diff --git a/tracker.php b/tracker.php
index 28884b140..7b15d8cf8 100644
--- a/tracker.php
+++ b/tracker.php
@@ -43,7 +43,7 @@ $start = isset($_REQUEST['start']) ? abs((int)$_REQUEST['start']) : 0;
 $set_default = isset($_GET['def']);
 $user_id = $userdata['user_id'];
 $lastvisit = (!IS_GUEST) ? $userdata['user_lastvisit'] : '';
-$search_id = (isset($_GET['search_id']) && is_string($_GET['search_id'])) ? $_GET['search_id'] : '';
+$search_id = (isset($_GET['search_id']) && is_string($_GET['search_id'])) ? DB()->escape($_GET['search_id']) : '';
 $session_id = $userdata['session_id'];
 
 $status = $_POST['status'] ?? false;