Does BigCommerce Advance Search have any unpatched vulnerabilities?

No. All known vulnerabilities in BigCommerce Advance Search have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BigCommerce Advance Search compatible with WordPress 5.5.18?

According to WordPress.org data, BigCommerce Advance Search 1.2 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

How often is BigCommerce Advance Search updated?

BigCommerce Advance Search was last updated on Oct 27, 2020. Frequent updates are generally a positive security signal.

What is BigCommerce Advance Search's security score?

BigCommerce Advance Search has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BigCommerce Advance Search Security & Risk Analysis

wordpress.org/plugins/bc-advance-search

Most powerful, professional and advance search engine for ::: BigCommerce For WordPress ::: store. It can work with any theme and is really easy to se …

10 active installs v1.2 PHP + WP 2.9.0+ Updated Oct 27, 2020

advancebigcommercesearch

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is BigCommerce Advance Search Safe to Use in 2026?

Generally Safe

Score 85/100

BigCommerce Advance Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "bc-advance-search" v1.2 plugin exhibits a mixed security posture. While it demonstrates strengths such as a lack of dangerous functions, file operations, external HTTP requests, and a clean vulnerability history, there are significant areas of concern. The presence of two unprotected AJAX handlers represents a notable attack surface that could be exploited without proper authentication checks. Additionally, the plugin's handling of SQL queries is problematic, with 100% of them not utilizing prepared statements, which significantly increases the risk of SQL injection vulnerabilities. The output escaping also falls short, with nearly half of outputs not being properly escaped, leading to potential cross-site scripting (XSS) vulnerabilities. The absence of recorded vulnerabilities in its history is a positive sign, suggesting diligent patching or a lack of prior discovery, but it does not negate the inherent risks identified in the static analysis.

Key Concerns

AJAX handlers without authentication
SQL queries not using prepared statements
Insufficient output escaping

Vulnerabilities

None known

BigCommerce Advance Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

BigCommerce Advance Search Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

44 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

44% escaped99 total outputs

Attack Surface

2 unprotected

BigCommerce Advance Search Attack Surface

Entry Points5

Unprotected2

AJAX Handlers 4

authwp_ajax_bas_search_productinc\ajax-autocomplete.php:59

noprivwp_ajax_bas_search_productinc\ajax-autocomplete.php:60

authwp_ajax_bas_data_fetchinc\ajax.php:43

noprivwp_ajax_bas_data_fetchinc\ajax.php:44

Shortcodes 1

[bc-advance-search] inc\shortcode.php:14

WordPress Hooks 15

actionwp_enqueue_scriptsbc-advance-search.php:34

actionadmin_enqueue_scriptsbc-advance-search.php:43

actionwp_enqueue_scriptsinc\ajax-autocomplete.php:36

actionwp_footerinc\ajax.php:13

actionadmin_noticesinc\debug.php:25

actionadmin_initinc\debug.php:29

actionwp_headinc\design-settings-public.php:21

actionwp_footerinc\design-settings-public.php:28

actionwp_headinc\design-settings-public.php:35

actionadmin_menuinc\design-settings.php:19

actionadmin_initinc\design-settings.php:20

actionadmin_menuinc\promote\promote.php:15

actionadmin_menuinc\settings.php:16

actionadmin_initinc\settings.php:17

actionwidgets_initinc\widget.php:17

Maintenance & Trust

BigCommerce Advance Search Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedOct 27, 2020

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

BigCommerce Advance Search Alternatives

ACF: Better Search

acf-better-search

This plugin adds to default WordPress search engine the ability to search by content from selected fields of Advanced Custom Fields plugin.

40K 1 CVE

WP Extended Search

wp-extended-search

100

Extend search functionality to search in selected post meta, taxonomies, post types, and all authors.

20K 1 CVE

Admin Search

admin-search

100

Admin Search adds a simple, easy-to-use interface to your WordPress admin site that gives you and your admin users the ability to search across multip …

1K No CVEs

WPCasa Advanced Search

wpcasa-advanced-search

100

Display an expandable area with advanced options in WPCasa property search form.

700 No CVEs

Advanced Admin Search

advanced-admin-search

Easily search everything in WordPress admin panel from one single search field.

600 1 CVE

Developer Profile

BigCommerce Advance Search Developer Profile

Oudaryamay Burai

3 plugins · 90 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BigCommerce Advance Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bc-advance-search/assets/css/public-style.css/wp-content/plugins/bc-advance-search/assets/css/admin-style.css/wp-content/plugins/bc-advance-search/assets/css/admin-design-dynamic-style.css/wp-content/plugins/bc-advance-search/assets/js/admin-design-dynamic-script.js/wp-content/plugins/bc-advance-search/assets/css/auto-complete.css/wp-content/plugins/bc-advance-search/assets/js/auto-complete.min.js/wp-content/plugins/bc-advance-search/assets/js/autocomplete.js

Script Paths

/wp-content/plugins/bc-advance-search/assets/js/admin-design-dynamic-script.js/wp-content/plugins/bc-advance-search/assets/js/auto-complete.min.js/wp-content/plugins/bc-advance-search/assets/js/autocomplete.js

Version Parameters

bc-advance-search/assets/css/public-style.css?ver=bc-advance-search/assets/css/admin-style.css?ver=bc-advance-search/assets/css/admin-design-dynamic-style.css?ver=bc-advance-search/assets/js/admin-design-dynamic-script.js?ver=bc-advance-search/assets/css/auto-complete.css?ver=bc-advance-search/assets/js/auto-complete.min.js?ver=bc-advance-search/assets/js/autocomplete.js?ver=

HTML / DOM Fingerprints

CSS Classes

bas-design-search-box-generalbas-design-search-boxbas-design-search-buttonbas-design-search-otherschip

HTML Comments

+2 more

Data Attributes

id="bas_design_search_box_general"id="bas_design_search_box"id="bas_design_search_button"id="bas_design_search_others"name="bas_design_search_box_general"name="bas_design_search_box"+6 more

JS Globals

autocomplete

REST Endpoints

/wp-json/wp/v2/bigcommerce_product

FAQ