WP-Safety

Convertopia Smart Search Security & Risk Analysis

wordpress.org/plugins/convertopia-smart-search

Convertopia is a smart site search tool an all-in-one solution to boost conversion, profit retailers, and improve shopping experience.

0 active installs v1.0.4 PHP + WP 5.0+ Updated May 30, 2025
autocompleteconvertopiainstant-searchpersonalized-ai-searchwordpress
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Convertopia Smart Search Safe to Use in 2026?

Generally Safe

Score 100/100

Convertopia Smart Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The convertopia-smart-search v1.0.4 plugin exhibits a generally good security posture with several strengths, including the complete absence of dangerous functions, file operations, and external HTTP requests. All SQL queries are properly prepared, and a very high percentage of output is correctly escaped, minimizing the risk of cross-site scripting (XSS) vulnerabilities. The plugin also has no recorded vulnerability history, which is a positive indicator. However, a significant concern is the presence of 11 AJAX handlers, with 5 of them lacking any authentication checks. This large, unprotected attack surface could be exploited by unauthenticated users to trigger unintended actions within the plugin. While taint analysis did not reveal any critical or high-severity unsanitized flows, the unprotected AJAX endpoints remain a primary risk. The plugin's lack of capability checks also contributes to this risk, as it implies that potentially sensitive actions accessible via AJAX might be executed by any user, regardless of their WordPress role.

Key Concerns

  • AJAX handlers without authentication checks
  • AJAX handlers without capability checks
Vulnerabilities
None known

Convertopia Smart Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Convertopia Smart Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
48
510 escaped
Nonce Checks
9
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

91% escaped558 total outputs
Data Flows
All sanitized

Data Flow Analysis

5 flows
convertopia_save_consent_checkout_field (includes\class-convertopia.php:572)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
5 unprotected

Convertopia Smart Search Attack Surface

Entry Points11
Unprotected5

AJAX Handlers 11

authwp_ajax_convertopia_update_all_schedulesconvertopia.php:50
authwp_ajax_convertopia_update_all_delta_schedulesconvertopia.php:59
authwp_ajax_convertopia_track_inquiry_submitincludes\class-convertopia.php:233
noprivwp_ajax_convertopia_track_inquiry_submitincludes\class-convertopia.php:234
authwp_ajax_convertopia_track_add_to_cartincludes\class-convertopia.php:284
noprivwp_ajax_convertopia_track_add_to_cartincludes\class-convertopia.php:285
authwp_ajax_convertopia_save_user_consentincludes\class-convertopia.php:617
noprivwp_ajax_convertopia_save_user_consentincludes\class-convertopia.php:618
authwp_ajax_convertopia_generate_customer_feedincludes\customer-feed.php:229
authwp_ajax_convertopia_generate_order_feedincludes\order-feed.php:325
authwp_ajax_convertopia_generate_product_feedincludes\product-feed.php:205
WordPress Hooks 21
actionuser_registerconvertopia.php:71
actioninitincludes\class-convertopia.php:12
actionplugins_loadedincludes\class-convertopia.php:21
actionadmin_enqueue_scriptsincludes\class-convertopia.php:31
actionwp_enqueue_scriptsincludes\class-convertopia.php:65
actionadmin_enqueue_scriptsincludes\class-convertopia.php:66
actionwp_enqueue_scriptsincludes\class-convertopia.php:88
actionadmin_menuincludes\class-convertopia.php:303
actionwoocommerce_thankyouincludes\class-convertopia.php:414
actionwoocommerce_after_checkout_billing_formincludes\class-convertopia.php:481
actionwoocommerce_before_checkout_formincludes\class-convertopia.php:509
actionadmin_initincludes\class-convertopia.php:517
actionwoocommerce_after_order_notesincludes\class-convertopia.php:550
actionwoocommerce_checkout_update_order_metaincludes\class-convertopia.php:570
actiontemplate_redirectincludes\csearch.php:6
actionconvertopia_cron_generate_customer_feedincludes\customer-feed.php:241
actionconvertopia_cron_generate_customer_feed_deltaincludes\customer-feed.php:253
actionconvertopia_cron_generate_order_feedincludes\order-feed.php:337
actionconvertopia_cron_generate_order_feed_deltaincludes\order-feed.php:349
actionconvertopia_cron_generate_product_feedincludes\product-feed.php:219
actionconvertopia_cron_generate_product_feed_deltaincludes\product-feed.php:233
Maintenance & Trust

Convertopia Smart Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 30, 2025
PHP min version
Downloads975

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Convertopia Smart Search Alternatives

Search with Typesense

Search with Typesense

search-with-typesense

A
99

Lightning fast seagrch for your WordPress site, powered by Typesense.

600 2 CVEs
Awesome Instant Search

Awesome Instant Search

awesome-instant-search

A
100

Awesome Instant Search integrate Instant Search to ANY wordpress website.

10 No CVEs
CelerSearch

CelerSearch

celersearch

A
100

Extends WordPress search with a powerful MeiliSearch integration for lightning-fast, typo-tolerant search results.

0 No CVEs
All-in-One WP Migration and Backup

All-in-One WP Migration and Backup

all-in-one-wp-migration

A
90

Trusted by 60M+ sites: The gold standard for WordPress migration and backup. Migrate, backup, and restore your WordPress site with one click.

5.0M 13 CVEs
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

seo-by-rank-math

A
86

Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.

3.0M 20 CVEs
Developer Profile

Convertopia Smart Search Developer Profile

convertopia

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Convertopia Smart Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/convertopia-smart-search/assets/css/bootstrap/css/bootstrap.min.css/wp-content/plugins/convertopia-smart-search/assets/js/bootstrap/js/bootstrap.min.js/wp-content/plugins/convertopia-smart-search/assets/css/font-awesome-4.7.0/css/font-awesome.min.css/wp-content/plugins/convertopia-smart-search/assets/css/style.css/wp-content/plugins/convertopia-smart-search/assets/js/spinner.js/wp-content/plugins/convertopia-smart-search/assets/js/convertopia.js/wp-content/plugins/convertopia-smart-search/assets/js/convertopia-setting.js
Version Parameters
convertopia-smart-search/assets/css/bootstrap/css/bootstrap.min.css?ver=convertopia-smart-search/assets/js/bootstrap/js/bootstrap.min.js?ver=convertopia-smart-search/assets/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=convertopia-smart-search/assets/css/style.css?ver=convertopia-smart-search/assets/js/spinner.js?ver=convertopia-smart-search/assets/js/convertopia.js?ver=convertopia-smart-search/assets/js/convertopia-setting.js?ver=

HTML / DOM Fingerprints

CSS Classes
convertopia-admin-notice
Data Attributes
data-convertopia-id
JS Globals
convertopia_settings_params
FAQ

Frequently Asked Questions about Convertopia Smart Search