Does AddSearch have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is AddSearch compatible with WordPress 6.6.5?

According to WordPress.org data, AddSearch 2.2.4 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is AddSearch updated?

AddSearch was last updated on Nov 4, 2024. Frequent updates are generally a positive security signal.

What is AddSearch's security score?

AddSearch has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AddSearch Security & Risk Analysis

wordpress.org/plugins/addsearch-instant-search

Instant search for your WordPress site. Search as you type, synonyms, typo fix, content promotions, analytics and other advanced search features.

100 active installs v2.2.4 PHP + WP 3.9+ Updated Nov 4, 2024

category-searchinstant-searchpage-searchsearchsite-search

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AddSearch Safe to Use in 2026?

Generally Safe

Score 92/100

AddSearch has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The addsearch-instant-search v2.2.4 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any known CVEs, critical taint flows, raw SQL queries, and the presence of capability checks are positive indicators. The plugin also adheres to good practices by not making external HTTP requests and having no file operations, further reducing its attack surface. However, a key area for concern is the output escaping, where only 69% of outputs are properly escaped. This leaves potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is outputted without sufficient sanitization. Additionally, the complete lack of nonce checks across all entry points, while not directly flagged as a risk due to the absence of AJAX or REST API routes without auth, represents a missed opportunity for enhancing security and could become a concern if the plugin's architecture evolves to include more dynamic interactions.

Key Concerns

Partial output escaping
No nonce checks on entry points

Vulnerabilities

None known

AddSearch Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

AddSearch Release Timeline

v2.2.4Current

v2.2.3

v2.2.1

v2.2.0

v2.1.1

v2.1.0

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.2.10

v1.2.9

v1.2.8

v1.2.7

v1.2.6

v1.2.5

Code Analysis

Analyzed Mar 16, 2026

AddSearch Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

69% escaped42 total outputs

Attack Surface

AddSearch Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[addsearch] includes\functions.php:83

WordPress Hooks 17

actionplugins_loadedaddsearch.php:115

actionwp_enqueue_scriptsaddsearch.php:118

actioninitaddsearch.php:121

actionadmin_initaddsearch.php:123

actionadmin_initaddsearch.php:125

filterquery_varsaddsearch.php:127

actionadmin_menuaddsearch.php:129

actionadmin_enqueue_scriptsaddsearch.php:131

actionwpaddsearch.php:342

filterget_search_formaddsearch.php:345

filterrender_blockaddsearch.php:347

filtersearch_templateaddsearch.php:349

filterinitaddsearch.php:351

filterrequestaddsearch.php:353

actionadmin_noticesadmin\admin-notices.php:29

actionet_search_form_fieldsincludes\theme-functions.php:8

filteraddsearch_replace_search_pageincludes\theme-functions.php:39

Maintenance & Trust

AddSearch Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedNov 4, 2024

PHP min version

Downloads13K

Community Trust

Rating74/100

Number of ratings3

Active installs100

Alternatives

AddSearch Alternatives

AI Product Search for WooCommerce – Motive Commerce Search

motive-commerce-search

AI-powered ecommerce search for better discovery. Advanced filters, live search suggestions and more for the best WooCommerce product search.

400 1 CVE

Findkit – Site Search

findkit

100

Powerful cloud based search engine for your website. Search as you type, real-time index updates, and embeddable UI. Free for small websites.

60 No CVEs

WP Extended Search

wp-extended-search

100

Extend search functionality to search in selected post meta, taxonomies, post types, and all authors.

20K 1 CVE

Search Everything

search-everything

Search Everything increases WordPress' default search functionality in three easy steps.

10K 4 CVEs

Advance Product Search- Voice & Ajax Search for WooCommerce

th-advance-product-search

Advanced Product Search boosts your store search with instant AJAX results, live suggestions, and smart category filtering, helping customers find pro …

10K 3 CVEs

Developer Profile

AddSearch Developer Profile

AddSearch

1 plugin · 100 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AddSearch

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/addsearch-instant-search/assets/js/settings.js/wp-content/plugins/addsearch-instant-search/assets/css/settings.css

Script Paths

https://addsearch.com/js/

Version Parameters

addsearch-instant-search/assets/js/settings.js?ver=addsearch-instant-search/assets/css/settings.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-addsearch-widget-key

JS Globals

addsearch_config

FAQ