Medium 5.9
2026-02-03< 4.2.2
CVE-2026-24938
Better Search – Relevant search results for WordPress
Minimum safe version
4.2.2
Update to 4.2.2 or later to address 19 fixable vulnerabilities
Latest available4.3.0 ✓
Medium 6.5
2025-05-07< 4.1.1
CVE-2025-47507
High 7.1
2024-03-19< 3.3.1
CVE-2024-29142
Medium 4.3
2023-07-01< 2.5.3
CVE-2021-4400
N/A
2023-06-07< 2.5.3
CVE-2021-4342
Medium 4.3
2023-06-07< 2.5.3
CVE-2021-4373
N/A
2023-04-11< 3.2.0
WordPress Better Search Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF)
N/A
2023-04-10< 3.2.0
Better Search <= 3.1.0 - Cross-Site Request Forgery
N/A
2014-12-16< 1.3.5
Better Search <= 1.3.4 - Reflected Cross-Site Scripting
N/A
2019-03-15< 2.2.3
Better Search < 2.2.3 - SQL Injection
N/A
< 2.5.3
Various Affected Software (Various Versions) - Cross-Site Request Forgery Bypass
N/A
2021-03-01< 2.5.3
Better Search <= 2.5.2 - Cross-Site Request Forgery to Settings Import
N/A
< 1.3
Better Search < 1.3 - admin.inc.php Setting Manipulation CSRF
N/A
< 1.3.5
Better Search < 1.3.5 - Reflected Cross-Site Scripting (XSS)
N/A
< 2.2.3
Better Search 2.2.2 - Unauthenticated SQL Injection
N/A
< 2.5.3
Better Search < 2.5.3 - CSRF Nonce Bypass in Import/Export
N/A
2014-12-16< 1.3.5
WordPress Better Search Plugin <= 1.3.4 - Reflective XSS
N/A
2014-08-01< 1.3
WordPress Better Search Plugin <= 1.2.1 - CSRF
N/A
2021-02-17< 2.5.3
WordPress Better Search plugin <= 2.5.2 - Cross-Site Request Forgery (CSRF) vulnerability