Does weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot have any unpatched vulnerabilities?

No. All known vulnerabilities in weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot compatible with WordPress 6.9.4?

According to WordPress.org data, weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot 2.1.18 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Security & Risk Analysis

wordpress.org/plugins/wedocs

Build AI-powered documentation hub with knowledge base, docs, wiki tools and chatbot support with weDocs, built by weDevs with 13 years of innovation.

4K active installs v2.1.18 PHP 7.4+ WP 5.6+ Updated Mar 13, 2026

ai-powered-knowledge-basedocsdocumentationknowledge-basewiki

A · Safe

CVEs total5

Unpatched0

Last CVEJan 22, 2026

Plugin page Download

Safety Verdict

Is weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Safe to Use in 2026?

Generally Safe

Score 95/100

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot has a strong security track record. Known vulnerabilities have been patched promptly.

5 known CVEsLast CVE: Jan 22, 2026Updated 21d ago

Risk Assessment

The plugin "wedocs" v2.1.18 exhibits a mixed security posture. On the positive side, all SQL queries are properly prepared, there are no file operations, and no critical or high severity taint flows were identified. The plugin also demonstrates a good understanding of nonces and capability checks, with a substantial number implemented.

However, significant concerns arise from the attack surface analysis. Three out of thirteen entry points, specifically AJAX handlers, lack authentication checks. This presents a direct avenue for unauthorized access and potential exploitation. While the current static analysis did not reveal unsanitized paths in taint flows, the presence of unauthenticated AJAX endpoints significantly increases the risk of such issues being present or discoverable.

The vulnerability history, with five known medium severity CVEs, predominantly related to improper authorization and information exposure, further reinforces the concerns around access control. The fact that the last vulnerability was recorded in 2026 suggests that while these issues may have been addressed, the plugin has a track record of authorization-related flaws. The current absence of unpatched vulnerabilities is a positive sign, but the historical pattern warrants vigilance.

Key Concerns

Unauthenticated AJAX handlers detected
Significant number of medium severity CVEs historically
Moderate percentage of unescaped outputs

Vulnerabilities

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

1 CVE in 2024

2024

1 CVE in 2025

2025

2 CVEs in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

5 total CVEs

CVE-2025-13921medium · 4.3Missing Authorization

weDocs <= 2.1.16 - Missing Authorization to Authenticated (Subscriber+) Documentation Post Update

Jan 22, 2026 Patched in 2.1.17 (2d)

CVE-2025-14574medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.1.15 - Unauthenticated Sensitive Information Exposure

Jan 8, 2026 Patched in 2.1.16 (1d)

CVE-2025-12505medium · 5.4Improper Authorization

weDocs <= 2.1.14 - Missing Authorization to Settings Update

Dec 5, 2025 Patched in 2.1.15 (1d)

CVE-2024-34442medium · 5.3Missing Authorization

weDocs <= 2.1.4 - Missing Authorization

May 7, 2024 Patched in 2.1.5 (9d)

WF-84003388-c47c-41db-8d2d-4643aa375a89-wedocsmedium · 4.3Missing Authorization

Appsero <= 1.2.1 - Missing Authorization

Dec 16, 2022 Patched in 1.7.6 (699d)

Code Analysis

Analyzed Mar 16, 2026

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

85 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared8 total queries

Output Escaping

58% escaped146 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

dismiss_promotional_offer (includes\Admin\Promotion.php:165)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Attack Surface

Entry Points13

Unprotected3

AJAX Handlers 12

authwp_ajax_wedocs_dismiss_promotional_offer_noticeincludes\Admin\Promotion.php:14

authwp_ajax_wedocs_get_docsincludes\Ajax.php:17

noprivwp_ajax_wedocs_get_docsincludes\Ajax.php:18

authwp_ajax_wedocs_ratedincludes\Ajax.php:21

authwp_ajax_wedocs_ajax_feedbackincludes\Ajax.php:24

noprivwp_ajax_wedocs_ajax_feedbackincludes\Ajax.php:25

authwp_ajax_wedocs_contact_feedbackincludes\Ajax.php:28

noprivwp_ajax_wedocs_contact_feedbackincludes\Ajax.php:29

authwp_ajax_hide_wedocs_beta_noticeincludes\Ajax.php:32

authwp_ajax_wedocs_check_need_betterdocs_migrationincludes\Ajax.php:35

authwp_ajax_wedocs_migrate_betterdocs_to_wedocsincludes\Ajax.php:36

authwp_ajax_hide_wedocs_pro_noticeincludes\Ajax.php:39

Shortcodes 1

[wedocs] includes\Shortcode.php:14

WordPress Hooks 59

filterparent_fileincludes\Admin\Admin.php:16

filtersubmenu_fileincludes\Admin\Admin.php:17

filteradmin_footer_textincludes\Admin\Admin.php:18

filtermanage_docs_posts_columnsincludes\Admin\Docs_List_Table.php:14

actionmanage_docs_posts_custom_columnincludes\Admin\Docs_List_Table.php:15

filtermanage_edit-docs_sortable_columnsincludes\Admin\Docs_List_Table.php:16

actionload-edit.phpincludes\Admin\Docs_List_Table.php:18

actionload-post.phpincludes\Admin\Docs_List_Table.php:19

actionadmin_print_styles-post.phpincludes\Admin\Docs_List_Table.php:22

actionadmin_print_styles-edit.phpincludes\Admin\Docs_List_Table.php:23

filterrequestincludes\Admin\Docs_List_Table.php:92

actionadmin_menuincludes\Admin\Menu.php:31

actionadmin_menuincludes\Admin\Menu.php:32

actionadmin_headincludes\Admin\Menu.php:33

actionbefore_delete_postincludes\Admin\Migrate.php:43

actioncreate_termincludes\Admin\Migrate.php:44

actionadmin_noticesincludes\Admin\Promotion.php:15

actionadmin_initincludes\Admin.php:20

actionload-edit.phpincludes\Admin.php:23

filterplugins_api_resultincludes\Admin.php:28

actionrest_api_initincludes\API.php:14

filterrest_prepare_docsincludes\API.php:16

filterrest_prepare_docsincludes\API.php:17

filterrest_prepare_docsincludes\API.php:18

filterrest_delete_docsincludes\API.php:19

actionswitch_themeincludes\Appsero\Insights.php:140

actionswitch_themeincludes\Appsero\Insights.php:141

actionadmin_footerincludes\Appsero\Insights.php:158

actionadmin_noticesincludes\Appsero\Insights.php:175

actionadmin_initincludes\Appsero\Insights.php:178

filtercron_schedulesincludes\Appsero\Insights.php:184

actionadmin_menuincludes\Appsero\License.php:219

actionafter_switch_themeincludes\Appsero\License.php:781

actionswitch_themeincludes\Appsero\License.php:782

actioninitincludes\Assets.php:14

actioninitincludes\Assets.php:15

actionadmin_enqueue_scriptsincludes\Assets.php:16

filteruser_has_capincludes\Capability.php:13

actionpre_get_postsincludes\Frontend.php:32

actionwp_enqueue_scriptsincludes\Frontend.php:35

actionwp_enqueue_scriptsincludes\Frontend.php:36

filtertemplate_includeincludes\Frontend.php:39

filterwedocs_translate_textincludes\functions.php:295

actionwedocs_before_main_contentincludes\functions.php:467

actionwedocs_after_main_contentincludes\functions.php:468

filterpage_css_classincludes\functions.php:497

actioninitincludes\Post_Types.php:21

actioninitincludes\Post_Types.php:22

filterastra_page_layoutincludes\Theme\Astra.php:14

actionwedocs_before_main_contentincludes\Theme\Twenty_Fifteen.php:19

actionwedocs_after_main_contentincludes\Theme\Twenty_Fifteen.php:20

filterbody_classincludes\Theme\Twenty_Seventeen.php:14

actionwedocs_before_main_contentincludes\Theme\Twenty_Seventeen.php:21

actionwedocs_after_main_contentincludes\Theme\Twenty_Seventeen.php:22

actionwedocs_upgrader_runnerincludes\Upgrader\Upgrader.php:22

actionafter_setup_themewedocs.php:110

actioninitwedocs.php:171

actioninitwedocs.php:172

actionwidgets_initwedocs.php:175

Maintenance & Trust

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 13, 2026

PHP min version7.4

Downloads178K

Community Trust

Rating92/100

Number of ratings68

Active installs4K

Alternatives

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Alternatives

Knowledge Base documentation & wiki plugin – BasePress Docs

basepress

Easily create & manage documentation. Reduce support tickets & scale your customer support workload. This simple plugin works with any theme.

2K 4 CVEs

Smart Docs

smart-docs

Knowledge Base & Documentation Plugin for WordPress.

70 1 unpatched

WPHelpKit

wphelpkit

Create a fully featured Help Center site (Knowledge Base, Documentation, Wiki, FAQs) with WordPress.

0 No CVEs

BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

betterdocs

A full-featured documentation plugin including AI writing assistance to create knowledge bases, docs, FAQs, wikis, and more with easy drag & drop UI.

40K 7 CVEs

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder

eazydocs

Build professional knowledge bases with unlimited docs, drag-and-drop editor, live search, and SEO optimization.

2K 9 CVEs

Developer Profile

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot Developer Profile

weDevs

20 plugins · 113K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

366 days

View full developer profile

Detection Fingerprints

How We Detect weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wedocs/assets/css/frontend.css/wp-content/plugins/wedocs/assets/css/style.css/wp-content/plugins/wedocs/assets/js/frontend.js

Script Paths

/wp-content/plugins/wedocs/assets/js/frontend.js

Version Parameters

wedocs/assets/css/frontend.css?ver=wedocs/assets/css/style.css?ver=wedocs/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wedocs-containerwedocs-contentwedocs-single-docwedocs-breadcrumbwedocs-titlewedocs-content-wrapwedocs-navigationwedocs-primary-navigation+3 more

HTML Comments

+4 more

Data Attributes

data-wedocs-iddata-wedocs-parent-iddata-wedocs-slug

JS Globals

window.wedocs_frontend_params

REST Endpoints

/wp-json/wedocs/v1/docs

Shortcode Output

[wedocs][wedocs_list_articles][wedocs_search][wedocs_breadcrumb]

FAQ