WordPress & WooCommerce
WordPress integration overview
Glozr ships a first-party WordPress and WooCommerce companion plugin that streams the chat widget across every public page, syncs site content as a knowledge source, and unlocks commerce-aware flows like order lookup, coupon emission, lead capture, and abandoned cart engagement.
What the plugin does
The plugin pairs your WordPress install with a Glozr workspace and handles both the embed surface and the data plumbing:
- Widget injection. Asynchronous script tag rendered in every public page footer, RTL-aware with automatic mirroring for Arabic, Hebrew, Persian and Urdu locales.
- Content sync. Posts, pages, custom post types and WooCommerce products are pushed to the Glozr source attached to your agent. Bulk and delta modes both supported, with resumable batches for shared hosting.
- Page-builder rendering. Pages built with Elementor, Divi, Beaver Builder, Oxygen or Bricks are rendered through each builder's native API so the synced content matches what visitors actually see.
- WooCommerce deep integration. Logged-in shopper context with signed credentials, HMAC-signed order lookup, coupon emission and apply, lead mirroring to WP customers/subscribers, and abandoned cart re-engagement.
- Hash-based skip. Each post and product carries a content hash so unchanged items skip the embedding pipeline and avoid burning quota on no-op syncs.
Compatibility
| Component | Supported range |
|---|---|
| WordPress | 6.4 → 6.6 |
| PHP | 7.4 → 8.4 |
| WooCommerce | 8.0 → 9.x (optional) |
| Page builders | Elementor, Divi, Beaver Builder, Oxygen, Bricks |
Multisite installations are supported on a per-site activation basis. RTL locales (Arabic, Hebrew, Persian, Urdu) are detected and the widget mirrors automatically.
Security model
Authentication is dual-credentialed so both directions of the channel can be verified:
- Plugin → Glozr. Bearer token (SHA-256 hashed at rest on the Glozr side) with the
wp:integrationability. - Glozr → Plugin. HMAC-SHA256 signatures derived from a per-token
shopper_signing_secretstored only inwp_optionson the WordPress install. - Replay protection. A 5-minute timestamp window is enforced on every signed request, with constant-time comparison on both ends.
Note. The HTTP header used for signature exchange is X-Pitchbar-Signature. This is a wire-level identifier shared with the plugin's internal REST namespace and stays unchanged regardless of brand surface.
Current release
The current release adds Simplified Chinese language support and bundled in-plugin documentation. Recent maintenance work focused on page-builder rendering, resumable sync across PHP execution boundaries, coupon staging on cart load, and RTL layout mirroring.
For step-by-step setup, jump to Install & connect.