Does FV Swiftype have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is FV Swiftype compatible with WordPress 5.9.13?

According to WordPress.org data, FV Swiftype 0.3.8 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

How often is FV Swiftype updated?

FV Swiftype was last updated on Mar 28, 2022. Frequent updates are generally a positive security signal.

What is FV Swiftype's security score?

FV Swiftype has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

FV Swiftype Security & Risk Analysis

wordpress.org/plugins/fv-swiftype

Use Swiftype external crawler engine for your search.

10 active installs v0.3.8 PHP + WP 4.0+ Updated Mar 28, 2022

searchswiftype

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is FV Swiftype Safe to Use in 2026?

Generally Safe

Score 85/100

FV Swiftype has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The FV Swiftype plugin version 0.3.8 exhibits a generally strong security posture based on the provided static analysis. The absence of direct SQL queries, file operations, and critical taint flows, combined with the use of prepared statements for any potential queries, is highly commendable. Furthermore, the plugin appears to implement proper nonce and capability checks on its sole AJAX handler, significantly limiting its attack surface from unauthorized access.

However, a notable concern arises from the low percentage of properly escaped output. With 56 total outputs and only 16% properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. Attackers could potentially inject malicious scripts through user-controlled input that is later displayed on the frontend without adequate sanitization. While the plugin has no recorded vulnerability history, this lack of historical data could simply mean it hasn't been thoroughly audited or exploited in the past, rather than indicating inherent safety.

In conclusion, while the plugin demonstrates good practices in areas like query sanitization and access control, the widespread lack of output escaping represents a substantial security weakness that warrants immediate attention. Addressing this output escaping issue should be the highest priority to mitigate the risk of XSS attacks.

Key Concerns

Insufficient output escaping

Vulnerabilities

None known

FV Swiftype Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

FV Swiftype Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

FV Swiftype Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

16% escaped56 total outputs

Attack Surface

FV Swiftype Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_fv_foliopress_ajax_pointersfp-api.php:50

WordPress Hooks 17

actionadmin_enqueue_scriptsfp-api.php:49

actionadmin_noticesfp-api.php:51

actionadmin_print_footer_scriptsfp-api.php:310

actionpre_get_postsfv-swiftype.php:33

filterthe_postsfv-swiftype.php:34

filterpost_linkfv-swiftype.php:35

actionwp_footerfv-swiftype.php:36

filterpost_classfv-swiftype.php:39

filtercomment_classfv-swiftype.php:40

actionwp_headfv-swiftype.php:41

actionwp_headfv-swiftype.php:42

actionwp_footerfv-swiftype.php:43

actionadmin_initfv-swiftype.php:45

actionadmin_menufv-swiftype.php:46

actionadmin_noticesfv-swiftype.php:47

filterrobots_txtfv-swiftype.php:49

filterpost_thumbnail_htmlfv-swiftype.php:51

Maintenance & Trust

FV Swiftype Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedMar 28, 2022

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

FV Swiftype Alternatives

Nelio Related Posts

nelio-related-posts

Get a list of Related Posts by querying your Swiftype account, or using WordPress' regular search functions.

10 No CVEs

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE

$Rank Math SEO – AI SEO Tools to Dominate SEO Rankings$

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

seo-by-rank-math

Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.

4.0M 20 CVEs

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs

Better Search Replace

better-search-replace

A simple plugin to update URLs or other text in a database.

1.0M 2 CVEs

Developer Profile

FV Swiftype Developer Profile

FolioVision

19 plugins · 48K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

1098 days

View full developer profile

Detection Fingerprints

How We Detect FV Swiftype

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fv-swiftype/assets/js/fv-swiftype-search.js

Script Paths