WP-Safety

i-Search – Advanced Live Search Security & Risk Analysis

wordpress.org/plugins/i-search

Live search suggestions for all post types. Search everywhere, include almost everything in the search. WooCommerce compatible.

10 active installs v1.2.0 PHP 7.2+ WP 4.6+ Updated Sep 21, 2018
better-wordpress-searchlive-searchsearchsearch-pluginsuggestion
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is i-Search – Advanced Live Search Safe to Use in 2026?

Generally Safe

Score 85/100

i-Search – Advanced Live Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The i-search plugin v1.2.0 exhibits a mixed security posture. While it shows strengths in avoiding dangerous functions and file operations, and a good proportion of SQL queries utilize prepared statements, significant concerns exist regarding its entry points and output sanitization. The plugin has a notable number of AJAX handlers (19) with a substantial portion (8) lacking proper authentication checks. This directly creates a wider attack surface vulnerable to unauthorized access and manipulation. Furthermore, the taint analysis reveals critical flows with unsanitized paths, indicating potential for injection vulnerabilities. The output escaping is also a weakness, with only 39% of outputs being properly escaped, increasing the risk of cross-site scripting (XSS) attacks. The absence of any recorded CVEs is positive, suggesting a history of responsible development or a lack of targeted exploitation so far, but this should not be relied upon given the identified code-level weaknesses. The plugin would benefit from robust input validation and output escaping across all entry points, particularly the unprotected AJAX handlers, to mitigate identified risks.

Key Concerns

  • Unprotected AJAX handlers
  • Critical taint flows with unsanitized paths
  • Low percentage of properly escaped output
  • Bundled libraries (Select2)
Vulnerabilities
None known

i-Search – Advanced Live Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

i-Search – Advanced Live Search Release Timeline

v1.2.0Current
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

i-Search – Advanced Live Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
25
85 prepared
Unescaped Output
178
115 escaped
Nonce Checks
21
Capability Checks
4
File Operations
0
External Requests
1
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

77% prepared110 total queries

Output Escaping

39% escaped293 total outputs
Data Flows · Security
6 unsanitized

Data Flow Analysis

16 flows6 with unsanitized paths
search_box (admin\menu\class-wp-list-table-org.php:324)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

i-Search – Advanced Live Search Attack Surface

Entry Points20
Unprotected8

AJAX Handlers 19

authwp_ajax_isrc_instance_previewadmin\class-admin-main.php:48
authwp_ajax_isrc_exlude_taxonomiesadmin\menu\class-menu.php:59
authwp_ajax_isrc_menu_db_actionsadmin\menu\class-menu.php:60
authwp_ajax_isrc_save_tagsadmin\menu\class-menu.php:61
authwp_ajax__ajax_fetch_remodaladmin\menu\class-menu.php:62
authwp_ajax_isrc_helpadmin\menu\class-menu.php:63
authwp_ajax_isrc_regenerateadmin\menu\class-menu.php:64
authwp_ajax_isrc_get_meta_keysadmin\menu\class-menu.php:65
authwp_ajax_isrc_get_taxo_keysadmin\menu\class-menu.php:66
authwp_ajax_isrc_fetch_analyse_listadmin\menu\class-menu.php:67
authwp_ajax_isrc_select2admin\menu\class-menu.php:68
authwp_ajax_isrc_select2_taxonomiesadmin\menu\class-menu.php:69
authwp_ajax_isrc_cnt_example_dataadmin\menu\class-menu.php:70
authwp_ajax_isrc_set_preview_dataadmin\menu\class-menu.php:71
authwp_ajax_isrc_clone_instanceadmin\menu\class-menu.php:72
authwp_ajax_isrc_ajax_search_postsclass-ajax.php:51
noprivwp_ajax_isrc_ajax_search_postsclass-ajax.php:52
authwp_ajax_isrc_get_instanceclass-ajax.php:53
noprivwp_ajax_isrc_get_instanceclass-ajax.php:54

Shortcodes 1

[isrc_ajax_search] front\class-front-main.php:42
WordPress Hooks 43
actionadmin_enqueue_scriptsadmin\class-admin-main.php:39
actionsave_postadmin\class-admin-main.php:41
actionattachment_updatedadmin\class-admin-main.php:42
actionadd_attachmentadmin\class-admin-main.php:43
actiondelete_postadmin\class-admin-main.php:44
actionwp_trash_postadmin\class-admin-main.php:45
actionuntrashed_postadmin\class-admin-main.php:46
actionadmin_initadmin\class-admin-main.php:47
actionupdated_post_metaadmin\class-admin-main.php:57
actionset_object_termsadmin\class-admin-main.php:66
actioninitadmin\class-admin-main.php:70
filterisearch_cb_format_extra_meta_dataadmin\class-admin-main.php:73
actioncreate_termadmin\class-admin-main.php:248
actionadmin_enqueue_scriptsadmin\menu\class-dashboard.php:33
actionwp_dashboard_setupadmin\menu\class-dashboard.php:34
actioninitadmin\menu\class-menu.php:38
actioninitadmin\menu\class-menu.php:44
filteradmin_body_classadmin\menu\class-menu.php:46
filterisearch_cb_add_extra_meta_dataadmin\menu\class-menu.php:47
actionisrc_admin_noticeadmin\menu\class-menu.php:50
actionadmin_menuadmin\menu\class-menu.php:51
filterset-screen-optionadmin\menu\class-menu.php:52
actionadmin_enqueue_scriptsadmin\menu\class-menu.php:53
actionadmin_footeradmin\menu\class-wp-list-table-org.php:146
actionadd_meta_boxesadmin\metabox\class-post-meta-box.php:33
actionsave_postadmin\metabox\class-post-meta-box.php:34
actionattachment_updatedadmin\metabox\class-post-meta-box.php:35
actionadd_attachmentadmin\metabox\class-post-meta-box.php:36
actionadmin_menuall4wp-global\global-menu.php:38
actionadmin_enqueue_scriptsall4wp-global\global-menu.php:41
actionwp_enqueue_scriptsfront\class-front-main.php:40
actionupdated_post_metafront\class-front-main.php:46
filterwoocommerce_add_to_cart_redirectfront\class-front-main.php:52
filterget_search_formfront\class-front-main.php:72
filterget_product_search_formfront\class-front-main.php:75
filterqueryfront\front-helpers.php:144
filterisearch_watch_meta_keys_for_updatefront\front-helpers.php:661
filterget_search_formfront\templates\isrc_ajax_template.php:76
filterget_product_search_formfront\templates\isrc_ajax_template.php:77
actionplugins_loadedi_search.php:52
actionwidgets_initi_search.php:87
actionvc_before_initi_search.php:103
actioninitvc-elements\class-wp-bakery.php:19
Maintenance & Trust

i-Search – Advanced Live Search Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedSep 21, 2018
PHP min version7.2
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

i-Search – Advanced Live Search Alternatives

Super Ajax Search

Super Ajax Search

ajax-searchwp

A
100

Feature-rich live search with thumbnails, smart excerpts, result grouping, and category filtering.

30 No CVEs
WDV Ajax Search

WDV Ajax Search

wdv-ajax-search

A
92

With this plugin you can create different search forms for different post types and put their shortcode on the corresponding page.

0 No CVEs
Ajax Search Lite – Live Search & Filter

Ajax Search Lite – Live Search & Filter

ajax-search-lite

A
87

The Best Ajax Live Search and Filter for WordPress. Live suggestions, Custom Post types, Custom fields, Categories, WooCommerce & Elementor support

80K 11 CVEs
Advanced Woo Search – Product Search for WooCommerce

Advanced Woo Search – Product Search for WooCommerce

advanced-woo-search

A
96

Advanced WooCommerce product search plugin. Search inside any product field. Support for both AJAX search and search results page.

70K 5 CVEs
Advanced Product Search For WooCommerce

Advanced Product Search For WooCommerce

advanced-product-search-for-woo

A
100

Popup Cart Lite for WooCommerce for WooCommerce plugin that displays popup cart for add to cart action.

4K No CVEs
Developer Profile

i-Search – Advanced Live Search Developer Profile

all4wp

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect i-Search – Advanced Live Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/i-search/front/css/i-search-style.css/wp-content/plugins/i-search/front/js/i-search-frontend.js/wp-content/plugins/i-search/front/js/jquery.livequery.min.js/wp-content/plugins/i-search/front/js/waypoints.min.js/wp-content/plugins/i-search/front/js/jquery.magnific-popup.min.js/wp-content/plugins/i-search/front/js/i-search-custom.js
Script Paths
/wp-content/plugins/i-search/front/js/i-search-frontend.js/wp-content/plugins/i-search/front/js/jquery.livequery.min.js/wp-content/plugins/i-search/front/js/waypoints.min.js/wp-content/plugins/i-search/front/js/jquery.magnific-popup.min.js/wp-content/plugins/i-search/front/js/i-search-custom.js
Version Parameters
i-search/style.css?ver=i-search/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
isrc_ago
HTML Comments
<!-- i-Search Dashboard widget class --><!-- This file is loaded only in the dashboard screen in the admin area --><!-- Constructor --><!-- is logging enabled? we show only logging data in widget. -->+3 more
Data Attributes
data-id="isrc-opt-page"data-tab="general"
JS Globals
window.i_search_optswindow.i_search_data
Shortcode Output
[isearch_live_search]
FAQ

Frequently Asked Questions about i-Search – Advanced Live Search