WP-Safety

Admin Live Search Security & Risk Analysis

wordpress.org/plugins/admin-live-search

Live search pages and posts in the dashboard / admin area via AJAX.

20 active installs v3.2.1 PHP 5.6+ WP 4.0+ Updated Mar 27, 2019
adminadmin-ajax-searchajax-searchlive-searchsearch
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Admin Live Search Safe to Use in 2026?

Generally Safe

Score 85/100

Admin Live Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The 'admin-live-search' plugin v3.2.1 presents a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, exclusively using prepared statements, and has no recorded vulnerability history, suggesting a generally stable codebase. It also avoids file operations and external HTTP requests, further reducing potential attack vectors. However, significant concerns arise from its attack surface and taint analysis. The presence of two AJAX handlers without authentication checks is a critical oversight, potentially allowing unauthorized users to trigger these actions. This is exacerbated by the taint analysis revealing three flows with unsanitized paths and two high-severity taint flows, indicating that data processed through these entry points could be manipulated by attackers. The lack of nonce checks on these unprotected AJAX endpoints is a major weakness.

Key Concerns

  • AJAX handlers without auth checks
  • High severity taint flows found
  • Flows with unsanitized paths found
  • No nonce checks on AJAX entry points
  • Output escaping is only 49% proper
Vulnerabilities
None known

Admin Live Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Admin Live Search Release Timeline

No version history available.
Code Analysis
Analyzed Mar 16, 2026

Admin Live Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
13 prepared
Unescaped Output
74
71 escaped
Nonce Checks
0
Capability Checks
15
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared13 total queries

Output Escaping

49% escaped145 total outputs
Data Flows · Security
3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths
search_box (admin\admin-live-search-list-table.php:323)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Admin Live Search Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_admin_live_searchincludes\class-admin-live-search.php:154
authwp_ajax_admin_live_search_set_cpt_statusincludes\class-admin-live-search.php:155
WordPress Hooks 11
actionadmin_footeradmin\admin-live-search-list-table.php:146
filterthe_titleadmin\admin-live-search-post-table.php:768
actionadmin_menuadmin\class-admin-live-search-admin.php:53
actioncurrent_screenadmin\class-admin-live-search-admin.php:71
actioncheck_ajax_refereradmin\class-admin-live-search-admin.php:72
actionadmin_headadmin\class-admin-live-search-admin.php:73
filterquery_varsadmin\class-admin-live-search-admin.php:74
actionadmin_noticesadmin\class-admin-live-search-admin.php:77
actionplugins_loadedincludes\class-admin-live-search.php:136
actionadmin_enqueue_scriptsincludes\class-admin-live-search.php:151
actionadmin_enqueue_scriptsincludes\class-admin-live-search.php:152
Maintenance & Trust

Admin Live Search Maintenance & Trust

Maintenance Signals

WordPress version tested5.1.22
Last updatedMar 27, 2019
PHP min version5.6
Downloads3K

Community Trust

Rating94/100
Number of ratings3
Active installs20
Alternatives

Admin Live Search Alternatives

Advanced Product Search For WooCommerce

Advanced Product Search For WooCommerce

advanced-product-search-for-woo

A
100

Popup Cart Lite for WooCommerce for WooCommerce plugin that displays popup cart for add to cart action.

4K No CVEs
Events Search For The Events Calendar

Events Search For The Events Calendar

events-search-addon-for-the-events-calendar

A
100

Adds an AJAX-based events search bar on any page via shortcode to quickly find any upcoming event created with The Events Calendar plugin.

3K No CVEs
Advanced All in One Admin Search by WP Spotlight

Advanced All in One Admin Search by WP Spotlight

wp-spotlight-search

A
91

Advanced All in One Admin Search by WP Spotlight Global Search is a powerful quick navigation plugin for WordPress Dashboard - it is an advancement of …

1K 1 CVE
Search Live

Search Live

search-live

A
100

Search Live supplies integrated live search facilities and advanced search features.

700 No CVEs
Fast Fuzzy Search – WordPress & WooCommerce Live Search

Fast Fuzzy Search – WordPress & WooCommerce Live Search

fast-fuzzy-search

A
100

Blazing fast, typo-tolerant, AJAX-powered search for WordPress and WooCommerce. Built for conversions and optimized for massive product catalogs.

200 No CVEs
Developer Profile

Admin Live Search Developer Profile

Humberto Silva

1 plugin · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Admin Live Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/admin-live-search/css/admin-live-search.css/wp-content/plugins/admin-live-search/js/admin-live-search.js
Script Paths
/wp-content/plugins/admin-live-search/js/admin-live-search.js
Version Parameters
admin-live-search/css/admin-live-search.css?ver=admin-live-search/js/admin-live-search.js?ver=

HTML / DOM Fingerprints

CSS Classes
admin-live-search-wrapper
Data Attributes
data-search-actiondata-search-nonce
JS Globals
admin_live_search_params
FAQ

Frequently Asked Questions about Admin Live Search