Does Findkit – Site Search have any unpatched vulnerabilities?

No. All known vulnerabilities in Findkit – Site Search have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Findkit – Site Search compatible with WordPress 6.9.0?

According to WordPress.org data, Findkit – Site Search 1.6.0 has been tested up to WordPress 6.9.0. Check the plugin's changelog for the latest compatibility information.

Is Findkit – Site Search compatible with PHP 7.2+?

Findkit – Site Search requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Findkit – Site Search updated?

Findkit – Site Search was last updated on Feb 18, 2026. Frequent updates are generally a positive security signal.

What is Findkit – Site Search's security score?

Findkit – Site Search has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Findkit – Site Search Security & Risk Analysis

wordpress.org/plugins/findkit

Powerful cloud based search engine for your website. Search as you type, real-time index updates, and embeddable UI. Free for small websites.

70 active installs v1.6.0 PHP 7.2+ WP 6.3+ Updated Feb 18, 2026

cloudcrawlerinstant-searchsearchsite-search

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Findkit – Site Search Safe to Use in 2026?

Generally Safe

Score 100/100

Findkit – Site Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'findkit' v1.6.0 plugin exhibits a generally good security posture with strong adherence to best practices such as utilizing prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of known vulnerabilities, critical taint flows, and dangerous functions further bolsters its security profile. However, a significant concern arises from the presence of one REST API route that lacks permission callbacks, creating an unprotected entry point into the application. While the plugin demonstrates strengths in secure coding practices, this single unprotected endpoint represents a potential avenue for unauthorized actions or information disclosure if exploited.

Key Concerns

Unprotected REST API route

Vulnerabilities

None known

Findkit – Site Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Findkit – Site Search Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

56 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

93% escaped60 total outputs

Attack Surface

1 unprotected

Findkit – Site Search Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

POST/wp-json/findkit/v1jwtsrc\JWT.php:34

WordPress Hooks 4

actionadmin_noticesplugin.php:55

filterwp_insert_post_datasrc\LiveUpdate.php:57

actionsave_postsrc\LiveUpdate.php:65

filterdefault_option_findkit_project_idsrc\WpPlayground.php:24

Maintenance & Trust

Findkit – Site Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.0

Last updatedFeb 18, 2026

PHP min version7.2

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs70

Alternatives

Findkit – Site Search Alternatives

AI Product Search for WooCommerce – Motive Commerce Search

motive-commerce-search

100

AI-powered ecommerce search for better discovery. Advanced filters, live search suggestions and more for the best WooCommerce product search.

400 No CVEs

AddSearch

addsearch-instant-search

Instant search for your WordPress site. Search as you type, synonyms, typo fix, content promotions, analytics and other advanced search features.

100 No CVEs

DocumentCloud

documentcloud

100

Embed DocumentCloud resources in WordPress content.

1K No CVEs

SearchIQ – The Search Solution

searchiq

Our FREE plugin makes your website’s search fast and more relevant. searchIQ helps you to manage content more effectively with real-time analytics.

1K 7 CVEs

Яндекс.ПДС Пингер / Yandex Site search pinger

yandex-pinger

Яндекс.Поиск для сайта является простым, но эффективным решением для организации поиска для вашего сайта. Он предлагает релевантные результаты поиска, …

900 1 unpatched

Developer Profile

Findkit – Site Search Developer Profile

Findkit Team

1 plugin · 70 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Findkit – Site Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/findkit/css/findkit-search.css/wp-content/plugins/findkit/css/findkit.css/wp-content/plugins/findkit/js/findkit.js/wp-content/plugins/findkit/js/findkit-search.js/wp-content/plugins/findkit/js/chunk-vendors.js

Script Paths

/wp-content/plugins/findkit/js/findkit.js/wp-content/plugins/findkit/js/findkit-search.js/wp-content/plugins/findkit/js/chunk-vendors.js

Version Parameters

findkit/css/findkit-search.css?ver=findkit/css/findkit.css?ver=findkit/js/findkit.js?ver=findkit/js/findkit-search.js?ver=findkit/js/chunk-vendors.js?ver=

HTML / DOM Fingerprints

CSS Classes

findkit-search-inputfindkit-search-resultsfindkit-search-hitfindkit-search-titlefindkit-search-snippetfindkit-search-footerfindkit-powered-by

Data Attributes

data-findkit-search-formdata-findkit-search-results

JS Globals

findkit

REST Endpoints

/wp-json/findkit/v1/search

Shortcode Output

[findkit_search_form][findkit_search_results]

FAQ