AJAX Search blocked by Sucuri Firewall

I am reaching out to seek assistance regarding a compatibility issue with the Ivory Search plugin and the Sucuri Firewall service.

I have noticed that the AJAX search functionality of the Ivory Search plugin is being blocked by the Sucuri Firewall. I’ve reached out to Sucuri’s support team and they’ve provided me with the following details:

1. URL: XSS040 GET 403 /wp-admin/admin-ajax.php?action=jet_ajax_search&nonce=69c1f17932&data%5Bsearch_source%5D%5B%5D=finding_aid&data%5Bsearch_taxonomy%5D=&data%5Binclude_terms_ids%5D=&data%5Bexclude_terms_ids%5D=&data%5Bexclude_posts_ids%5D=&data%5Bcustom_fields_source%5D=&data%5Blimit_query%5D=5&data%5Blimit_query_tablet%5D=&data%5Blimit_query_mobile%5D=&data%5Blimit_query_in_result_area%5D=25&data%5Bresults_order_by%5D=relevance&data%5Bresults_order%5D=asc&data%5Bsentence%5D=&data%5Bsearch_in_taxonomy%5D=&data%5Bsearch_in_taxonomy_source%5D=&data%5Bresults_area_width_by%5D=form&data%5Bresults_area_custom_width%5D=&data%5Bresults_area_custom_position%5D=&data%5Bthumbnail_visible%5D=yes&data%5Bthumbnail_size%5D=thumbnail&data%5Bthumbnail_placeholder%5D%5Burl%5D=https%3A%2F%2Fwww.southpeacearchives.org%2Fwp-content%2Fplugins%2Felementor%2Fassets%2Fimages%2Fplaceholder.png&data%5Bthumbnail_placeholder%5D%5Bid%5D=&data%5Bthumbnail_placeholder%5D%5Bsize%5D=&data%5Bpost_content_source%5D=content&data%5Bpost_content_custom_field_key%5D=&data%5Bpost_content_length%5D=30&data%5Bshow_product_price%5D=&data%5Bshow_product_rating%5D=&data%5Bshow_result_new_tab%5D=&data%5Bhighlight_searched_text%5D=&data%5Bsymbols_for_start_searching%5D=2&data%5Bbullet_pagination%5D=&data%5Bnumber_pagination%5D=&data%5Bnavigation_arrows%5D=in_header&data%5Bnavigation_arrows_type%5D=angle&data%5Bshow_title_related_meta%5D=&data%5Bmeta_title_related_position%5D=&data%5Btitle_related_meta%5D=&data%5Bshow_content_related_meta%5D=&data%5Bmeta_content_related_position%5D=&data%5Bcontent_related_meta%5D=&data%5Bnegative_search%5D=Sorry%2C%20but%20nothing%20matched%20your%20search%20terms.&data%5Bserver_error%5D=Sorry%2C%20but%20we%20cannot%20handle%20your%20search%20query%20now.%20Please%2C%20try%20again%20later!&data%5Bvalue%5D=vader&data%5BdeviceMode%5D=tablet&_=1683834612842
2. The special encoding characters are triggering the firewall XSS rules.
3. The blocks are occurring on the admin URL and the firewall will not allow the phrase ‘admin’ in the allowlist/whitelist
   as it will defeat the purpose of a firewall.

If I upgrade to one of your premium versions of the plugin, will it resolve this issue? Are you able to change anything to prevent the AJAX search from being blocked by the firewall XSS rules? If it wasn’t running from the admin-ajax.php I would be able to whitelist it.