Does WooSearch have any unpatched vulnerabilities?

No. All known vulnerabilities in WooSearch have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WooSearch compatible with WordPress 4.5.33?

According to WordPress.org data, WooSearch 1.0.0 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is WooSearch updated?

WooSearch was last updated on Aug 4, 2016. Frequent updates are generally a positive security signal.

What is WooSearch's security score?

WooSearch has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WooSearch Security & Risk Analysis

wordpress.org/plugins/woosearch

WooSearch is a search plugin which provides real-time ajax product search based on WooCommerce.

60 active installs v1.0.0 PHP + WP 4.4+ Updated Aug 4, 2016

ajax-searchctkproe-commerceecommercelive-searchsearch

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WooSearch Safe to Use in 2026?

Generally Safe

Score 85/100

WooSearch has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The 'woosearch' plugin v1.0.0 exhibits significant security concerns due to its large attack surface composed entirely of unprotected AJAX handlers. While the static analysis shows no critical taint flows, dangerous functions, or external HTTP requests, the absence of authentication and authorization checks on all four identified AJAX entry points presents a substantial risk. This means that any unauthenticated user could potentially interact with these handlers, leading to unintended actions or information exposure if they are not properly secured internally. The plugin also demonstrates poor output escaping practices, with only 19% of outputs being properly escaped, increasing the likelihood of Cross-Site Scripting (XSS) vulnerabilities being exploitable through the unprotected AJAX endpoints. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator but does not mitigate the immediate risks identified in the code analysis. Overall, the plugin's security posture is weak due to the high number of unprotected entry points and insufficient output sanitization, despite the absence of historically known vulnerabilities.

Key Concerns

Unprotected AJAX handlers
Low output escaping coverage

Vulnerabilities

None known

WooSearch Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WooSearch Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

80% prepared5 total queries

Output Escaping

19% escaped21 total outputs

Attack Surface

4 unprotected

WooSearch Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_woosearch_get_all_placeholderincludes\woosearch-apis.php:10

noprivwp_ajax_woosearch_get_all_placeholderincludes\woosearch-apis.php:11

authwp_ajax_woosearch_query_product_postsincludes\woosearch-apis.php:53

noprivwp_ajax_woosearch_query_product_postsincludes\woosearch-apis.php:54

WordPress Hooks 5

actioninitwoosearch.php:36

actionplugins_loadedwoosearch.php:40

actioninitwoosearch.php:72

actionadmin_menuwoosearch.php:88

actionwidgets_initwoosearch.php:169

Maintenance & Trust

WooSearch Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedAug 4, 2016

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

WooSearch Alternatives

Super Ajax Search

ajax-searchwp

Super Ajax Search enhances your website's search functionality with live search results and autocomplete features. Best ajax search plugin in wor …

20 No CVEs

Klarna for WooCommerce

klarna-payments-for-woocommerce

100

Grow your business for increased sales and enhanced shopping experiences at no extra costs.

30K 1 CVE

Ecwid by Lightspeed Ecommerce Shopping Cart

ecwid-shopping-cart

Powerful, easy to use ecommerce shopping cart for WordPress. Sell on Facebook and Instagram. iPhone & Android apps. Superb support.

20K 13 CVEs

Conversion Tracking for WooCommerce

woocommerce-conversion-tracking

Adds various conversion tracking codes to cart, checkout, registration success and product page on WooCommerce

20K 4 CVEs

Kustom Checkout for WooCommerce

klarna-checkout-for-woocommerce

The leading checkout in the Nordics, built for higher conversion and returning shoppers. Easy to integrate, supports Klarna and all popular payment me …

10K 2 CVEs

Developer Profile

WooSearch Developer Profile

sebastianhsu

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WooSearch

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woosearch/assets/js/react.min.js/wp-content/plugins/woosearch/assets/js/react-dom.min.js/wp-content/plugins/woosearch/assets/js/browser.min.js/wp-content/plugins/woosearch/assets/js/remarkable.min.js/wp-content/plugins/woosearch/assets/js/woosearch.js/wp-content/plugins/woosearch/assets/js/woosearch-apis.js/wp-content/plugins/woosearch/assets/css/woosearch.css

Script Paths

assets/js/react.min.jsassets/js/react-dom.min.jsassets/js/browser.min.jsassets/js/remarkable.min.jsassets/js/woosearch.jsassets/js/woosearch-apis.js

HTML / DOM Fingerprints

CSS Classes

side_woosearch

HTML Comments

below is for dev purpose

Data Attributes

id="woosearch-content"

JS Globals

woosearchAPIswsApiswoosearch

REST Endpoints

/wp-admin/admin-ajax.php

FAQ