In search_function.php find where the PHP htmlspecialchars function is used on $title, $table_results, and $extract, and then wrap the htmlspecialchars function with something like the following:
Code:
$foo = str_replace("&","&",htmlspecialchars($foo,ENT_QUOTES));