WP-Safety

Snappy Search Security & Risk Analysis

wordpress.org/plugins/speedy-search

A fast, lightweight search plugin powered by TNTSearch, indexing posts for instant, accurate results.

0 active installs v1.5.2 PHP 7.4+ WP 6.5+ Updated Oct 8, 2025
instant-searchsearchsnappy-searchwoocommercewp
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Snappy Search Safe to Use in 2026?

Generally Safe

Score 100/100

Snappy Search has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The speedy-search plugin v1.5.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for all SQL queries and having a clean vulnerability history with no recorded CVEs. The absence of dangerous functions and critical taint flows is also reassuring, suggesting a generally well-written codebase with effective input sanitization.

However, significant concerns arise from its attack surface. A substantial portion of its entry points, specifically 8 out of 16, lack proper authorization checks. This includes 3 unprotected AJAX handlers and 8 REST API routes without permission callbacks. While no direct critical vulnerabilities were found in the static analysis or taint flows, this large number of unprotected endpoints presents a substantial risk of privilege escalation or unauthorized data access if a vulnerability is introduced in the future. The plugin also bundles Select2, which, if outdated, could introduce risks, though no specific version information is provided to assess this.

In conclusion, speedy-search v1.5.2 benefits from secure SQL handling and a lack of past vulnerabilities. Nevertheless, the extensive unprotected attack surface is a major weakness that requires immediate attention to mitigate potential security risks.

Key Concerns

  • Unprotected AJAX handlers
  • Unprotected REST API routes
  • Bundled library (Select2)
Vulnerabilities
None known

Snappy Search Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Snappy Search Release Timeline

v1.5.2Current
v1.5.1
v1.5.0
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.0
v1.1.0
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Snappy Search Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
6 prepared
Unescaped Output
36
207 escaped
Nonce Checks
3
Capability Checks
3
File Operations
3
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

100% prepared6 total queries

Output Escaping

85% escaped243 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
<snappy-search-advanced-search-form-stacked> (templates\snappy-search-advanced-search-form-stacked.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Snappy Search Attack Surface

Entry Points16
Unprotected8

AJAX Handlers 3

authwp_ajax_speedy_search_dismiss_notice_nonceincludes\classes\Backend\Notices.php:22
authwp_ajax_speedy_search_reindex_allincludes\classes\Backend\Reindexer.php:56
authwp_ajax_speedy_search_queryincludes\classes\Frontend\Analytics.php:21

REST API Routes 9

GET/wp-json/speedy-search/v1/products/includes\classes\Backend\API.php:32
GET/wp-json/speedy-search/v1/downloads/includes\classes\Backend\API.php:47
GET/wp-json/speedy-search/v1/posts/includes\classes\Backend\API.php:62
GET/wp-json/speedy-search/v1/pages/includes\classes\Backend\API.php:77
GET/wp-json/speedy-search-search/v1/orders/includes\classes\Backend\API.php:92
GET/wp-json/snappy-search/v1/products/includes\classes\Backend\API.php:114
GET/wp-json/snappy-search/v1/downloads/includes\classes\Backend\API.php:129
GET/wp-json/snappy-search/v1/posts/includes\classes\Backend\API.php:144
GET/wp-json/snappy-search/v1/pages/includes\classes\Backend\API.php:159

Shortcodes 4

[speedy_search_polyplugins] includes\classes\Frontend\Shortcode.php:48
[snappy_search_polyplugins] includes\classes\Frontend\Shortcode.php:49
[snappy_search_mobile_polyplugins] includes\classes\Frontend\Shortcode.php:50
[snappy_search_advanced_polyplugins] includes\classes\Frontend\Shortcode.php:51
WordPress Hooks 21
actionadmin_menuincludes\classes\Backend\Admin\Settings.php:54
actionadmin_initincludes\classes\Backend\Admin\Settings.php:55
actionadmin_initincludes\classes\Backend\Admin\Settings.php:56
actionadmin_menuincludes\classes\Backend\Admin\Settings.php:62
actionadmin_noticesincludes\classes\Backend\Admin\Settings.php:72
actionadmin_noticesincludes\classes\Backend\Admin\Settings.php:73
actionrest_api_initincludes\classes\Backend\API.php:18
actionrest_api_initincludes\classes\Backend\API.php:19
actionsnappy_search_background_workerincludes\classes\Backend\Background_Worker.php:30
actionsnappy_search_daily_background_workerincludes\classes\Backend\Background_Worker.php:31
actioncron_schedulesincludes\classes\Backend\Background_Worker.php:32
actionadmin_enqueue_scriptsincludes\classes\Backend\Enqueue.php:39
actionsave_postincludes\classes\Backend\Index_Updater.php:25
actiondelete_postincludes\classes\Backend\Index_Updater.php:26
actiontransition_post_statusincludes\classes\Backend\Index_Updater.php:27
actionwoocommerce_thankyouincludes\classes\Backend\Index_Updater.php:28
actionadmin_noticesincludes\classes\Backend\Notices.php:21
filtertheme_page_templatesincludes\classes\Frontend\Advanced_Search.php:47
filtertemplate_includeincludes\classes\Frontend\Advanced_Search.php:48
actionwp_enqueue_scriptsincludes\classes\Frontend\Enqueue.php:72
actionwpincludes\classes\Updater.php:40

Scheduled Events 4

snappy_search_background_worker
snappy_search_daily_background_worker
snappy_search_background_worker
snappy_search_daily_background_worker
Maintenance & Trust

Snappy Search Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 8, 2025
PHP min version7.4
Downloads733

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Snappy Search Alternatives

Admin Instant Search

Admin Instant Search

admin-instant-search

A
100

Search WooCommerce orders fast without having to wait for the page to load between searches.

0 No CVEs
WPC AJAX Search for WooCommerce

WPC AJAX Search for WooCommerce

wpc-ajax-search

A
100

WPC AJAX Search is an interaction search popup for WooCommerce.

1K No CVEs
AI Product Search for WooCommerce – Motive Commerce Search

AI Product Search for WooCommerce – Motive Commerce Search

motive-commerce-search

A
99

AI-powered ecommerce search for better discovery. Advanced filters, live search suggestions and more for the best WooCommerce product search.

400 1 CVE
Dynamic Data Search

Dynamic Data Search

dynamic-data-search

A
100

Fast and lightweight AJAX-powered search for WordPress with WooCommerce and Gutenberg template support.

0 No CVEs
partyks Search Connector for Bonsai

partyks Search Connector for Bonsai

partyks-search-connector-for-bonsai

A
100

Advanced WordPress search powered by Bonsai.io. WooCommerce-ready with fuzzy matching, autosuggestions, and instant results.

0 No CVEs
Developer Profile

Snappy Search Developer Profile

Poly Plugins

10 plugins · 320 total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Snappy Search

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/speedy-search/js/backend/dismiss-notices.js/wp-content/plugins/speedy-search/css/backend/settings.css/wp-content/plugins/speedy-search/css/backend/bootstrap-wrapper.min.css/wp-content/plugins/speedy-search/css/bootstrap-icons.min.css/wp-content/plugins/speedy-search/css/backend/select2.min.css/wp-content/plugins/speedy-search/css/backend/sweetalert2.min.css/wp-content/plugins/speedy-search/js/backend/settings.js/wp-content/plugins/speedy-search/js/bootstrap.min.js+6 more
Script Paths
/wp-content/plugins/speedy-search/js/backend/dismiss-notices.js/wp-content/plugins/speedy-search/js/backend/settings.js/wp-content/plugins/speedy-search/js/bootstrap.min.js/wp-content/plugins/speedy-search/js/backend/select2.min.js/wp-content/plugins/speedy-search/js/backend/sweetalert2.all.min.js/wp-content/plugins/speedy-search/js/backend/repo.js+3 more
Version Parameters
/wp-content/plugins/speedy-search/js/backend/dismiss-notices.js?ver=/wp-content/plugins/speedy-search/css/backend/settings.css?ver=/wp-content/plugins/speedy-search/css/backend/bootstrap-wrapper.min.css?ver=/wp-content/plugins/speedy-search/css/bootstrap-icons.min.css?ver=/wp-content/plugins/speedy-search/css/backend/select2.min.css?ver=/wp-content/plugins/speedy-search/css/backend/sweetalert2.min.css?ver=/wp-content/plugins/speedy-search/js/backend/settings.js?ver=/wp-content/plugins/speedy-search/js/bootstrap.min.js?ver=/wp-content/plugins/speedy-search/js/backend/select2.min.js?ver=/wp-content/plugins/speedy-search/js/backend/sweetalert2.all.min.js?ver=/wp-content/plugins/speedy-search/css/backend/repo.css?ver=/wp-content/plugins/speedy-search/js/backend/repo.js?ver=/wp-content/plugins/speedy-search/css/backend/orders.css?ver=/wp-content/plugins/speedy-search/js/backend/orders.js?ver=

HTML / DOM Fingerprints

CSS Classes
speedy-search-settingsspeedy-search-orders
JS Globals
speedy_search_objectsnappy_search_object
FAQ

Frequently Asked Questions about Snappy Search