Does Querlo Chatbot have any unpatched vulnerabilities?

No. All known vulnerabilities in Querlo Chatbot have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Querlo Chatbot compatible with WordPress 6.6.5?

According to WordPress.org data, Querlo Chatbot 1.2.8 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is Querlo Chatbot updated?

Querlo Chatbot was last updated on Aug 16, 2024. Frequent updates are generally a positive security signal.

What is Querlo Chatbot's security score?

Querlo Chatbot has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Querlo Chatbot Security & Risk Analysis

wordpress.org/plugins/querlo-chatbots

Querlo Chatbot plugin lets you install a free Querlo chat directly on your WordPress site page.

10 active installs v1.2.8 PHP + WP 4.0+ Updated Aug 16, 2024

chat-pluginchatbotcustomer-chat-plugincustomer-support-chatsupport-chat

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Querlo Chatbot Safe to Use in 2026?

Generally Safe

Score 92/100

Querlo Chatbot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The static analysis of the querlo-chatbots v1.2.8 plugin reveals a strong focus on secure coding practices, particularly concerning the handling of SQL queries, which are exclusively performed using prepared statements. The absence of file operations, external HTTP requests, and any recorded vulnerabilities in its history further contribute to a seemingly positive security posture. However, a significant concern arises from the code signals related to output escaping. With 47% of outputs not properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities being present. Furthermore, the complete lack of nonce checks and capability checks on identified entry points, although the attack surface itself is currently reported as zero, suggests a potential weakness if any entry points were to be introduced or become accessible in the future. The plugin's vulnerability history is clean, which is a positive indicator, but the static analysis findings regarding output escaping necessitate caution.

Key Concerns

Output escaping is not properly implemented (47% unescaped)
No nonce checks present
No capability checks present

Vulnerabilities

None known

Querlo Chatbot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Querlo Chatbot Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

47% escaped17 total outputs

Attack Surface

Querlo Chatbot Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_menuadmin\Querlo_Admin.php:23

actionadmin_initadmin\Querlo_Admin.php:24

actionwp_footerpublic-site\Querlo_PublicSite.php:37

Maintenance & Trust

Querlo Chatbot Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedAug 16, 2024

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings5

Active installs10

Alternatives

Querlo Chatbot Alternatives

LoryBot | Advanced AI Chatbot

lorybot-ai-chatbot

LoryBot is a AI Chatbot for WordPress

10 No CVEs

Chaport — Live Chat & Chatbots

chaport

Modern live chat plugin for WordPress. Powerful features: multi-channel, chatbots, customization, etc. Free plan. Unlimited chats & websites.

2K 1 CVE

HelpCrunch – Live Chat, Chatbot & Knowledge Base for Customer Service

helpcrunch-live-chat

100

The one-stop platform for even stronger customer relations. Bolster your customer support with its live chat, chatbot, and knowledge base software.

2K No CVEs

ProProfs Chat- Live Chat & Chatbot Plugin

proprofs-chat

ProProfs Chat is a SaaS-based live chat software that helps businesses of all sizes communicate with their website visitors and customers in real-time …

100 No CVEs

Missive Live Chat for WordPress

missive-live-chat

Live chat is often the best way to solve time-sensitive technical issues or to answer sales related questions. In today’s world, failing to give speed …

30 No CVEs

Developer Profile

Querlo Chatbot Developer Profile

lry8p

1 plugin · 10 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Querlo Chatbot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

data-iddata-pos-xdata-pos-ydata-newdata-intro-txtdata-speaker-img+7 more

Shortcode Output

<div data-id<div data-pos-x<div data-pos-y<div data-new

FAQ