Does Staff/Employee Business Directory for Active Directory have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Staff/Employee Business Directory for Active Directory compatible with WordPress 6.9.4?

According to WordPress.org data, Staff/Employee Business Directory for Active Directory 1.4.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Staff/Employee Business Directory for Active Directory compatible with PHP 5.6.0+?

Staff/Employee Business Directory for Active Directory requires PHP 5.6.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Staff/Employee Business Directory for Active Directory Security & Risk Analysis

wordpress.org/plugins/ldap-ad-staff-employee-directory-search

Search and Display Users / Staff / Employees present in your LDAP / Active Directory on your WordPress site using a shortcode. [24/7] Support Provided

30 active installs v1.4.4 PHP 5.6.0+ WP 5.0+ Updated Feb 6, 2026

active-directory-searchbusiness-directoryemployee-directoryldap-searchsearch-widget

A · Safe

CVEs total2

Unpatched0

Last CVESep 25, 2023

Download

Safety Verdict

Is Staff/Employee Business Directory for Active Directory Safe to Use in 2026?

Generally Safe

Score 99/100

Staff/Employee Business Directory for Active Directory has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: Sep 25, 2023Updated 3mo ago

Risk Assessment

The plugin 'ldap-ad-staff-employee-directory-search' v1.4.4 presents a mixed security posture. On the positive side, it exhibits strong defensive coding practices, with a high percentage of properly escaped outputs and the complete absence of raw SQL queries, all of which are handled using prepared statements. The plugin also demonstrates a good understanding of WordPress security by implementing numerous nonce checks, indicating an effort to prevent common cross-site request forgery attacks. The static analysis shows no critical or high-severity issues in taint flows and a remarkably small attack surface with no unprotected entry points.

Key Concerns

2 known medium/low vulnerabilities
Vulnerability types: Missing Auth, Improper Encoding
5 external HTTP requests
2 unsanitized paths in taint flows

Vulnerabilities

2 published

Staff/Employee Business Directory for Active Directory Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

Low

2 total CVEs

CVE-2023-4505low · 2.2Missing Authentication for Critical Function

Staff / Employee Business Directory for Active Directory <= 1.2.3 - Authenticated (Admin+) LDAP Passback

Sep 25, 2023 Patched in 1.3 (120d)

CVE-2023-4757medium · 5.4Improper Encoding or Escaping of Output

Staff / Employee Business Directory for Active Directory <= 1.2.1 - Insufficient Escaping of Stored LDAP Values

Sep 8, 2023 Patched in 1.2.3 (137d)

Version History

Staff/Employee Business Directory for Active Directory Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Staff/Employee Business Directory for Active Directory Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

249 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

97% escaped258 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

8 flows2 with unsanitized paths

show_search_bases_list (class-mo-ldap-directory-search-config.php:87)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Staff/Employee Business Directory for Active Directory Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_dir_search_fetch_recordsmo-ldap-directory-search.php:49

noprivwp_ajax_dir_search_fetch_recordsmo-ldap-directory-search.php:50

Shortcodes 1

[miniorange_ldap_directory_search] mo-ldap-directory-search.php:48

WordPress Hooks 7

actionadmin_menumo-ldap-directory-search.php:44

actionadmin_initmo-ldap-directory-search.php:45

actioninitmo-ldap-directory-search.php:46

actionadmin_enqueue_scriptsmo-ldap-directory-search.php:47

actionadmin_footermo-ldap-directory-search.php:55

actionadmin_noticesmo-ldap-directory-search.php:998

actionadmin_noticesmo-ldap-directory-search.php:1008

Maintenance & Trust

Staff/Employee Business Directory for Active Directory Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 6, 2026

PHP min version5.6.0

Downloads4K

Community Trust

Rating100/100

Number of ratings16

Active installs30

Alternatives

Staff/Employee Business Directory for Active Directory Alternatives

Employee Directory – Staff Directory and Listing

employee-staff-directory

WordPress Employee Directory plugin builds Employee directory, Member/Staff directory, Employee listings & displays the Staff list [24/7 SUPPORT]

20 1 CVE

Directorist: AI-Powered Business Directory, Listings & Classified Ads

directorist

Build any type of directory website such as a business directory, job directory, classifieds directory, and more with this WordPress directory plugin.

20K 21 CVEs

Business Directory Plugin – Easy Listing Directories for WordPress

business-directory-plugin

The easy Business Directory Plugin for WordPress. Build an easy team directory, member directory, staff directory, church directory, and more.

10K 16 CVEs

Classified Listing – AI-Powered Classified ads & Business Directory Plugin

classified-listing

A Classified ads and Business Directory plugin for WordPress, to create classified listing, real estate directory, local business directory, and more.

10K 18 CVEs

GeoDirectory – WP Business Directory Plugin and Classified Listings Directory

geodirectory

A superb WordPress Business Directory plugin to create a local business directory, classified ads directory, or job listings board.

10K 17 CVEs

Developer Profile

Staff/Employee Business Directory for Active Directory Developer Profile

miniOrange

41 plugins · 83K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

324 days

View full developer profile

Detection Fingerprints

How We Detect Staff/Employee Business Directory for Active Directory

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ldap-ad-staff-employee-directory-search/includes/fonts/css/font-awesome.min.css/wp-content/plugins/ldap-ad-staff-employee-directory-search/includes/js/mo-ldap-directory-search-plugin.min.js/wp-content/plugins/ldap-ad-staff-employee-directory-search/includes/css/mo-ldap-directory-search-page.min.css

Script Paths

includes/fonts/css/font-awesome.min.cssincludes/js/mo-ldap-directory-search-plugin.min.jsincludes/css/mo-ldap-directory-search-page.min.css

Version Parameters

ldap-ad-staff-employee-directory-search/includes/fonts/css/font-awesome.min.css?ver=ldap-ad-staff-employee-directory-search/includes/js/mo-ldap-directory-search-plugin.min.js?ver=ldap-ad-staff-employee-directory-search/includes/css/mo-ldap-directory-search-page.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

mo-ldap-ds-feedback-form-wrappermo-ldap-ds-feedback-form

HTML Comments

<!-- This plugin allows you to search and display the users present in your Active Directory on a WordPress webpage using a shortcode. -->

+7 more

Data Attributes

data-site-urldata-styling-arraydata-ajax-nonce

JS Globals

mo_ldap_ds_search_data

Shortcode Output

[miniorange_ldap_directory_search]

FAQ