WP-Safety

Autocomplete Post Search Security & Risk Analysis

wordpress.org/plugins/autocomplete-post-search

This plugin provides search form that will search any post with autocomplete functionility.

10 active installs v1.0.0 PHP + WP 3.5.0+ Updated May 21, 2016
autocomplete-functionilityautocomplete-search-formsearch-form
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Autocomplete Post Search Safe to Use in 2026?

Generally Safe

Score 85/100

Autocomplete Post Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The "autocomplete-post-search" plugin version 1.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and having no file operations or external HTTP requests. Its vulnerability history is clean, with no recorded CVEs, which is a strong indicator of careful development and adherence to security principles. However, there are significant concerns that temper this positive outlook. The static analysis reveals that 50% of the total output is not properly escaped, presenting a risk of Cross-Site Scripting (XSS) vulnerabilities, especially considering the presence of a shortcode which is a common entry point for user-supplied data that could be rendered unsafely. Furthermore, the taint analysis found one flow with unsanitized paths, indicating a potential pathway for malicious input to be processed without adequate cleaning, even though it was not classified as critical or high severity in this analysis.

Key Concerns

  • Unescaped output detected
  • Taint flow with unsanitized path
  • No nonce checks
  • No capability checks
Vulnerabilities
None known

Autocomplete Post Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Autocomplete Post Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

50% escaped4 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<autocomplete-post-search-setting> (pages\autocomplete-post-search-setting.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Autocomplete Post Search Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[autocomplete-post-search] autocomplete-post-search.php:124
WordPress Hooks 3
actionwp_enqueue_scriptsautocomplete-post-search.php:36
actionadmin_initautocomplete-post-search.php:43
actionadmin_menuautocomplete-post-search.php:51
Maintenance & Trust

Autocomplete Post Search Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33
Last updatedMay 21, 2016
PHP min version
Downloads3K

Community Trust

Rating80/100
Number of ratings4
Active installs10
Alternatives

Autocomplete Post Search Alternatives

YITH WooCommerce Ajax Search

YITH WooCommerce Ajax Search

yith-woocommerce-ajax-search

A
95

YITH WooCommerce Ajax Search allows your users to search products in real time.

40K 4 CVEs
GEO my WP

GEO my WP

geo-my-wp

A
94

Advanced geolocation, mapping, and proximity search plugin. Geotag post types and BuddyPress members, and create advanced proximity search forms.

4K 6 CVEs
Custom Search by BestWebSoft – WordPress Custom Search Plugin

Custom Search by BestWebSoft – WordPress Custom Search Plugin

custom-search-plugin

A
100

Add advanced custom search to your WordPress site. Search custom post types, taxonomies, and custom fields with full control over results.

1K 1 CVE
Web Directory Free

Web Directory Free

web-directory-free

B
77

Build Directory or Classifieds site in some minutes. The plugin combines flexibility of WordPress and functionality of Directory and Classifieds.

400 9 CVEs
Search Box

Search Box

search-box

A
85

Animated search form with Pure CSS3, replace search form with custom CSS styles.

80 No CVEs
Developer Profile

Autocomplete Post Search Developer Profile

Cynob IT Consultancy

9 plugins · 530 total installs

81
trust score
Avg Security Score
82/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Autocomplete Post Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/autocomplete-post-search/includes/aps-style.css/wp-content/plugins/autocomplete-post-search/includes/aps-script.js/wp-content/plugins/autocomplete-post-search/includes/admin-style.css
Script Paths
/wp-content/plugins/autocomplete-post-search/includes/aps-script.js
Version Parameters
autocomplete-post-search/includes/aps-style.css?ver=autocomplete-post-search/includes/aps-script.js?ver=autocomplete-post-search/includes/admin-style.css?ver=

HTML / DOM Fingerprints

CSS Classes
aps-search-form
Data Attributes
data-original-order
JS Globals
autoComplete
Shortcode Output
<div class="aps-search-form"><form role="search" method="get" class="pure-form" action="
FAQ

Frequently Asked Questions about Autocomplete Post Search