WP-Safety

Full-Text Search Security & Risk Analysis

wordpress.org/plugins/full-text-search

Replaces site search with full-text search.

200 active installs v2.14.8 PHP 7.2+ WP 5.5+ Updated Jan 10, 2026
full-textfull-text-searchfulltextmroongasearch
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Full-Text Search Safe to Use in 2026?

Generally Safe

Score 100/100

Full-Text Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "full-text-search" plugin v2.14.8 exhibits a generally good security posture with no recorded vulnerabilities or critical security findings in the provided static and taint analysis. The limited attack surface, consisting of a single AJAX handler with no obvious authentication bypasses, is a positive sign. The presence of nonce checks and a moderate percentage of SQL queries using prepared statements suggest some attention to secure coding practices. However, a significant concern arises from the low percentage of properly escaped output (32%). This indicates a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed through the plugin's output. The absence of file operations and external HTTP requests, along with no recorded CVEs, further reinforces a relatively low overall threat level, but the unescaped output remains a critical area for improvement.

Key Concerns

  • Low percentage of properly escaped output
Vulnerabilities
None known

Full-Text Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Full-Text Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
14
16 prepared
Unescaped Output
49
23 escaped
Nonce Checks
3
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

53% prepared30 total queries

Output Escaping

32% escaped72 total outputs
Attack Surface

Full-Text Search Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_full_text_search_settingsadmin.php:47
WordPress Hooks 27
actionplugins_loadedadmin.php:35
actionadmin_menuadmin.php:44
actionadmin_initadmin.php:45
actionadmin_enqueue_scriptsadmin.php:46
filtermanage_media_columnsadmin.php:48
filtermanage_media_custom_columnadmin.php:49
filterattachment_fields_to_editadmin.php:50
filterattachment_fields_to_saveadmin.php:51
filterplugin_action_linksadmin.php:52
actionadmin_noticesmain.php:52
actionplugins_loadedmain.php:59
actionfull_text_search_eventmain.php:68
actionwp_insert_postmain.php:69
actionadd_attachmentmain.php:70
actionattachment_updatedmain.php:71
actiondeleted_postmain.php:72
filterposts_searchmain.php:73
filterposts_clauses_requestmain.php:74
actionpre_get_postsmain.php:77
filterposts_wheremain.php:78
actionwp_enqueue_scriptsmain.php:90
filterthe_contentmain.php:92
filterget_the_excerptmain.php:94
actionwp_enqueue_scriptsmain.php:100
filterthe_titlemain.php:102
filterthe_contentmain.php:103
filterget_the_excerptmain.php:104

Scheduled Events 4

full_text_search_event
full_text_search_event
full_text_search_event
full_text_search_event
Maintenance & Trust

Full-Text Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 10, 2026
PHP min version7.2
Downloads12K

Community Trust

Rating100/100
Number of ratings2
Active installs200
Alternatives

Full-Text Search Alternatives

WebEquipe PDF Search

WebEquipe PDF Search

webequipe-pdf-search

A
100

Search inside your PDF documents. Index text-based PDFs and show their content in WordPress search.

40 No CVEs
Mroonga

Mroonga

mroonga

A
100

Fast and rich full text search features for WordPress!

10 No CVEs
Wow FullText Search

Wow FullText Search

wow-fulltext-search

A
85

Fast fulltext search provided by Search Engine software replacing default WordPress functionality.

10 No CVEs
WP Fast Total Search – The Power of Indexed Search

WP Fast Total Search – The Power of Indexed Search

fulltext-search

A
94

Extends the default fulltext search with relevance, jet speed and ability to search any posts, metadata, taxonomy, shortcode content and more data.

1K 8 CVEs
Relevanssi Light

Relevanssi Light

relevanssi-light

A
100

Relevanssi Light is a simple, quick and effective search improvement that replaces the default WP search with a fulltext index search.

500 No CVEs
Developer Profile

Full-Text Search Developer Profile

ishitaka

5 plugins · 62K total installs

75
trust score
Avg Security Score
94/100
Avg Patch Time
2541 days
View full developer profile
Detection Fingerprints

How We Detect Full-Text Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/full-text-search/admin-settings.css/wp-content/plugins/full-text-search/admin-settings.js
Script Paths
/wp-content/plugins/full-text-search/admin-settings.js
Version Parameters
full-text-search/admin-settings.css?ver=full-text-search/admin-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes
full-text-search-settings-tabs-wrapper
Data Attributes
data-action="full_text_search_settings"data-nonce="full-text-search-settings"
JS Globals
fullTextSearchSettingsOptions
FAQ

Frequently Asked Questions about Full-Text Search