Plugin inspection:

Decent Comments

No issues found

Last revised:

Confidence: Medium
This plugin has been given a short, targeted code review.

We didn't find anything worrying in this plugin. It's probably safe. Read more about this recommendation.


This recommendation applies to version 1.3.3 of this plugin, but the most recent version is 1.13.0. These findings may no longer be correct.


  • SQL is not escaped in get_search_sql(), but it’s only used in one place on literal values so it’s easy to see that it’s not vulnerable to SQL injection

Failure criteria

  • Execution of unprepared SQL statements

Read more about our failure criteria.