WP-Safety

Advanced Admin Search Security & Risk Analysis

wordpress.org/plugins/advanced-admin-search

Easily search everything in WordPress admin panel from one single search field.

600 active installs v1.1.6 PHP + WP 3.9+ Updated Jun 14, 2022
admin-searchadvance-searchcustom-post-type-search
85
A · Safe
CVEs total1
Unpatched0
Last CVEMay 17, 2022
Plugin page Download
Safety Verdict

Is Advanced Admin Search Safe to Use in 2026?

Generally Safe

Score 85/100

Advanced Admin Search has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 17, 2022Updated 3yr ago
Risk Assessment

The "advanced-admin-search" plugin version 1.1.6 exhibits a mixed security posture. While it demonstrates strong practices in SQL query handling and output escaping, indicating careful development in these areas, it has significant security concerns related to its attack surface and lack of authorization checks. The presence of an unprotected AJAX handler is a critical vulnerability, as it represents a direct entry point for attackers without any validation or permission checks.

The static analysis reveals a substantial risk due to the unprotected AJAX handler. This means any unauthenticated user could potentially trigger this functionality, leading to unintended actions or information disclosure. While the taint analysis shows no critical or high severity unsanitized flows, the lack of authorization on the identified entry point overshadows this positive finding. The vulnerability history, particularly the past medium-severity Cross-Site Scripting (XSS) vulnerability, though patched, suggests a recurring pattern of input validation weaknesses, even if not evident in this specific version's static analysis.

In conclusion, the plugin has strengths in secure coding practices for SQL and output handling. However, the single unprotected AJAX handler presents a critical security flaw that severely compromises its overall security. The past vulnerability history also warrants caution. This plugin requires immediate attention to address the unauthenticated entry point to mitigate significant risks.

Key Concerns

  • Unprotected AJAX handler
  • No nonce checks on AJAX handler
  • Past medium severity CVE (XSS)
Vulnerabilities
1

Advanced Admin Search Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2022-0626medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advanced Admin Search <= 1.1.2 - Cross-Site Scripting

May 17, 2022 Patched in 1.1.6 (616d)
Code Analysis
Analyzed Mar 16, 2026

Advanced Admin Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
0
27 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped27 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
aaskp_search_page_callback (menu.php:39)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Advanced Admin Search Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_search_resultsearchresults.php:10
WordPress Hooks 9
actionactivated_pluginadvanced-admin-search.php:30
actionadmin_menumenu.php:5
filteraaskp_pre_searchmenu.php:11
actionadmin_bar_menuscripts.php:8
actionin_admin_headerscripts.php:9
actionadmin_enqueue_scriptsscripts.php:12
actionwp_enqueue_scriptsscripts.php:13
actionadmin_bar_menusearchbox.php:8
actionin_admin_headersearchbox.php:9
Maintenance & Trust

Advanced Admin Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedJun 14, 2022
PHP min version
Downloads77K

Community Trust

Rating86/100
Number of ratings8
Active installs600
Alternatives

Advanced Admin Search Alternatives

Admin Menu Search

Admin Menu Search

admin-menu-search

A
92

Admin Menu Search adds a search box filter to the top of the WordPress Admin Menu so you can easily locate items on sites with lots of menus.

3K No CVEs
Advanced All in One Admin Search by WP Spotlight

Advanced All in One Admin Search by WP Spotlight

wp-spotlight-search

A
99

Advanced All in One Admin Search by WP Spotlight Global Search is a powerful quick navigation plugin for WordPress Dashboard - it is an advancement of &hellip;

1K 1 CVE
Super Ajax Search

Super Ajax Search

ajax-searchwp

A
92

Super Ajax Search enhances your website's search functionality with live search results and autocomplete features. Best ajax search plugin in wor &hellip;

20 No CVEs
WP Spotlight – User Search, Post search, Media search, Quick updates

WP Spotlight – User Search, Post search, Media search, Quick updates

spotlight

A
92

Find posts, users, plugins, themes, media, comments, and, manage updates from a search bar. Works on the dashboard and frontend.

20 No CVEs
GeoTheme Advance Search Widget

GeoTheme Advance Search Widget

geotheme-advance-search-widget

A
85

The Advanced Search Widget is designed to be a replacement to the default search widget. now search places with advance search it work fine with categ &hellip;

10 No CVEs
Developer Profile

Advanced Admin Search Developer Profile

Kuroit

1 plugin · 600 total installs

69
trust score
Avg Security Score
85/100
Avg Patch Time
616 days
View full developer profile
Detection Fingerprints

How We Detect Advanced Admin Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/advanced-admin-search/css/style.css/wp-content/plugins/advanced-admin-search/js/jquery-admin-desktop-search.js/wp-content/plugins/advanced-admin-search/js/jquery-admin-mobile-search.js/wp-content/plugins/advanced-admin-search/js/jquery-admin-page-search.js
Script Paths
/wp-content/plugins/advanced-admin-search/js/jquery-admin-desktop-search.js/wp-content/plugins/advanced-admin-search/js/jquery-admin-mobile-search.js/wp-content/plugins/advanced-admin-search/js/jquery-admin-page-search.js

HTML / DOM Fingerprints

CSS Classes
advanced-admin-wrapperpage_title_AASKPinput_pageinput_searchselect1
Data Attributes
data-user_iddata-roledata-display_namedata-user_registereddata-avatar_urldata-type
JS Globals
advanced_admin_search
FAQ

Frequently Asked Questions about Advanced Admin Search