WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Advanced Woo Search safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Advanced Woo Search WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: advanced-woo-search
  • Requires PHP: 7.0+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • Advanced Woo Search &#8211; Product Search for WooCommerce [advanced-woo-search] < 2.0 [CVE-2020-12070, WordPress Advanced Woo Search plugin <= 1.99 - Sensitive Information Disclosure vulnerability, Advanced Woo Search &lt; 2.00 - SQL query leak in ajax search, Advanced Woo Search <= 2.00 - Information Disclosure]
  • Advanced Woo Search &#8211; Product Search for WooCommerce [advanced-woo-search] < 1.70 [Advanced Woo Search &lt;= 1.68 - CSRF &amp; XSS]
  • Advanced Woo Search &#8211; Product Search for WooCommerce [advanced-woo-search] < 1.70 [Advanced Woo Search <= 1.68 - Cross-Site Scripting]
  • Advanced Woo Search &#8211; Product Search for WooCommerce [advanced-woo-search] < 2.78 [CVE-2023-2452, Advanced Woo Search <= 2.77 - Authenticated (Admin+) Stored Cross-Site Scripting, WordPress Advanced Woo Search Plugin <= 2.77 is vulnerable to Cross Site Scripting (XSS), Advanced Woo Search &lt; 2.78 - Admin+ Stored Cross-Site Scripting]
  • Advanced Woo Search &#8211; Product Search for WooCommerce [advanced-woo-search] < 2.97 [CVE-2024-0251, Advanced Woo Search <= 2.96 - Reflected Cross-Site Scripting, WordPress Advanced Woo Search Plugin <= 2.96 is vulnerable to Cross Site Scripting (XSS), Advanced Woo Search &lt; 2.97 - Reflected Cross-Site Scripting]
+ 1 more known vulnerability
  • Advanced Woo Search &#8211; Product Search for WooCommerce [advanced-woo-search] < 3.29 [CVE-2025-2302, WordPress Advanced Woo Search Plugin <= 3.28 is vulnerable to Cross Site Scripting (XSS), Advanced Woo Search <= 3.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via aws_search_terms Shortcode, EUVD-2025-8206]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.