Does Quriobot have any unpatched vulnerabilities?

No. All known vulnerabilities in Quriobot have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Quriobot compatible with WordPress 6.7.5?

According to WordPress.org data, Quriobot 2.9.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Quriobot compatible with PHP 5.3+?

Quriobot requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Quriobot updated?

Quriobot was last updated on Oct 28, 2024. Frequent updates are generally a positive security signal.

What is Quriobot's security score?

Quriobot has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Quriobot Security & Risk Analysis

wordpress.org/plugins/quriobot

Increase conversion with an easy to use chatbot.

300 active installs v2.9.1 PHP 5.3+ WP 4.6+ Updated Oct 28, 2024

chatbotsquriobotsupportsurveys

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Quriobot Safe to Use in 2026?

Generally Safe

Score 92/100

Quriobot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The Quriobot plugin v2.9.1 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code analysis reveals no dangerous functions, file operations, or external HTTP requests. The use of prepared statements for all SQL queries is a positive indicator of secure database interaction.

However, a notable concern arises from the output escaping. With 12 total outputs and only 50% properly escaped, there's a significant risk of Cross-Site Scripting (XSS) vulnerabilities. This means that potentially malicious scripts could be injected and executed if user-supplied data is not adequately sanitized before being displayed. The complete lack of nonce and capability checks, while potentially justifiable given the limited attack surface, means that if any new entry points were inadvertently introduced, they might lack essential authorization and authentication mechanisms.

The plugin's vulnerability history is exceptionally clean, with zero recorded CVEs. This suggests a history of responsible development and security practices, or at least a lack of publicly disclosed vulnerabilities. In conclusion, while the plugin benefits from a minimal attack surface and a clean vulnerability history, the significant percentage of unescaped output represents a tangible and important security risk that warrants attention.

Key Concerns

Unescaped output detected
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Quriobot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Quriobot Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped12 total outputs

Attack Surface

Quriobot Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionadmin_menuincludes\class-quriobot.php:29

actionwp_headincludes\class-quriobot.php:131

actionamp_print_analyticsincludes\class-quriobot.php:132

actionwp_headincludes\class-quriobot.php:158

actionadmin_enqueue_scriptsincludes\class-quriobot.php:165

actionplugins_loadedquriobot.php:18

actionadmin_initquriobot.php:56

Maintenance & Trust

Quriobot Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedOct 28, 2024

PHP min version5.3

Downloads21K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

Quriobot Alternatives

Lime Connect (formerly Userlike) – WordPress Live Chat plugin

userlike

100

Free live chat plugin to chat with the visitors of your website. Integrate a beautiful and fully customizable chat box. Hosted in Europe.

1K 1 CVE

Highleads

highleads

100

Automatically embed the Highleads chatbot on your WordPress site for enhanced lead generation and customer support.

0 No CVEs

UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds

userfeedback-lite

Ultimate user feedback plugin to ask questions, surveys, polls, from your website in seconds

200K 7 CVEs

bbPress

bbpress

bbPress is forum software for WordPress.

100K 6 CVEs

Crowdsignal Forms

crowdsignal-forms

The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.

100K 1 CVE

Developer Profile

Quriobot Developer Profile

Quriobot

1 plugin · 300 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quriobot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/quriobot/css/quriobot-admin-style.css/wp-content/plugins/quriobot/js/quriobot-admin.js/wp-content/plugins/quriobot/js/quriobot-frontend.js

Script Paths

https://api.botsrv2.com/0.0.1/frontend/bots/

Version Parameters

quriobot/css/quriobot-admin-style.css?ver=quriobot/js/quriobot-admin.js?ver=quriobot/js/quriobot-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

quriobot_form_wrapperquriobot_bot_window

HTML Comments

Data Attributes

data-quriobot-pathdata-quriobot-init

JS Globals

window.qbOptions

FAQ