Does Dynamic Search Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in Dynamic Search Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dynamic Search Widget compatible with WordPress 4.2.39?

According to WordPress.org data, Dynamic Search Widget 0.14.01 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Dynamic Search Widget updated?

Dynamic Search Widget was last updated on May 13, 2015. Frequent updates are generally a positive security signal.

What is Dynamic Search Widget's security score?

Dynamic Search Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dynamic Search Widget Security & Risk Analysis

wordpress.org/plugins/dynamic-search-widget

Dynamic flexible ajax search widget

30 active installs v0.14.01 PHP + WP 3.1+ Updated May 13, 2015

searchwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Dynamic Search Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Dynamic Search Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'dynamic-search-widget' plugin, version 0.14.01, exhibits significant security concerns due to its unprotected AJAX endpoints. The static analysis reveals two AJAX handlers, both lacking any form of authentication or capability checks. This creates a substantial attack surface where any unauthenticated user could potentially interact with these handlers, leading to unintended actions or information disclosure. While the plugin avoids dangerous SQL injection vulnerabilities by exclusively using prepared statements and shows no history of known CVEs, the absence of proper access control on its entry points is a critical oversight. The limited output escaping also presents a potential risk for cross-site scripting (XSS) vulnerabilities. The lack of recorded past vulnerabilities might suggest a less targeted plugin or a history of responsible development, but it does not negate the immediate risks identified in the current code.

Key Concerns

AJAX handlers without auth checks
Low output escaping percentage
Dangerous function create_function
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Dynamic Search Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Dynamic Search Widget Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget( "dynamic_search_widget" );' ) );dynamic-search-widget.php:206

SQL Query Safety

100% prepared1 total queries

Output Escaping

13% escaped32 total outputs

Attack Surface

2 unprotected

Dynamic Search Widget Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_dynsw_search_similarsdynamic-search-widget.php:36

noprivwp_ajax_dynsw_search_similarsdynamic-search-widget.php:37

WordPress Hooks 3

actionwp_enqueue_scriptsdynamic-search-widget.php:35

actionwp_headdynamic-search-widget.php:38

actionwidgets_initdynamic-search-widget.php:206

Maintenance & Trust

Dynamic Search Widget Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedMay 13, 2015

PHP min version

Downloads3K

Community Trust

Rating80/100

Number of ratings1

Active installs30

Alternatives

Dynamic Search Widget Alternatives

Search Meter

search-meter

Search Meter tracks what your readers are searching for on your site. View full details of recent searches or stats for the last day, week or month.

20K 1 CVE

Search Console

search-console

100

View all your Search Console data inside WordPress dashboard.

3K No CVEs

Sitekit

sitekit

Widgets: search, archives and categories. Shortcodes: archives, bloginfo, iframe and categories.

3K 1 unpatched

Search Engine Insights for Google Search Console

search-engine-insights

100

Verify site ownership on Google Search Console! Analyze the Google Search Console stats, to see your site's performance on Google Search.

2K No CVEs

Search Widget Post Types for Elementor

search-widget-post-types-for-elementor

Adds an option to make Elementor's search widget only search for a specific post type such as WooCommerce products or custom post types.

600 No CVEs

Developer Profile

Dynamic Search Widget Developer Profile

asimeon

2 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dynamic Search Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dynamic-search-widget/script.js/wp-content/plugins/dynamic-search-widget/loader.gif

Script Paths

/wp-content/plugins/dynamic-search-widget/script.js

Version Parameters

ver=0.14.01

HTML / DOM Fingerprints

CSS Classes

dynsw-searchdynsw-loaderwidget_dynswdynsw-search-fielddynsw-results

Data Attributes

data-dynsw-widget-id

JS Globals

dynsw_script

FAQ