Does SearchCloak have any unpatched vulnerabilities?

No. All known vulnerabilities in SearchCloak have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SearchCloak compatible with WordPress 5.0.0?

According to WordPress.org data, SearchCloak 2.1.2 has been tested up to WordPress 5.0.0. Check the plugin's changelog for the latest compatibility information.

How often is SearchCloak updated?

SearchCloak was last updated on Dec 6, 2018. Frequent updates are generally a positive security signal.

What is SearchCloak's security score?

SearchCloak has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SearchCloak Security & Risk Analysis

wordpress.org/plugins/searchcloak

Hides Pages & Posts from search results and search engine indexes.

20 active installs v2.1.2 PHP + WP 3.2.1+ Updated Dec 6, 2018

admincsegooglesearch

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SearchCloak Safe to Use in 2026?

Generally Safe

Score 85/100

SearchCloak has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "searchcloak" plugin, version 2.1.2, exhibits a strong security posture based on the provided static analysis. The absence of any identified attack surface entry points, such as AJAX handlers, REST API routes, or shortcodes, is a significant positive. Furthermore, the code signals indicate a lack of dangerous functions and a complete reliance on prepared statements for any SQL queries. The presence of nonce and capability checks further reinforces a secure coding approach.

However, a critical concern arises from the output escaping analysis. With 4 total outputs and 0% properly escaped, this indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed to users without proper sanitization is a direct vector for attackers. The vulnerability history showing no recorded CVEs is reassuring, suggesting a history of secure development or perhaps limited exposure. This history, combined with the static analysis, paints a picture of a plugin that is generally well-developed but has a significant blind spot regarding output sanitization.

In conclusion, while "searchcloak" v2.1.2 demonstrates a commendable effort in securing its entry points and data handling, the complete lack of output escaping presents a serious risk. The absence of past vulnerabilities might be a positive indicator, but it does not negate the immediate threat posed by unescaped output. A developer would need to address the output sanitization issue to significantly improve the plugin's overall security.

Key Concerns

Outputs not properly escaped

Vulnerabilities

None known

SearchCloak Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SearchCloak Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

SearchCloak Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionadd_meta_boxessearchcloak.php:89

actionsave_postsearchcloak.php:91

actioninitsearchcloak.php:394

filterpre_get_postssearchcloak.php:395

actionwp_headsearchcloak.php:397

actionget_headersearchcloak.php:400

actionwp_headsearchcloak.php:401

actionadmin_menusearchcloak_admin.php:2

actionadmin_initsearchcloak_admin.php:3

actionadmin_headsearchcloak_admin.php:4

Maintenance & Trust

SearchCloak Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.0

Last updatedDec 6, 2018

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

SearchCloak Alternatives

Search with Google

search-with-google

100

Replace WordPress default search with server-side rendered Google Custom Search results.

100 No CVEs

Nearby Places Search

nearby-places-search

Nearby Places Search: This Plugin integrates with the Google Places and GMap.

10 No CVEs

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs

$Rank Math SEO – AI SEO Tools to Dominate SEO Rankings$

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

seo-by-rank-math

Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.

3.0M 20 CVEs

Developer Profile

SearchCloak Developer Profile

firebrandllc

2 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SearchCloak

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

searchcloak-option

Data Attributes

name="post_searchcloak"id="post_searchcloak"name="searchcloak_nonce"

FAQ