WP-Safety

Cyba Advanced Search Security & Risk Analysis

wordpress.org/plugins/cyba-advanced-search

Create a mini directory on any post or page with a filtering search function in a sidebar. Filters 2 top level categories of your choise and tags.

0 active installs v2.0 PHP 5.6+ WP 5.8.1+ Updated Feb 4, 2023
categorydevgirldirectorypostssearch
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Cyba Advanced Search Safe to Use in 2026?

Generally Safe

Score 85/100

Cyba Advanced Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "cyba-advanced-search" v2.0 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of critical or high-severity vulnerabilities, coupled with a remarkably low percentage of SQL queries not using prepared statements and a high rate of proper output escaping, indicates good coding practices in these areas. The limited attack surface, with only one shortcode and no unprotected AJAX handlers or REST API routes, further contributes to its robustness. The plugin also demonstrates awareness of WordPress security features with a capability check, although the absence of nonce checks is a notable exception.

While the plugin appears secure in terms of known vulnerabilities and most code-level risks, the lack of nonce checks on its single entry point (the shortcode) presents a potential area for concern. Although the static analysis did not reveal specific taint flows or dangerous functions, it's important to note that without nonce checks, it could be susceptible to Cross-Site Request Forgery (CSRF) attacks if the shortcode performs any sensitive actions or modifies state on the server-side. The limited number of SQL queries and the high percentage using prepared statements are positive, but the 33% not using prepared statements, while not immediately critical given the total count and likely context, could be a minor concern if those queries handle user-supplied input without sufficient sanitization elsewhere.

Overall, "cyba-advanced-search" v2.0 is likely a secure plugin with a history of no reported vulnerabilities and good practices in crucial areas like output escaping and SQL query preparation. The primary weakness identified is the lack of nonce checks on its shortcode, which is a standard security measure to prevent CSRF. However, the absence of any recorded CVEs and the clean taint analysis suggest that the developers are actively maintaining security. The focus should be on addressing the nonce check gap to further enhance its already strong security profile.

Key Concerns

  • Missing nonce checks on entry points
  • SQL queries not using prepared statements (66% use prepared)
Vulnerabilities
None known

Cyba Advanced Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Cyba Advanced Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
6
3 prepared
Unescaped Output
1
48 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

33% prepared9 total queries

Output Escaping

98% escaped49 total outputs
Attack Surface

Cyba Advanced Search Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[cyba-advanced-search] cyba-advanced-search.php:45
WordPress Hooks 4
actionwp_enqueue_scriptscyba-advanced-search.php:56
actionwp_enqueue_scriptscyba-advanced-search.php:64
actionadmin_menuincludes\admin-menu.php:5
actionadmin_initincludes\admin-menu.php:19
Maintenance & Trust

Cyba Advanced Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedFeb 4, 2023
PHP min version5.6
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Cyba Advanced Search Alternatives

GEO my WP

GEO my WP

geo-my-wp

A
94

Advanced geolocation, mapping, and proximity search plugin. Geotag post types and BuddyPress members, and create advanced proximity search forms.

4K 6 CVEs
Mundoon Taxonomy Filter Checkbox

Mundoon Taxonomy Filter Checkbox

mundoon-simple-taxonomy-filter-checkbox

A
85

Quickly create taxonomies filters for custom post types templates!

10 No CVEs
Search & Filter

Search & Filter

search-filter

A
98

Search and Filtering for Custom Posts, Categories, Tags, Taxonomies, Post Dates and Post Types

50K 2 CVEs
Category Posts Widget

Category Posts Widget

category-posts

A
99

Adds a widget that shows the most recent posts from a single category.

40K 2 CVEs
WP Extended Search

WP Extended Search

wp-extended-search

A
100

Extend search functionality to search in selected post meta, taxonomies, post types, and all authors.

20K 1 CVE
Developer Profile

Cyba Advanced Search Developer Profile

devgirl

3 plugins · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Cyba Advanced Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cyba-advanced-search/style/front-end.css/wp-content/plugins/cyba-advanced-search/style/back-end.css

HTML / DOM Fingerprints

CSS Classes
cyba-page-contentcyba-page-sidebarcyba-page-wrappercyba-listingscyba-listingcyba-search-metacyba-search-meta-titlecyba-search-meta-cats+1 more
HTML Comments
<!--- frontend directory page --><!---page-sidebar--><!--- main categories --><!--- location categories -->+9 more
Data Attributes
id="cyba-page-content"id="cyba-page-sidebar"class="cyba-page-wrapper"id="cyba-listings"class="cyba-listing"class="cyba-search-meta"+3 more
Shortcode Output
[cyba-advanced-search]
FAQ

Frequently Asked Questions about Cyba Advanced Search