Does Searchy have any unpatched vulnerabilities?

No. All known vulnerabilities in Searchy have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Searchy compatible with WordPress 4.2.39?

According to WordPress.org data, Searchy 1,0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Searchy updated?

Searchy was last updated on Jul 13, 2015. Frequent updates are generally a positive security signal.

What is Searchy's security score?

Searchy has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Searchy Security & Risk Analysis

wordpress.org/plugins/searchy

An AJAX Search Engine allowing different criterias for sorting and filtering your posts. Use via simple shortcodes and few settings.

10 active installs v1,0 PHP + WP 3.0.1+ Updated Jul 13, 2015

ajaxcategoryfiltersearchtag

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Searchy Safe to Use in 2026?

Generally Safe

Score 85/100

Searchy has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "searchy" v1.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates a lack of critical code signals such as dangerous functions, raw SQL queries, file operations, and external HTTP requests. Furthermore, the absence of any recorded vulnerability history, including CVEs, suggests a potentially stable and well-maintained codebase. However, a significant concern arises from the complete lack of proper output escaping across all identified output points. This indicates a high likelihood of cross-site scripting (XSS) vulnerabilities, as user-supplied data could be rendered directly in the browser without sanitization. The presence of taint flows with unsanitized paths, even without critical severity, further reinforces this concern and suggests potential pathways for malicious input to reach vulnerable output points.

Key Concerns

0% properly escaped output
1 unsanitized path in taint analysis
0 nonce checks present

Vulnerabilities

None known

Searchy Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Searchy Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped19 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<perform-search> (searchybits\perform-search.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Searchy Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[searchy_filter] index.php:68

[searchy_results] index.php:140

WordPress Hooks 4

actionwp_enqueue_scriptsindex.php:34

actionwp_loadedindex.php:36

actionadmin_menusearchybits\options-panel.php:5

actionadmin_initsearchybits\options-panel.php:8

Maintenance & Trust

Searchy Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedJul 13, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Searchy Alternatives

Findit Post Search and Filter

findit-post-search-and-filter

100

A clean, responsive AJAX-powered search plugin for WordPress posts with keyword highlighting, category/tag filtering, and load more pagination.

0 No CVEs

Search & Filter

search-filter

Search and Filtering for Custom Posts, Categories, Tags, Taxonomies, Post Dates and Post Types

50K 2 CVEs

Category AJAX Filter – Advanced Filter for Posts & Custom Post Types

category-ajax-filter

Filter WordPress posts and custom post types by categories, tags, and taxonomies with AJAX-powered filtering — no page reload required.

6K 1 CVE

Ajaxify Filters

ajaxify-filters

Ajaxify your filters without wasting time in page load

10 No CVEs

Advance Ajax Live Search

advance-search-ajax

100

Search By Author-Tag-Cats-Date And Keyword.

0 No CVEs

Developer Profile

Searchy Developer Profile

livecanvas

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Searchy

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/searchy/searchy.js/wp-content/plugins/searchy/searchy.css

Script Paths

/wp-content/plugins/searchy/searchy.js

Version Parameters

searchy/style.css?ver=searchy/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

searchy-load-bubblesearchy-search-resultssearchy-filter-overlayersearchy-res-thumb

HTML Comments

+6 more

Data Attributes

data-sortbydata-sortby-fielddata-toggle="buttons"data-searchy_sortby_hiddendata-searchy_sortby_field_hidden

Shortcode Output

<div id="searchy-sorting" class="pull-right"><div class="btn-group" data-toggle="buttons"><div class="searchy-load-bubble"><div id="searchy-search-results">

FAQ