Does Chatbot with ChatGPT WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in Chatbot with ChatGPT WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Chatbot with ChatGPT WordPress compatible with WordPress 6.9.4?

According to WordPress.org data, Chatbot with ChatGPT WordPress 2.7.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Chatbot with ChatGPT WordPress compatible with PHP 7.4+?

Chatbot with ChatGPT WordPress requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Chatbot with ChatGPT WordPress updated?

Chatbot with ChatGPT WordPress was last updated on Mar 11, 2026. Frequent updates are generally a positive security signal.

What is Chatbot with ChatGPT WordPress's security score?

Chatbot with ChatGPT WordPress has a WP-Safety security score of 94/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Chatbot with ChatGPT WordPress Security Review

Safety Verdict

Is Chatbot with ChatGPT WordPress Safe to Use in 2026?

Generally Safe

Score 94/100

Chatbot with ChatGPT WordPress has a strong security track record. Known vulnerabilities have been patched promptly.

4 known CVEsLast CVE: Sep 4, 2024Updated 23d ago

Risk Assessment

The plugin 'smartsearchwp' v2.7.0 exhibits a mixed security posture. While it demonstrates strong practices in output escaping and prepared statement usage for SQL queries, significant concerns arise from its attack surface and historical vulnerability patterns. The presence of 6 unprotected entry points, particularly within the REST API routes, presents a substantial risk for unauthorized access or malicious actions. The plugin's history of 4 known CVEs, including critical and high-severity issues related to missing authorization, cross-site scripting, and SQL injection, is a major red flag, even with no currently unpatched vulnerabilities. This history suggests a recurring tendency to introduce vulnerabilities, which could reappear in future updates or remain undiscovered. The taint analysis, while showing no critical or high severity flows, did identify 5 flows with unsanitized paths, which warrants further investigation. Overall, while some technical safeguards are in place, the unprotected entry points and historical vulnerability patterns indicate a need for heightened vigilance and potentially more robust security development practices.

Key Concerns

REST API routes without permission callbacks
AJAX handlers without auth checks
Total known CVEs (1 critical, 1 high)
Flows with unsanitized paths
Bundled libraries: dompdf

Vulnerabilities

4

Chatbot with ChatGPT WordPress Security Vulnerabilities

CVEs by Year

4 CVEs in 2024

2024

Patched Has unpatched

Severity Breakdown

Critical

1

High

1

Medium

2

4 total CVEs

CVE-2024-6845medium · 5.8Missing Authorization

Chatbot with ChatGPT <= 2.4.5 - Missing Authorization to Unauthenticated OpenAI API Key Exposure

Sep 4, 2024 Patched in 2.4.6 (31d)

CVE-2024-6846medium · 5.3Missing Authorization

Chatbot with ChatGPT <= 2.4.4 - Missing Authorization

Aug 14, 2024 Patched in 2.4.5 (30d)

CVE-2024-6843high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Chatbot with ChatGPT <= 2.4.4 - Unauthenticated Stored Cross-Site Scripting

Jul 29, 2024 Patched in 2.4.5 (4d)

CVE-2024-6847critical · 10Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Chatbot with ChatGPT <= 2.4.4 - Unauthenticated SQL Injection

Jul 29, 2024 Patched in 2.4.5 (4d)

Code Analysis

Analyzed Mar 16, 2026

Chatbot with ChatGPT WordPress Code Analysis

Dangerous Functions

0

Raw SQL Queries

8

26 prepared

Unescaped Output

3

304 escaped

Nonce Checks

22

Capability Checks

1

File Operations

9

External Requests

7

Bundled Libraries

1

Bundled Libraries

dompdf

SQL Query Safety

76% prepared34 total queries

Output Escaping

99% escaped307 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

20 flows5 with unsanitized paths

wdgpt_install_addon (includes\wdgpt-api-requests.php:1005)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

Chatbot with ChatGPT WordPress Attack Surface

Entry Points17

Unprotected6

AJAX Handlers 8

authwp_ajax_wdgpt_get_free_licenseincludes\wdgpt-api-requests.php:910

authwp_ajax_wdgpt_verify_licenseincludes\wdgpt-api-requests.php:972

authwp_ajax_wdgpt_install_addonincludes\wdgpt-api-requests.php:998

authwp_ajax_wdgpt_update_addonincludes\wdgpt-api-requests.php:1050

authwp_ajax_wdgpt_uninstall_addonincludes\wdgpt-api-requests.php:1084

authwp_ajax_wdgpt_activate_addonincludes\wdgpt-api-requests.php:1105

authwp_ajax_wdgpt_deactivate_addonincludes\wdgpt-api-requests.php:1126

authwp_ajax_wdgpt_validate_openai_keyincludes\wdgpt-api-requests.php:1147

REST API Routes 9

POST/wp-json/wdgpt/v1toggle-summaryincludes\wdgpt-api-requests.php:17

POST/wp-json/wdgpt/v1purge-error-logsincludes\wdgpt-api-requests.php:32

POST/wp-json/wdgpt/v1purge-chat-logsincludes\wdgpt-api-requests.php:47

GET/wp-json/wdgpt/v1export-chat-logs-txtincludes\wdgpt-api-requests.php:62

GET/wp-json/wdgpt/v1retrieve-content/(?P<post_id>\d+)includes\wdgpt-api-requests.php:77

POST/wp-json/wdgpt/v1save-embeddingsincludes\wdgpt-api-requests.php:92

GET/wp-json/wdgpt/v1temperatureincludes\wdgpt-api-requests.php:107

POST/wp-json/wdgpt/v1retrieve-promptincludes\wdgpt-api-requests.php:122

POST/wp-json/wdgpt/v1update-databaseincludes\wdgpt-api-requests.php:137

WordPress Hooks 26

actionwp_enqueue_scriptsclass-wdgpt-chatbot-initializer.php:75

actionadmin_enqueue_scriptsclass-wdgpt-chatbot-initializer.php:76

actionadmin_menuclass-wdgpt-chatbot-initializer.php:77

actionwp_footerclass-wdgpt-chatbot-initializer.php:78

actionplugins_loadedclass-wdgpt-chatbot-initializer.php:80

actioninitclass-wdgpt-chatbot-initializer.php:164

actionadmin_initincludes\addons\wdgpt-addons-init.php:12

actionadmin_initincludes\config\wdgpt-config-settings-init.php:12

actionwdgpt_reporting_cron_hookincludes\crons\wdgpt-cron-jobs.php:14

filterwp_mail_fromincludes\crons\wdgpt-cron-jobs.php:161

filterwp_mail_from_nameincludes\crons\wdgpt-cron-jobs.php:167

actionadmin_initincludes\logs\wdgpt-config-error-logs.php:17

filterposts_whereincludes\summaries\class-wdgpt-summaries-table.php:528

filterposts_whereincludes\summaries\class-wdgpt-summaries-table.php:549

actionrest_api_initincludes\wdgpt-api-requests.php:14

actionrest_api_initincludes\wdgpt-api-requests.php:29

actionrest_api_initincludes\wdgpt-api-requests.php:44

actionrest_api_initincludes\wdgpt-api-requests.php:59

actionrest_api_initincludes\wdgpt-api-requests.php:74

actionrest_api_initincludes\wdgpt-api-requests.php:89

actionrest_api_initincludes\wdgpt-api-requests.php:104

actionrest_api_initincludes\wdgpt-api-requests.php:119

actionrest_api_initincludes\wdgpt-api-requests.php:134

actionpost_edit_form_tagincludes\wdgpt-config.php:594

actioninitwdgpt.php:57

actionadmin_noticeswdgpt.php:88

Maintenance & Trust

Chatbot with ChatGPT WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 11, 2026

PHP min version7.4

Downloads8K

Community Trust

Rating74/100

Number of ratings6

Active installs100

Alternatives

Chatbot with ChatGPT WordPress Alternatives

MxChat – AI Chatbot & Content Generation for WordPress

mxchat-basic

A

98

The best free AI chatbot and content generation plugin for WordPress. Train ChatGPT, Claude, Gemini, or Grok on your website content.

1K 2 CVEs

SaffireTech Bulk Edit Upsells and Cross-Sells for WooCommerce

bulk-edit-upsells-and-cross-sells-for-woocommerce

A

100

Bulk Edit Upsells and Cross-sells plugin allows you to boost sales by enabling bulk edit of WooCommerce Linked products and AI Product Recommendations

200 No CVEs

Instant Checkout via ACP Agentic Commerce for WooCommerce

instant-checkout-via-acp-agentic-commerce-for-woocommerce

A

100

Enable "Buy in ChatGPT" for WooCommerce. Let customers buy products directly through ChatGPT conversations using OpenAI's Agentic Comme …

20 No CVEs

WPiko AI Chatbot – ChatGPT/OpenAI Assistant for WordPress

wpiko-chatbot

A

100

AI chatbot for WordPress with ChatGPT/OpenAI. WooCommerce, lead capture, and 24/7 support. Powered by Responses API. No monthly subscription.

10 No CVEs

AI Checkout for WooCommerce

ai-checkout-for-woocommerce

A

100

Enable ChatGPT Instant Checkout for your WooCommerce store using OpenAI Agentic Commerce Protocol.

0 No CVEs

Developer Profile

Chatbot with ChatGPT WordPress Developer Profile

webdigit

4 plugins · 100 total installs

93

trust score

Avg Security Score

99/100

Avg Patch Time

17 days

View full developer profile

Detection Fingerprints

How We Detect Chatbot with ChatGPT WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/smartsearchwp/build/index.css/wp-content/plugins/smartsearchwp/build/index.js/wp-content/plugins/smartsearchwp/assets/css/style.css/wp-content/plugins/smartsearchwp/assets/js/frontend.js/wp-content/plugins/smartsearchwp/assets/js/backend.js/wp-content/plugins/smartsearchwp/assets/js/admin.js

Script Paths

/wp-content/plugins/smartsearchwp/build/index.js/wp-content/plugins/smartsearchwp/assets/js/frontend.js/wp-content/plugins/smartsearchwp/assets/js/backend.js/wp-content/plugins/smartsearchwp/assets/js/admin.js

Version Parameters

smartsearchwp/build/index.css?ver=smartsearchwp/build/index.js?ver=smartsearchwp/assets/css/style.css?ver=smartsearchwp/assets/js/frontend.js?ver=smartsearchwp/assets/js/backend.js?ver=smartsearchwp/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wdgpt-chatbotwdgpt-chat-iconwdgpt-chat-boxwdgpt-messagewdgpt-user-messagewdgpt-bot-messagewdgpt-input-areawdgpt-send-button+3 more

HTML Comments

+2 more

Data Attributes

data-wdgpt-optionsdata-wdgpt-api-keydata-wdgpt-modeldata-wdgpt-name

JS Globals

wdgpt_paramsWDGPT_CHATBOT_VERSIONWDGPT_DEBUG_MODE

REST Endpoints

/wp-json/wdgpt/v1/chat/wp-json/wdgpt/v1/settings/wp-json/wdgpt/v1/history

Shortcode Output

[wdgpt_chatbot][wdgpt_chat][wdgpt_search_bar][wdgpt_chat_icon]

FAQ

Chatbot with ChatGPT WordPress Security & Risk Analysis

Is Chatbot with ChatGPT WordPress Safe to Use in 2026?

Generally Safe

Key Concerns

Chatbot with ChatGPT WordPress Security Vulnerabilities

CVEs by Year

Severity Breakdown

Chatbot with ChatGPT WordPress Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Chatbot with ChatGPT WordPress Attack Surface

AJAX Handlers 8

REST API Routes 9

Chatbot with ChatGPT WordPress Maintenance & Trust

Maintenance Signals

Community Trust

Chatbot with ChatGPT WordPress Alternatives

MxChat – AI Chatbot & Content Generation for WordPress

SaffireTech Bulk Edit Upsells and Cross-Sells for WooCommerce

Instant Checkout via ACP Agentic Commerce for WooCommerce

WPiko AI Chatbot – ChatGPT/OpenAI Assistant for WordPress

AI Checkout for WooCommerce

Chatbot with ChatGPT WordPress Developer Profile

How We Detect Chatbot with ChatGPT WordPress

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Chatbot with ChatGPT WordPress