WP-Safety

ReplyPilot AI – Real-Time AI Chatbot Assistant Security & Risk Analysis

wordpress.org/plugins/replypilot-ai

AI-powered plugin that auto-generates human-like replies to user comments and provides a real-time chatbot on your website.

0 active installs v2.0.2 PHP 7.4+ WP 5.0+ Updated Dec 2, 2025
ai-assistantai-chatbotchatbotlive-chatreal-time-chatbot
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ReplyPilot AI – Real-Time AI Chatbot Assistant Safe to Use in 2026?

Generally Safe

Score 100/100

ReplyPilot AI – Real-Time AI Chatbot Assistant has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The plugin "replypilot-ai" v2.0.2 exhibits a generally good security posture, with strong adherence to many best practices. The high percentage of SQL queries using prepared statements (77%) and properly escaped outputs (99%) are significant strengths. The absence of any recorded vulnerabilities or CVEs in its history further suggests a development team that prioritizes security.

However, there are specific areas that present a moderate risk. The presence of 13 AJAX handlers, with 2 of them lacking authentication checks, is a notable concern. This creates direct entry points into the application that could be exploited by unauthenticated users. While no critical or high-severity taint flows were identified, indicating that data is generally handled safely once inside the application, the unprotected AJAX endpoints could potentially lead to the exposure or manipulation of data if not properly secured.

In conclusion, "replypilot-ai" v2.0.2 demonstrates a solid foundation in secure coding practices, particularly regarding data handling and output. The primary weakness lies in the unprotected AJAX endpoints, which represent a tangible attack vector. Addressing these unprotected handlers should be the immediate priority to elevate the plugin's security to a higher level.

Key Concerns

  • Unprotected AJAX handlers found
Vulnerabilities
None known

ReplyPilot AI – Real-Time AI Chatbot Assistant Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

ReplyPilot AI – Real-Time AI Chatbot Assistant Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
10 prepared
Unescaped Output
1
189 escaped
Nonce Checks
13
Capability Checks
3
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

77% prepared13 total queries

Output Escaping

99% escaped190 total outputs
Data Flows
All sanitized

Data Flow Analysis

9 flows
replypilot_ai_process_rp_autoreply_form (admin.php:33)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

ReplyPilot AI – Real-Time AI Chatbot Assistant Attack Surface

Entry Points13
Unprotected2

AJAX Handlers 13

authwp_ajax_generate_nonceai-chatbot.php:7
noprivwp_ajax_generate_nonceai-chatbot.php:8
authwp_ajax_replypilot_chatbot_save_user_dataai-chatbot.php:129
noprivwp_ajax_replypilot_chatbot_save_user_dataai-chatbot.php:130
authwp_ajax_replypilot_ai_chatbot_requestai-chatbot.php:305
noprivwp_ajax_replypilot_ai_chatbot_requestai-chatbot.php:306
authwp_ajax_replypilot_chatbot_end_conversationai-chatbot.php:328
noprivwp_ajax_replypilot_chatbot_end_conversationai-chatbot.php:329
authwp_ajax_replypilot_reload_contact_listai-chatbot.php:504
authwp_ajax_replypilot_get_chatbot_messagesai-chatbot.php:561
noprivwp_ajax_replypilot_get_chatbot_messagesai-chatbot.php:562
authwp_ajax_replypilot_admin_send_messageai-chatbot.php:588
authwp_ajax_replypilot_delete_conversationsai-chatbot.php:633
WordPress Hooks 19
actionadmin_menuadmin.php:5
actionadmin_initadmin.php:31
actionwp_footerai-chatbot.php:74
actionwp_enqueue_scriptsai-chatbot.php:361
actionadmin_enqueue_scriptsai-chatbot.php:363
actioncomment_postautoreply-comments.php:9
filtercomment_row_actionscustom-handle-ai-reply.php:16
actionadmin_initcustom-handle-ai-reply.php:76
filterbulk_actions-edit-commentscustom-handle-ai-reply.php:84
filterhandle_bulk_actions-edit-commentscustom-handle-ai-reply.php:149
actionadmin_noticescustom-handle-ai-reply.php:174
actionasgarosforum_after_add_post_submitforum-functions\Asgaros-Forum.php:54
actionbbp_new_replyforum-functions\bbpress-auto-reply.php:44
actionbp_activity_comment_postedforum-functions\buddypress-auto-reply.php:46
actionfmwp_reply_create_completedforum-functions\ForumWP.php:8
actionwpforo_after_add_postforum-functions\wpForo-Forum.php:51
actionadmin_enqueue_scriptsincludes\functions.php:29
actionadmin_enqueue_scriptsincludes\functions.php:53
actioninitincludes\functions.php:111
Maintenance & Trust

ReplyPilot AI – Real-Time AI Chatbot Assistant Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 2, 2025
PHP min version7.4
Downloads876

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

ReplyPilot AI – Real-Time AI Chatbot Assistant Alternatives

AI Chatbot for WordPress by Customerly

AI Chatbot for WordPress by Customerly

customerly

A
85

AI Chatbot to support customers, create engaging messages and send automated emails.

400 No CVEs
Gapify AI Customer Communication

Gapify AI Customer Communication

gapify-ai-customer-communication

A
100

AI-powered customer support and chat widget. Automate responses, increase sales, and provide 24/7 customer service with Gapify's intelligent chatbot.

20 No CVEs
Lime Connect (formerly Userlike) – WordPress Live Chat plugin

Lime Connect (formerly Userlike) – WordPress Live Chat plugin

userlike

A
100

Free live chat plugin to chat with the visitors of your website. Integrate a beautiful and fully customizable chat box. Hosted in Europe.

1K 1 CVE
Live Chat & AI Chatbots – onWebChat

Live Chat & AI Chatbots – onWebChat

onwebchat

A
99

Enhance customer service with instant 24/7 AI-powered replies. Now with WooCommerce integration, so your chatbot understands your products and helps c …

800 1 CVE
Social Intents – Live Chat

Social Intents – Live Chat

live-chat-support-by-social-intents

B
78

AI Chatbot & Live Chat plugin for WordPress. Chat with visitors using ChatGPT, Claude, Gemini, Slack, Teams, and Google Chat.

400 1 unpatched
Developer Profile

ReplyPilot AI – Real-Time AI Chatbot Assistant Developer Profile

TechBeeps Services

5 plugins · 80 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ReplyPilot AI – Real-Time AI Chatbot Assistant

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/replypilot-ai/assets/logo.png/wp-content/plugins/replypilot-ai/assets/chat.png

HTML / DOM Fingerprints

CSS Classes
replypilot-chatbot-containerreplypilot-clearchat-dialogboxreplypilot-dialogbox-btnreplypilot-chatbot-headerreplypilot-chatbot-avatarrp-logoheader-btnreplypilot-chatbot-minimize+18 more
HTML Comments
<!-- User Data Form (hidden by default) -->
Data Attributes
id="replypilot-chatbot-container"class="closed"id="replypilot-clearchat-dialogbox"class="replypilot-dialogbox-btn"id="replypilot-cancel-chat"id="replypilot-confirm-chat"+25 more
JS Globals
replypilot_ai_chatbot_nonce
REST Endpoints
/wp-json/replypilot-ai/v1/generate-reply/wp-json/replypilot-ai/v1/get-chat-history/wp-json/replypilot-ai/v1/save-chat-message
FAQ

Frequently Asked Questions about ReplyPilot AI – Real-Time AI Chatbot Assistant