WP-Safety

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Security & Risk Analysis

wordpress.org/plugins/searchfiltersort

SearchFilterSort adds powerful AJAX-based search, filtering, and sorting to any WordPress post type, giving users fast and accurate results.

0 active installs v1.1.3 PHP 7.4+ WP 5.8+ Updated Mar 18, 2026
ajax-filterfilterproduct-filtersearchsort
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "searchfiltersort" plugin, in version 1.1.2, exhibits a generally good security posture with a low risk profile. The vast majority of SQL queries utilize prepared statements, output escaping is handled well in most cases, and there's a commendable lack of known vulnerabilities. The presence of capability checks for most entry points is also a positive sign. However, a significant concern arises from the attack surface analysis, which reveals one AJAX handler operating without authentication checks. This creates a potential entry point for unauthorized actions if the handler performs sensitive operations.

Taint analysis indicates no critical or high-severity unsanitized flows, which is reassuring. The plugin also demonstrates a commitment to security by implementing nonce checks and capability checks. Despite the single unprotected AJAX handler, the overall history of zero known CVEs and a lack of common vulnerability types suggests a well-maintained codebase by its developers. The plugin's strengths lie in its robust SQL practices and good output escaping. The primary weakness is the single unprotected AJAX endpoint, which warrants attention for a truly secure implementation.

Key Concerns

  • Unprotected AJAX handler
Vulnerabilities
None known

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Release Timeline

v1.1.3Current
v1.1.2
v1.1.1
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
43 prepared
Unescaped Output
167
669 escaped
Nonce Checks
4
Capability Checks
11
File Operations
4
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

96% prepared45 total queries

Output Escaping

80% escaped836 total outputs
Data Flows · Security
4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths
redirectCanonical (src\WpManager.php:127)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Attack Surface

Entry Points11
Unprotected1

AJAX Handlers 5

authwp_ajax_sfswp-delete-filtersrc\Admin\SFSFields.php:46
authwp_ajax_sfswp-load-exclude-termssrc\Admin\SFSFields.php:47
authwp_ajax_sfswp_get_date_formatssrc\Admin\SFSFields.php:48
authwp_ajax_sfswp-validate-filterssrc\Admin\SFSFields.php:49
authwp_ajax_install_and_activate_pluginsrc\Plugin.php:137

Shortcodes 6

[fe_open_widget] src\Admin\Shortcodes.php:13
[fe_open_button] src\Admin\Shortcodes.php:14
[fe_chips] src\Admin\Shortcodes.php:15
[fe_sort] src\Admin\Shortcodes.php:16
[searchfiltersort] src\Admin\Shortcodes.php:17
[fe_posts_found] src\Admin\Shortcodes.php:18
WordPress Hooks 152
actioninitsearchfiltersort.php:135
actioninitsearchfiltersort.php:137
actioninitsearchfiltersort.php:139
actionafter_setup_themesearchfiltersort.php:141
actionafter_switch_themesearchfiltersort.php:147
actionadmin_menusrc\Admin\Admin.php:16
actionpre_post_updatesrc\Admin\Admin.php:20
actionsave_postsrc\Admin\Admin.php:21
actioninitsrc\Admin\Admin.php:23
actionadmin_initsrc\Admin\Admin.php:25
filtersfswp_general_filters_settingssrc\Admin\Admin.php:27
actionload-post.phpsrc\Admin\Admin.php:36
actionload-edit.phpsrc\Admin\Admin.php:37
actionload-post-new.phpsrc\Admin\Admin.php:38
actionpre_get_postssrc\Admin\AdminHooks.php:19
actionadmin_noticessrc\Admin\AdminHooks.php:21
actionadmin_noticessrc\Admin\AdminHooks.php:22
actioncurrent_screensrc\Admin\AdminHooks.php:26
actionsfswp_admin_toolbar_rightsrc\Admin\AdminHooks.php:27
actionin_admin_headersrc\Admin\AdminHooks.php:115
actionadmin_headsrc\Admin\MetaBoxes.php:14
filtersfswp_input_type_selectsrc\Admin\SFSFields.php:43
filtersfswp_input_type_radiosrc\Admin\SFSFields.php:44
actionafter_delete_postsrc\Admin\SFSFields.php:50
filterpre_wp_unique_post_slugsrc\Admin\SFSFields.php:1780
filtersfswp_input_type_selectsrc\Admin\SFSSet.php:335
actionadmin_print_scriptssrc\Admin\SFSSet.php:336
filterpost_updated_messagessrc\Admin\SFSSet.php:338
filterbulk_post_updated_messagessrc\Admin\SFSSet.php:339
filterpage_row_actionssrc\Admin\SFSSet.php:341
filterpage_row_actionssrc\Admin\SFSSet.php:344
actionrestrict_manage_postssrc\Admin\SFSSet.php:347
filterpre_wp_unique_post_slugsrc\Admin\SFSSet.php:973
actionsave_postsrc\Admin\SFSSet.php:1010
filterpre_wp_unique_post_slugsrc\Admin\SFSSet.php:1059
actionwidgets_initsrc\Admin\Widgets.php:13
filterdo_parse_requestsrc\Plugin.php:45
filterdo_parse_requestsrc\Plugin.php:47
actionparse_requestsrc\Plugin.php:50
actionpre_get_postssrc\Plugin.php:51
filterposts_wheresrc\Plugin.php:53
filterpost_limits_requestsrc\Plugin.php:54
actionpre_get_postssrc\Plugin.php:55
actiontemplate_redirectsrc\Plugin.php:57
actionsfswp_filtered_query_endsrc\Plugin.php:59
actionsfswp_all_set_wp_queried_postssrc\Plugin.php:60
filterposts_wheresrc\Plugin.php:62
actionwoocommerce_product_querysrc\Plugin.php:65
filterposts_searchsrc\Plugin.php:66
actionbody_classsrc\Plugin.php:73
actionadmin_print_stylessrc\Plugin.php:75
actionadmin_print_scriptssrc\Plugin.php:76
actionwp_headsrc\Plugin.php:80
actionwp_print_stylessrc\Plugin.php:81
actionwp_print_scriptssrc\Plugin.php:82
actionwp_print_stylessrc\Plugin.php:83
actionwp_footersrc\Plugin.php:86
actionwp_headsrc\Plugin.php:89
filtersfswp_filter_set_default_fieldssrc\Plugin.php:90
filtersfswp_pre_save_set_fieldssrc\Plugin.php:91
filtersfswp_filter_set_default_fieldssrc\Plugin.php:94
filterwoocommerce_redirect_single_search_resultsrc\Plugin.php:97
actionsave_postsrc\Plugin.php:99
actiondelete_postsrc\Plugin.php:100
actionwoocommerce_ajax_save_product_variationssrc\Plugin.php:101
actionsfswp_before_filter_set_settings_fieldssrc\Plugin.php:107
filtersfswp_filter_set_prepared_valuessrc\Plugin.php:108
actionsfswp_cycle_filter_fieldssrc\Plugin.php:110
actioninitsrc\PostTypes.php:13
actionadmin_initsrc\Settings\Tabs\ExperimentalTab.php:23
actionadmin_initsrc\Settings\Tabs\ImportExportTab.php:19
actionadmin_noticessrc\Settings\Tabs\ImportExportTab.php:20
actionadmin_noticessrc\Settings\Tabs\ImportExportTab.php:21
actionsfswp_import_button_infosrc\Settings\Tabs\ImportExportTab.php:22
actionadmin_initsrc\Settings\Tabs\PermalinksTab.php:24
filtersfswp_pre_save_filtersrc\Settings\Tabs\PermalinksTab.php:25
filtersfswp_after_get_filtersrc\Settings\Tabs\PermalinksTab.php:26
actionafter_delete_postsrc\Settings\Tabs\PermalinksTab.php:28
filterpre_update_optionsrc\Settings\Tabs\PermalinksTab.php:30
actionsfswp_after_settings_fields_titlesrc\Settings\Tabs\PermalinksTab.php:32
actionsfswp_after_sections_settings_fieldssrc\Settings\Tabs\PermalinksTab.php:62
actionadmin_initsrc\Settings\Tabs\SettingsTab.php:21
filtersfswp_label_singular_posts_found_msgsrc\sfswp-default-hooks.php:10
filtersfswp_label_plural_posts_found_msgsrc\sfswp-default-hooks.php:11
actioninitsrc\sfswp-default-hooks.php:13
filtersfswp_filter_post_meta_num_term_namesrc\sfswp-default-hooks.php:17
filtersfswp_filter_post_meta_term_namesrc\sfswp-default-hooks.php:18
filtersfswp_filter_tax_numeric_term_namesrc\sfswp-default-hooks.php:19
filtersfswp_filter_post_meta_exists_term_namesrc\sfswp-default-hooks.php:20
filtersfswp_filter_post_meta_term_namesrc\sfswp-default-hooks.php:21
filtersfswp_filter_post_meta_exists_term_namesrc\sfswp-default-hooks.php:22
filtersfswp_filter_taxonomy_term_namesrc\sfswp-default-hooks.php:23
filtersfswp_filter_term_query_argssrc\sfswp-default-hooks.php:24
filtersfswp_filter_get_taxonomy_termssrc\sfswp-default-hooks.php:25
filtersfswp_filter_author_query_post_typessrc\sfswp-default-hooks.php:26
filtersfswp_filter_post_typessrc\sfswp-default-hooks.php:27
actionsfswp_after_filter_inputsrc\sfswp-default-hooks.php:28
filtersfswp_filters_checkbox_term_htmlsrc\sfswp-default-hooks.php:29
filtersfswp_filters_radio_term_htmlsrc\sfswp-default-hooks.php:30
filtersfswp_filters_label_term_htmlsrc\sfswp-default-hooks.php:31
filtersfswp_taxonomy_location_termssrc\sfswp-default-hooks.php:32
filtersfswp_set_num_shiftsrc\sfswp-default-hooks.php:33
filtersfswp_pre_save_set_fieldssrc\sfswp-default-hooks.php:235
filtersfswp_dropdown_option_attrsrc\sfswp-default-hooks.php:303
filtersfswp_unnecessary_get_parameterssrc\sfswp-default-hooks.php:314
filtersfswp_posts_containerssrc\sfswp-default-hooks.php:339
filtersfswp_seo_titlesrc\sfswp-default-hooks.php:349
filtersfswp_seo_descriptionsrc\sfswp-default-hooks.php:350
filtersfswp_seo_h1src\sfswp-default-hooks.php:351
filtersfswp_filter_classessrc\sfswp-default-hooks.php:398
filtersfswp_filter_classessrc\sfswp-default-hooks.php:407
actionsfswp_all_set_wp_queried_postssrc\sfswp-default-hooks.php:436
filtersfswp_chips_term_namesrc\sfswp-default-hooks.php:459
filterquery_loop_block_query_varssrc\sfswp-default-hooks.php:491
filtersfswp_settings_field_checkboxsrc\sfswp-default-hooks.php:514
filtersfswp_input_type_checkboxsrc\sfswp-default-hooks.php:526
actionsfswp_after_filter_inputsrc\sfswp-default-hooks.php:544
filtersfs_before_render_admin_select_optionsrc\sfswp-default-hooks.php:557
filtersfswp_set_min_maxsrc\sfswp-default-hooks.php:596
actionwoocommerce_before_shop_loopsrc\sfswp-third-party.php:43
actionwoocommerce_no_products_foundsrc\sfswp-third-party.php:44
actionwpsrc\sfswp-third-party.php:355
filtersfswp_theme_posts_containersrc\sfswp-third-party.php:385
filtersfswp_theme_colorsrc\sfswp-third-party.php:388
filtersfswp_pre_save_filtersrc\sfswp-third-party.php:392
filtersfswp_default_sorting_termssrc\sfswp-third-party.php:393
actioninitsrc\sfswp-third-party.php:397
actionelementor/editor/before_enqueue_scriptssrc\sfswp-third-party.php:422
actionafter_setup_themesrc\sfswp-third-party.php:458
filterpll_get_post_typessrc\sfswp-third-party.php:461
actioninitsrc\sfswp-third-party.php:481
filtersfswp_set_num_shiftsrc\sfswp-third-party.php:487
filtersfswp_unset_num_shiftsrc\sfswp-third-party.php:507
filtersfswp_set_num_shiftsrc\sfswp-third-party.php:536
filtersfswp_unset_num_shiftsrc\sfswp-third-party.php:560
filterelementor/widget/render_contentsrc\sfswp-third-party.php:697
filtersfswp_remove_pagination_basesrc\sfswp-third-party.php:745
actionsfswp_filtered_query_endsrc\Sorting.php:78
filterposts_clausessrc\Sorting.php:158
filterposts_clausessrc\Sorting.php:165
actionadmin_initsrc\Swatches.php:21
actiontemplate_redirectsrc\Swatches.php:22
actioncurrent_screensrc\Swatches.php:49
filtersfswp_filter_classessrc\Swatches.php:68
filtersfswp_filters_radio_term_htmlsrc\Swatches.php:70
filtersfswp_filters_checkbox_term_htmlsrc\Swatches.php:71
filtersfswp_filters_label_term_htmlsrc\Swatches.php:72
actionedited_termsrc\Swatches.php:127
actioncreated_termsrc\Swatches.php:128
actionedited_termsrc\Swatches.php:135
actioncreated_termsrc\Swatches.php:136
actiontemplate_redirectsrc\WpManager.php:69
Maintenance & Trust

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 18, 2026
PHP min version7.4
Downloads656

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Alternatives

Themify – WooCommerce Product Filter

Themify – WooCommerce Product Filter

themify-wc-product-filter

A
86

This plugin helps shoppers quickly find products in your WooCommerce shop by filtering through price, categories, attributes, tags, and more.

20K 6 CVEs
HUSKY – Products Filter Professional for WooCommerce

HUSKY – Products Filter Professional for WooCommerce

woocommerce-products-filter

B
76

HUSKY - WooCommerce Products Filter Professional (former name is WOOF) – flexible, easy and robust professional filter for products for WooCommerce

90K 23 CVEs
Filter Everything — WordPress & WooCommerce Filters

Filter Everything — WordPress & WooCommerce Filters

filter-everything

A
100

The most flexible filters plugin for WordPress & WooCommerce – filter anything.

50K No CVEs
Category AJAX Filter – Advanced Filter for Posts & Custom Post Types

Category AJAX Filter – Advanced Filter for Posts & Custom Post Types

category-ajax-filter

A
97

Filter WordPress posts and custom post types by categories, tags, and taxonomies with AJAX-powered filtering — no page reload required.

6K 1 CVE
annasta Filters for WooCommerce

annasta Filters for WooCommerce

annasta-woocommerce-product-filters

A
100

All-in-one products search and filtering solution for your WooCommerce shop with rich features and customization options.

2K No CVEs
Developer Profile

SearchFilterSort – Search Filter Sort for WordPress & WooCommerce Developer Profile

Creative Werk Designs

7 plugins · 3K total installs

98
trust score
Avg Security Score
97/100
Avg Patch Time
4 days
View full developer profile
Detection Fingerprints

How We Detect SearchFilterSort – Search Filter Sort for WordPress & WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/searchfiltersort/assets/css/frontend.css/wp-content/plugins/searchfiltersort/assets/css/frontend-chips.css/wp-content/plugins/searchfiltersort/assets/css/frontend-swatches.css/wp-content/plugins/searchfiltersort/assets/css/frontend-sorting.css/wp-content/plugins/searchfiltersort/assets/js/frontend.js/wp-content/plugins/searchfiltersort/assets/js/frontend-chips.js/wp-content/plugins/searchfiltersort/assets/js/frontend-swatches.js/wp-content/plugins/searchfiltersort/assets/js/frontend-sorting.js+1 more
Script Paths
/wp-content/plugins/searchfiltersort/assets/js/frontend.js/wp-content/plugins/searchfiltersort/assets/js/frontend-chips.js/wp-content/plugins/searchfiltersort/assets/js/frontend-swatches.js/wp-content/plugins/searchfiltersort/assets/js/frontend-sorting.js/wp-content/plugins/searchfiltersort/assets/js/frontend-animations.js
Version Parameters
searchfiltersort/assets/css/frontend.css?ver=searchfiltersort/assets/css/frontend-chips.css?ver=searchfiltersort/assets/css/frontend-swatches.css?ver=searchfiltersort/assets/css/frontend-sorting.css?ver=searchfiltersort/assets/js/frontend.js?ver=searchfiltersort/assets/js/frontend-chips.js?ver=searchfiltersort/assets/js/frontend-swatches.js?ver=searchfiltersort/assets/js/frontend-sorting.js?ver=searchfiltersort/assets/js/frontend-animations.js?ver=

HTML / DOM Fingerprints

CSS Classes
sfs-widget-titlesfs-filter-wrappersfs-apply-filterssfs-chips-containersfs-swatches-containersfs-sorting-containersfs-reset-filterssfs-active-filters-count
HTML Comments
<!-- SFSwp start --><!-- SFSwp end --><!-- SFSwp PRO -->
Data Attributes
data-sfs-filter-iddata-sfs-field-typedata-sfs-field-iddata-sfs-tax-iddata-sfs-meta-keydata-sfs-set-id+1 more
JS Globals
sfs_dataSFS_Configsfs_plugin_urlsfs_plugin_versionsfs_filter_params
REST Endpoints
/wp-json/searchfiltersort/v1/update_filter
Shortcode Output
[search_filter_sort][sfs_filters][sfs_chips][sfs_sorting]
FAQ

Frequently Asked Questions about SearchFilterSort – Search Filter Sort for WordPress & WooCommerce