Does Яндекс.ПДС Пингер / Yandex Site search pinger have any unpatched vulnerabilities?

Yes — Яндекс.ПДС Пингер / Yandex Site search pinger currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Яндекс.ПДС Пингер / Yandex Site search pinger compatible with WordPress 3.7.41?

According to WordPress.org data, Яндекс.ПДС Пингер / Yandex Site search pinger 1.5 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Яндекс.ПДС Пингер / Yandex Site search pinger updated?

Яндекс.ПДС Пингер / Yandex Site search pinger was last updated on Dec 17, 2013. Frequent updates are generally a positive security signal.

What is Яндекс.ПДС Пингер / Yandex Site search pinger's security score?

Яндекс.ПДС Пингер / Yandex Site search pinger has a WP-Safety security score of 63/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Яндекс.ПДС Пингер / Yandex Site search pinger Security & Risk Analysis

wordpress.org/plugins/yandex-pinger

Яндекс.Поиск для сайта является простым, но эффективным решением для организации поиска для вашего сайта. Он предлагает релевантные результаты поиска, …

900 active installs v1.5 PHP + WP 2.9.2+ Updated Dec 17, 2013

indexingpingsite-searchsitesearchyandex

C · Use Caution

CVEs total1

Unpatched1

Last CVEAug 20, 2025

Plugin page Download

Safety Verdict

Is Яндекс.ПДС Пингер / Yandex Site search pinger Safe to Use in 2026?

Use With Caution

Score 63/100

Яндекс.ПДС Пингер / Yandex Site search pinger has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Aug 20, 2025Updated 12yr ago

Risk Assessment

The yandex-pinger plugin v1.5 exhibits a mixed security posture. On the positive side, the static analysis reveals no direct entry points like AJAX handlers, REST API routes, or shortcodes, and no dangerous function usage or raw SQL queries. All SQL queries are properly prepared. However, a significant concern arises from the complete lack of output escaping, meaning any dynamic data displayed by the plugin is vulnerable to cross-site scripting (XSS) attacks. The absence of nonce and capability checks on any potential, albeit currently non-existent, entry points is also a weakness. The vulnerability history shows a known medium-severity XSS vulnerability that is currently unpatched. This historical pattern, combined with the current lack of output escaping, strongly suggests that XSS is a persistent risk for this plugin. While the attack surface appears minimal from the static analysis, the unpatched vulnerability and lack of output sanitization present real threats.

Key Concerns

Unpatched medium severity CVE
All output unescaped
No nonce checks
No capability checks

Vulnerabilities

Яндекс.ПДС Пингер / Yandex Site search pinger Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-48352medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Yandex Site search pinger <= 1.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Aug 20, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Яндекс.ПДС Пингер / Yandex Site search pinger Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

Яндекс.ПДС Пингер / Yandex Site search pinger Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionsave_postplugin.php:331

actionpublish_pageplugin.php:332

actionpublish_postplugin.php:333

actionxmlrpc_publish_postplugin.php:334

actionpublish_future_postplugin.php:335

actionadmin_menuplugin.php:337

actionadmin_initplugin.php:340

Maintenance & Trust

Яндекс.ПДС Пингер / Yandex Site search pinger Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedDec 17, 2013

PHP min version

Downloads21K

Community Trust

Rating74/100

Number of ratings3

Active installs900

Alternatives

Яндекс.ПДС Пингер / Yandex Site search pinger Alternatives

CrawlWP SEO – Instant Search Engine Indexing & SEO Performance Monitor

mihdan-index-now

Improve your WordPress SEO with instant search-engine indexing, SEO insights, and indexing status tracking.

40K 1 CVE

Indexing website for Google

2index-page-indexer

100

Easily index your website pages in Google, Yandex, and Bing. 2Index Page Indexer uses the 2index.ninja API.

70 No CVEs

BotSubmit

botsubmit

100

Submit URLs to IndexNow (free) and paid indexing services for faster search engine indexing.

30 No CVEs

Keyspider Site Search Plugin for WordPress

keyspider-search

Relevant, intelligent, and fully customizable site search for your WordPress website.

0 No CVEs

WooCommerce

woocommerce

Everything you need to launch an online store in days and keep it growing for years. From your first sale to millions in revenue, Woo is with you.

7.0M 43 CVEs

Developer Profile

Яндекс.ПДС Пингер / Yandex Site search pinger Developer Profile

sitesearch-yandex

1 plugin · 900 total installs

trust score

Avg Security Score

63/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Яндекс.ПДС Пингер / Yandex Site search pinger

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/yandex-pinger/settings.ini

Version Parameters

yandex-pinger/style.css?ver=yandex-pinger/script.js?ver=

HTML / DOM Fingerprints

FAQ