WP-Safety

Search Insights – Privacy-Friendly Search Analytics Security & Risk Analysis

wordpress.org/plugins/wp-search-insights

Uncover exactly what visitors search for on your site. Stop guessing what content to create, fix content gaps, and boost engagement.

3K active installs v2.1 PHP 7.0+ WP 4.8+ Updated Dec 7, 2025
contentinsightssearchsearch-analyticsstatistics
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Search Insights – Privacy-Friendly Search Analytics Safe to Use in 2026?

Generally Safe

Score 100/100

Search Insights – Privacy-Friendly Search Analytics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The wp-search-insights plugin version 2.1 exhibits a generally strong security posture with commendable practices. The plugin has no recorded vulnerability history, indicating a well-maintained and likely secure codebase over time. The static analysis reveals a robust implementation of security checks, with all identified AJAX entry points protected by authentication. Furthermore, the high percentage of prepared statements for SQL queries (94%) and properly escaped output (96%) significantly mitigates common web vulnerabilities. The presence of numerous nonce and capability checks further reinforces the secure handling of user interactions.

Despite the strong overall security, a single taint flow with an unsanitized path has been identified. This represents a potential risk, as it could lead to vulnerabilities if not handled with extreme care. While its severity is rated as 'High' and not 'Critical', it warrants attention. The presence of DataTables as a bundled library, while common, could also pose a risk if it's an outdated or vulnerable version, though this is not explicitly stated in the provided data.

In conclusion, wp-search-insights v2.1 is a securely developed plugin with a strong emphasis on protective measures. The lack of historical vulnerabilities is a significant positive. However, the single high-severity taint flow with an unsanitized path is a notable concern that should be investigated and remediated to ensure continued security.

Key Concerns

  • Flow with unsanitized path (High severity)
Vulnerabilities
None known

Search Insights – Privacy-Friendly Search Analytics Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Search Insights – Privacy-Friendly Search Analytics Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
60 prepared
Unescaped Output
11
292 escaped
Nonce Checks
14
Capability Checks
17
File Operations
3
External Requests
0
Bundled Libraries
1

Bundled Libraries

DataTables

SQL Query Safety

94% prepared64 total queries

Output Escaping

96% escaped303 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
ajax_get_content (class-admin.php:1899)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Search Insights – Privacy-Friendly Search Analytics Attack Surface

Entry Points13
Unprotected0

AJAX Handlers 13

authwp_ajax_wpsi_store_date_rangeclass-admin.php:40
authwp_ajax_wpsi_save_settingsclass-admin.php:41
authwp_ajax_wpsi_get_datatableclass-admin.php:63
authwp_ajax_wpsi_save_filter_preferenceclass-admin.php:74
authwp_ajax_wpsi_start_exportclass-export.php:33
authwp_ajax_wpsi_dismiss_review_noticeclass-review.php:64
noprivwp_ajax_wpsi_process_searchclass-search.php:44
authwp_ajax_wpsi_process_searchclass-search.php:45
authwp_ajax_wpsi_delete_termsclass-search.php:46
authwp_ajax_wpsi_ignore_termsclass-search.php:47
authwp_ajax_wpsi_store_landing_pageclass-search.php:51
noprivwp_ajax_wpsi_store_landing_pageclass-search.php:52
authwp_ajax_wpsi_cancel_tourshepherd\tour.php:16
WordPress Hooks 36
actionadmin_menuclass-admin.php:36
actionadmin_initclass-admin.php:37
actionadmin_initclass-admin.php:38
actionadmin_initclass-admin.php:39
actionadmin_initclass-admin.php:47
actionadmin_headclass-admin.php:48
actionadmin_headclass-admin.php:49
actionadmin_initclass-admin.php:53
actionadmin_initclass-admin.php:57
actionadmin_enqueue_scriptsclass-admin.php:62
actionadmin_initclass-admin.php:66
filterwp_redirectclass-admin.php:67
actionwp_dashboard_setupclass-admin.php:70
filterwpsi_popular_search_row_argsclass-admin.php:72
filterwpsi_ajax_content_exportclass-export.php:31
filterwpsi_settings_blocksclass-export.php:32
actioninitclass-review.php:27
actionadmin_initclass-review.php:28
actionadmin_noticesclass-review.php:65
actionadmin_print_footer_scriptsclass-review.php:66
actiontemplate_redirectclass-search.php:41
actionwp_enqueue_scriptsclass-search.php:43
actioninitclass-search.php:48
actionwpsi_tab_content_dashboarddashboard_tabs.php:56
actionwpsi_tab_content_settingsdashboard_tabs.php:107
actionwpsi_tab_optionsdashboard_tabs.php:171
actionadmin_enqueue_scriptsgrid\grid-enqueue.php:4
filterbbp_has_search_resultsintegrations\bbpress.php:29
actionadmin_initintegrations\toolset.php:2
filterwpsi_get_caller_by_search_parameterintegrations\toolset.php:11
actionadmin_enqueue_scriptsshepherd\tour.php:14
actionadmin_footershepherd\tour.php:15
actionplugins_loadedupgrade.php:8
actionplugins_loadedupgrade.php:79
actionplugins_loadedwp-search-insights.php:151
actionactivated_pluginwp-search-insights.php:172
Maintenance & Trust

Search Insights – Privacy-Friendly Search Analytics Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 7, 2025
PHP min version7.0
Downloads54K

Community Trust

Rating98/100
Number of ratings29
Active installs3K
Alternatives

Search Insights – Privacy-Friendly Search Analytics Alternatives

DITS Lost Search Query

DITS Lost Search Query

dits-lost-search-query

A
100

Tracks lost search queries that return no results to help improve content and SEO. Lightweight and works automatically.

20 No CVEs
Site Kit by Google – Analytics, Search Console, AdSense, Speed

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

A
100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE
GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools

GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools

getgenie

A
95

GPT-4o powered AI content writer with 37+ templates, chatbot, AI image, NLP keyword research, SEO analysis for WordPress, Gutenberg & Elementor.

70K 4 CVEs
BoldGrid Easy SEO – Simple and Effective SEO

BoldGrid Easy SEO – Simple and Effective SEO

boldgrid-easy-seo

A
99

Easy SEO helps you easily create keyword rich content and rank higher in the search engines.

50K 2 CVEs
Search Meter

Search Meter

search-meter

A
98

Search Meter tracks what your readers are searching for on your site. View full details of recent searches or stats for the last day, week or month.

20K 1 CVE
Developer Profile

Search Insights – Privacy-Friendly Search Analytics Developer Profile

Mark

1 plugin · 3K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Search Insights – Privacy-Friendly Search Analytics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-search-insights/grid/grid-enqueue.php
Script Paths
/wp-content/plugins/wp-search-insights/js/wpsi-admin.js/wp-content/plugins/wp-search-insights/js/wpsi-frontend.js
Version Parameters
wp-search-insights/grid/grid-enqueue.php?ver=wp-search-insights/js/wpsi-admin.js?ver=wp-search-insights/js/wpsi-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpsi-admin-notice
HTML Comments
<!-- Search Insights options --><!-- Search Insights Settings<!-- Search Insights: Settings Page<!-- wp_search_insights_settings_page+4 more
Data Attributes
data-wpsi-date-range
JS Globals
WPSI_Admin
REST Endpoints
/wp-json/wpsi/v1/settings/wp-json/wpsi/v1/search-data
FAQ

Frequently Asked Questions about Search Insights – Privacy-Friendly Search Analytics