WP-Safety

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Security & Risk Analysis

wordpress.org/plugins/searchjet-instant-search

AI-powered instant search for WordPress & WooCommerce with typo tolerance and real-time analytics.

0 active installs v1.3.6 PHP 7.4+ WP 5.5+ Updated Unknown
ajaxanalyticsinstantsearchwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Safe to Use in 2026?

Generally Safe

Score 100/100

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "searchjet-instant-search" plugin v1.3.6 exhibits a mixed security posture. While it demonstrates good practices in avoiding dangerous functions, using prepared statements for all SQL queries, and a history free of known vulnerabilities, several areas raise concerns. The significant number of REST API routes (10 out of 13) lacking permission callbacks is a substantial risk, as it exposes sensitive functionality to unauthorized users. Similarly, a high proportion of AJAX handlers (4 total, with 0 explicitly noted as unprotected, but this could be implied by the REST API findings) and a flow with an unsanitized path in the taint analysis point to potential injection or path traversal vulnerabilities if not handled carefully within the context of those unprotected endpoints.

The absence of any recorded CVEs and a clean vulnerability history suggest a generally well-maintained codebase or a lack of significant past security issues. However, the current static analysis results highlight critical areas that require immediate attention. The large attack surface presented by unprotected REST API routes and the single unsanitized path flow are the most pressing concerns. The plugin's strengths lie in its use of prepared statements and lack of dangerous functions, but these are overshadowed by the potential for unauthorized access and code execution due to insufficient access controls on its entry points. A balanced approach would involve addressing these identified weaknesses while acknowledging the existing good security practices.

Key Concerns

  • REST API routes without permission callbacks
  • Flow with unsanitized paths
  • Unprotected AJAX handlers
  • Output escaping below 100%
Vulnerabilities
None known

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
57
171 escaped
Nonce Checks
6
Capability Checks
17
File Operations
2
External Requests
31
Bundled Libraries
0

Output Escaping

75% escaped228 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
handleSettingsSubmission (includes\Admin\EnhancedSettingsPage.php:170)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
10 unprotected

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Attack Surface

Entry Points19
Unprotected10

AJAX Handlers 4

authwp_ajax_searchjet_automation_test_webhookincludes\Admin\AutomationPage.php:14
authwp_ajax_searchjet_reindex_allincludes\Admin\EnhancedSettingsPage.php:12
authwp_ajax_searchjet_enhanced_reindexincludes\Admin\EnhancedSettingsPage.php:13
authwp_ajax_searchjet_dashboard_statssearchjet.php:298

REST API Routes 13

GET/wp-json/searchjet/v1/ai/actionsincludes\AI\Router.php:26
POST/wp-json/searchjet/v1/ai/dispatchincludes\AI\Router.php:36
GET/wp-json/searchjet/v1/ai/usageincludes\API\AIAnswerEndpoint.php:23
GET/wp-json/searchjet/v1/ai-agentsincludes\API\AIController.php:13
GET/wp-json/searchjet/v1/logincludes\API\AnalyticsEndpoint.php:19
GET/wp-json/searchjet/v1/automationsincludes\API\AutomationController.php:30
GET/wp-json/searchjet/v1/automations/definitionsincludes\API\AutomationController.php:38
GET/wp-json/searchjet/v1/automations/settingsincludes\API\AutomationController.php:46
GET/wp-json/searchjet/v1/automations/run-dailyincludes\API\AutomationController.php:63
GET/wp-json/searchjet/v1/automations/test-dispatchincludes\API\AutomationController.php:72
GET/wp-json/searchjet/v1/analytics/clickincludes\API\ClickAnalyticsEndpoint.php:21
POST/wp-json/searchjet/v1/eventincludes\Rest\EventsController.php:27
GET/wp-json/searchjet/v1/healthsearchjet.php:352

Shortcodes 2

[searchjet_federated] includes\Shortcodes\FederatedSearch.php:7
[searchjet_form] includes\Shortcodes\SearchForm.php:11
WordPress Hooks 70
actionadmin_initincludes\Admin\AgentsPage.php:10
actionadmin_enqueue_scriptsincludes\Admin\AgentsPage.php:11
actionadmin_initincludes\Admin\AutomationPage.php:10
actionadmin_enqueue_scriptsincludes\Admin\AutomationPage.php:11
actionwp_dashboard_setupincludes\Admin\DashboardWidget.php:7
actionadmin_menuincludes\Admin\DocumentationPage.php:7
actionadmin_enqueue_scriptsincludes\Admin\DocumentationPage.php:8
actionadmin_menuincludes\Admin\EnhancedSettingsPage.php:10
actionadmin_initincludes\Admin\EnhancedSettingsPage.php:11
actionadmin_enqueue_scriptsincludes\Admin\EnhancedSettingsPage.php:14
actionadmin_initincludes\Admin\SearchUISettingsPage.php:6
actionadmin_menuincludes\AI\AgentManager.php:19
actionadmin_post_searchjet_save_agentsincludes\AI\AgentManager.php:20
actionadmin_enqueue_scriptsincludes\AI\AgentManager.php:21
filtersearchjet/ai/actionsincludes\AI\Agents\MerchandisingAgent.php:248
filtersearchjet/ai/agentsincludes\AI\Agents\MerchandisingAgent.php:257
actionrest_api_initincludes\AI\Router.php:21
actionrest_api_initincludes\API\AIAnswerEndpoint.php:18
actionrest_api_initincludes\API\AIController.php:12
actionrest_api_initincludes\API\AnalyticsEndpoint.php:15
actionrest_api_initincludes\API\AutomationController.php:25
actionrest_api_initincludes\API\ClickAnalyticsEndpoint.php:17
actionsave_postincludes\API\IndexSync.php:11
actiondelete_postincludes\API\IndexSync.php:12
actionrest_api_initincludes\API\RestController.php:28
actionrest_api_initincludes\API\RestController.php:31
actionplugins_loadedincludes\Automations\Manager.php:51
actionadmin_initincludes\Automations\Manager.php:85
actionsearchjet_index_completedincludes\Automations\Manager.php:88
actionsearchjet_zero_resultincludes\Automations\Manager.php:91
actionsearchjet_dispatch_automationincludes\Automations\Manager.php:94
filtercron_schedulesincludes\Automations\Runner.php:25
actioninitincludes\Automations\Runner.php:28
actionadmin_post_searchjet_run_automations_nowincludes\Automations\Runner.php:34
filtercron_schedulesincludes\Automations\Schedules.php:11
actioninitincludes\Automations\Schedules.php:12
actionwp_enqueue_scriptsincludes\Frontend\SearchOverride.php:9
actionwp_headincludes\Frontend\SearchOverride.php:10
filtersearchjet_index_documentincludes\Integrations\AcfSupport.php:12
filtersearchjet_index_documentincludes\Integrations\AstraSupport.php:11
filtersearchjet_index_documentincludes\Integrations\ElementorSupport.php:12
filtersearchjet_index_documentincludes\Integrations\GutenbergSupport.php:12
filtersearchjet_index_documentincludes\Integrations\JetEngineSupport.php:12
actionadmin_noticesincludes\Integrations\JetEngineSupport.php:14
filtersearchjet_index_documentincludes\Integrations\SeoPluginSupport.php:7
filtersearchjet_index_documentincludes\Integrations\WPMLSupport.php:11
actioninitincludes\Plugin.php:28
actioninitincludes\Plugin.php:29
actioninitincludes\Plugin.php:30
actioninitincludes\Plugin.php:31
actioninitincludes\Plugin.php:32
actiontemplate_redirectincludes\Plugin.php:35
actionwp_enqueue_scriptsincludes\Plugin.php:37
actionrest_api_initincludes\Plugin.php:38
actionrest_api_initincludes\Plugin.php:39
actionrest_api_initincludes\Plugin.php:40
actionsearchjet_send_log_batchincludes\Plugin.php:83
actionsearchjet_send_click_batchincludes\Plugin.php:84
actionwp_headincludes\Plugin.php:288
actionrest_api_initincludes\Rest\EventsController.php:19
actionwp_enqueue_scriptsincludes\Shortcodes\FederatedSearch.php:8
actionplugins_loadedsearchjet.php:67
actioninitsearchjet.php:68
actionbefore_woocommerce_initsearchjet.php:80
filterplugin_row_metasearchjet.php:249
actionadmin_noticessearchjet.php:278
actionadmin_bar_menusearchjet.php:328
actionadmin_enqueue_scriptssearchjet.php:345
actionrest_api_initsearchjet.php:366
actionwp_dashboard_setupsearchjet.php:382

Scheduled Events 3

searchjet_send_log_batch
searchjet_send_click_batch
searchjet_send_log_batch
Maintenance & Trust

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedUnknown
PHP min version7.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Alternatives

Ivory Search – WordPress Search Plugin

Ivory Search – WordPress Search Plugin

add-search-to-menu

A
95

Advanced WordPress custom search plugin. Provides Search Form Customizer, WooCommerce Search, AJAX Search & Live Search support!

100K 11 CVEs
FiboSearch – Ajax Search for WooCommerce

FiboSearch – Ajax Search for WooCommerce

ajax-search-for-woocommerce

A
96

The most popular WooCommerce product search plugin. Gives your users a well-designed advanced AJAX search bar with live search suggestions.

100K 3 CVEs
Smart WooCommerce Search

Smart WooCommerce Search

smart-woocommerce-search

A
100

Ideal Product Search plugin for WooCommerce shops that enhances users' experience with a live search feature.

6K 1 CVE
Jetpack Search

Jetpack Search

jetpack-search

A
100

Easily add cloud-powered instant search and filters to your website or WooCommerce store with advanced algorithms that boost your search results based …

5K No CVEs
Advanced Product Search For WooCommerce

Advanced Product Search For WooCommerce

advanced-product-search-for-woo

A
100

Popup Cart Lite for WooCommerce for WooCommerce plugin that displays popup cart for add to cart action.

4K No CVEs
Developer Profile

SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress Developer Profile

Maidul

10 plugins · 1K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
126 days
View full developer profile
Detection Fingerprints

How We Detect SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/searchjet-instant-search/build/assets/css/admin.css/wp-content/plugins/searchjet-instant-search/build/assets/css/frontend.css/wp-content/plugins/searchjet-instant-search/build/assets/js/frontend.js
Script Paths
/wp-content/plugins/searchjet-instant-search/build/assets/js/frontend.js
Version Parameters
searchjet-instant-search/build/assets/css/admin.css?ver=searchjet-instant-search/build/assets/css/frontend.css?ver=searchjet-instant-search/build/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
searchjet-search-formsearchjet-search-inputsearchjet-search-buttonsearchjet-results-containersearchjet-result-itemsearchjet-result-thumbnailsearchjet-result-titlesearchjet-result-price+6 more
Data Attributes
data-searchjet-api-keydata-searchjet-project-iddata-searchjet-search-iddata-searchjet-placeholderdata-searchjet-min-charsdata-searchjet-max-results+11 more
JS Globals
SearchJet
FAQ

Frequently Asked Questions about SearchJetEngine – AI-Powered Instant Search for WooCommerce & WordPress