenance & Trust

Post Bot Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedNov 1, 2022

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings2

Active installs0

Alternatives

Post Bot Alternatives

AI Engine – The Chatbot, AI Framework & MCP for WordPress

ai-engine

AI meets WordPress. Your site can now chat, write poetry, solve problems, and maybe make you coffee.

100K 22 CVEs

Tidio – Live Chat & AI Chatbots

tidio-live-chat

Add Tidio Live Chat to your WordPress for free to answer customers’ questions, engage website visitors, generate leads, and increase sales.

80K 2 CVEs

Buttonizer – Live Chat, AI Chatbot, & Chat Widgets

button-contact-vr

Powerful platform with Live Chat, AI Chatbots, and Real-Time Visitor Monitoring! Also, create Call, Email, SMS, & Contact buttons to increase conv …

60K 3 CVEs

Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons

chatway-live-chat

100

AI chatbot & live chat for customer support, FAQ, chat buttons including WhatsApp with Chatway live chat. iOS & Android apps available 💬

30K No CVEs

Crisp – Live Chat and Chatbot

crisp

A Free, one-click-to-install, Live Chat and chatbot plugin. No coding skills are required. Used by more than 30 000 customers on WordPress.

20K 2 CVEs

Developer Profile

Post Bot Developer Profile

Aastha Solutions

2 plugins · 0 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Post Bot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/post-bot/assets/css/style.css/wp-content/plugins/post-bot/assets/css/style-admin.css/wp-content/plugins/post-bot/assets/js/script.js

HTML / DOM Fingerprints

JS Globals

ajax

REST Endpoints

/wp-json/post-bot/v1/get_messages/wp-json/post-bot/v1/auto_chat_response

FAQ