[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWRb8aB7JqiomhycHDTNwWe446hVJBIA6j85jYytXpko":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":144,"fingerprints":237},"aio-cache","AIO Cache & Performance","2.5","Adam","https:\u002F\u002Fprofiles.wordpress.org\u002Fadamsassets\u002F","\u003Cp>AIO Cache, a stable and simple cache, minify, and performance solution for those of you looking for solid raw performance and response times. \u003Cstrong>Fast, Powerful, and Effective!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Unlike other performance solutions, you don’t need to configure AIO Cache. Just install and go. \u003Cstrong>Quick and Simple!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Best part is that it is designed to avoid breaking your site. \u003Cstrong>Stable and Solid!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>AIO Cache Offers:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple Page & File Caching\u003C\u002Fli>\n\u003Cli>Simple Static Resources\u003C\u002Fli>\n\u003Cli>Simple GZip & Deflate Compression\u003C\u002Fli>\n\u003Cli>JavaScripts to Footer\u003C\u002Fli>\n\u003C\u002Ful>\n","A Simple, Stable, and Powerful Cache Plugin. Experience the Power, Stability, & Simplicity of AIO Cache Today!",10,16369,68,21,"2016-06-25T19:36:00.000Z","3.7.41","3.0","",[20,4,21,22,23],"advanced-cache","aio-cache-performance","apache","apc","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Faio-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faio-cache.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"adamsassets",1,30,84,"2026-04-04T21:21:32.523Z",[38,64,83,102,124],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":27,"last_vuln_date":63,"fetched_at":29},"redirection","Redirection","5.7.5","John Godley","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnny5\u002F","\u003Cp>Redirection is the most popular redirect manager for WordPress. With it you can easily manage 301 redirections, keep track of 404 errors, and generally tidy up any loose ends your site may have. This can help reduce errors and improve your site ranking.\u003C\u002Fp>\n\u003Cp>Redirection is designed to be used on sites with a few redirects to sites with thousands of redirects.\u003C\u002Fp>\n\u003Cp>It has been a WordPress plugin for over 10 years and has been recommended countless times. And it’s free!\u003C\u002Fp>\n\u003Cp>Full documentation can be found at \u003Ca href=\"https:\u002F\u002Fredirection.me\" rel=\"nofollow ugc\">https:\u002F\u002Fredirection.me\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Redirection is compatible with PHP from 7.4 to 8.4.\u003C\u002Fp>\n\u003Ch4>Redirect manager\u003C\u002Fh4>\n\u003Cp>Create and manage redirects quickly and easily without needing Apache or Nginx knowledge. If your WordPress supports permalinks then you can use Redirection to redirect any URL.\u003C\u002Fp>\n\u003Cp>There is full support for regular expressions so you can create redirect patterns to match any number of URLs. You can match query parameters and even pass them through to the target URL.\u003C\u002Fp>\n\u003Cp>The plugin can also be configured to monitor when post or page permalinks are changed and automatically create a redirect to the new URL.\u003C\u002Fp>\n\u003Ch4>Conditional redirects\u003C\u002Fh4>\n\u003Cp>In addition to straightforward URL matching you can redirect based on other conditions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login status – redirect only if the user is logged in or logged out\u003C\u002Fli>\n\u003Cli>WordPress capability – redirect if the user is able to perform a certain capability\u003C\u002Fli>\n\u003Cli>Browser – redirect if the user is using a certain browser\u003C\u002Fli>\n\u003Cli>Referrer – redirect if the user visited the link from another page\u003C\u002Fli>\n\u003Cli>Cookies – redirect if a particular cookie is set\u003C\u002Fli>\n\u003Cli>HTTP headers – redirect based on a HTTP header\u003C\u002Fli>\n\u003Cli>Custom filter – redirect based on your own WordPress filter\u003C\u002Fli>\n\u003Cli>IP address – redirect if the client IP address matches\u003C\u002Fli>\n\u003Cli>Server – redirect another domain if also hosted on this server\u003C\u002Fli>\n\u003Cli>Page type – redirect if the current page is a 404\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Full logging\u003C\u002Fh4>\n\u003Cp>A configurable logging option allows to view all redirects occurring on your site, including information about the visitor, the browser used, and the referrer. A ‘hit’ count is maintained for each redirect so you can see if a URL is being used.\u003C\u002Fp>\n\u003Cp>Logs can be exported for external viewing, and can be searched and filtered for more detailed investigation.\u003C\u002Fp>\n\u003Cp>Display geographic information about an IP address, as well as a full user agent information, to try and understand who the visitor is.\u003C\u002Fp>\n\u003Cp>You are able to disable or reduce IP collection to meet the legal requirements of your geographic region, and can change the amount of information captured from the bare minimum to HTTP headers.\u003C\u002Fp>\n\u003Cp>You can also log any redirect happening on your site, including those performed outside of Redirection.\u003C\u002Fp>\n\u003Ch4>Add HTTP headers\u003C\u002Fh4>\n\u003Cp>HTTP headers can be added to redirects or your entire site that help reduce the impact of redirects or help increase security. You can also add your own custom headers.\u003C\u002Fp>\n\u003Ch4>Track 404 errors\u003C\u002Fh4>\n\u003Cp>Redirection will keep track of all 404 errors that occur on your site, allowing you to track down and fix problems.\u003C\u002Fp>\n\u003Cp>Errors can be grouped to show where you should focus your attention, and can be redirected in bulk.\u003C\u002Fp>\n\u003Ch4>Query parameter handling\u003C\u002Fh4>\n\u003Cp>You can match query parameters exactly, ignore them, and even pass them through to your target.\u003C\u002Fp>\n\u003Ch4>Migrate Permalinks\u003C\u002Fh4>\n\u003Cp>Changed your permalink structure? You can migrate old permalinks simply by entering the old permalink structure. Multiple migrations are supported.\u003C\u002Fp>\n\u003Ch4>Apache & Nginx support\u003C\u002Fh4>\n\u003Cp>By default Redirection will manage all redirects using WordPress. However you can configure it so redirects are automatically saved to a .htaccess file and handled by Apache itself.\u003C\u002Fp>\n\u003Cp>If you use Nginx then you can export redirects to an Nginx rewrite rules file.\u003C\u002Fp>\n\u003Ch4>Fine-grained permissions\u003C\u002Fh4>\n\u003Cp>Fine-grained permissions are available so you can customise the plugin for different users. This makes it particularly suitable for client sites where you may want to prevent certain actions, and remove functionality.\u003C\u002Fp>\n\u003Ch4>Import & Export\u003C\u002Fh4>\n\u003Cp>The plugin has a fully-featured import and export system and you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Import and export to Apache .htaccess\u003C\u002Fli>\n\u003Cli>Export to Nginx rewrite rules\u003C\u002Fli>\n\u003Cli>Copy redirects between sites using JSON\u003C\u002Fli>\n\u003Cli>Import and export to CSV for viewing in a spreadsheet\u003C\u002Fli>\n\u003Cli>Use WP CLI to automate import and export\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also import from the following plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple 301 Redirects\u003C\u002Fli>\n\u003Cli>SEO Redirection\u003C\u002Fli>\n\u003Cli>Safe Redirect Manager\u003C\u002Fli>\n\u003Cli>Rank Math\u003C\u002Fli>\n\u003Cli>WordPress old slug redirects\u003C\u002Fli>\n\u003Cli>Quick Post\u002FPages redirects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Search Regex compatible\u003C\u002Fh4>\n\u003Cp>Redirection is compatible with \u003Ca href=\"https:\u002F\u002Fsearchregex.com\" rel=\"nofollow ugc\">Search Regex\u003C\u002Fa>, allowing you to bulk update your redirects.\u003C\u002Fp>\n\u003Ch4>Wait, it’s free?\u003C\u002Fh4>\n\u003Cp>Yes, it’s really free. There’s no premium version and no need to pay money to get access to features. This is a dedicated redirect management plugin.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please submit bugs, patches, and feature requests to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fredirection\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fredirection\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please submit translations to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fredirection\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fredirection\u003C\u002Fa>\u003C\u002Fp>\n","Manage 301 redirects, track 404 errors, and improve your site. No knowledge of Apache or Nginx required.",2000000,71280127,88,689,"2026-03-01T07:42:00.000Z","6.9.4","6.5","7.4",[55,56,22,57,58],"301","404","htaccess","redirect","https:\u002F\u002Fredirection.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fredirection.5.7.5.zip",97,5,"2018-11-14 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":27,"num_ratings":27,"last_updated":74,"tested_up_to":51,"requires_at_least":75,"requires_php":53,"tags":76,"homepage":18,"download_link":81,"security_score":82,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"snapchat-for-woocommerce","Snapchat for WooCommerce","1.0.2","WooCommerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fwoocommerce\u002F","\u003Cp>Snapchat for WooCommerce seamlessly integrates your WooCommerce store with Snapchat’s powerful advertising platform, enabling you to reach millions of potential customers through engaging visual ads.\u003C\u002Fp>\n\u003Cp>Connect your Snapchat Business account to automatically sync your product catalog, create targeted advertising campaigns, and track conversions directly from your WooCommerce dashboard. The plugin provides a streamlined setup process with step-by-step guidance to get your first campaign running quickly.\u003C\u002Fp>\n\u003Cp>Key features include product catalog export for Snapchat’s Dynamic Ads, Conversion tracking to measure campaign performance, and Pixel tracking to build custom audiences. The integration works through WooCommerce’s Marketing menu, providing a familiar interface for managing your Snapchat advertising alongside other marketing channels.\u003C\u002Fp>\n\u003Cp>Whether you’re looking to increase brand awareness, drive sales, or re-engage existing customers, Snapchat for WooCommerce provides the tools you need to create effective advertising campaigns that convert visitors into customers.\u003C\u002Fp>\n","Integrate your WooCommerce store with Snapchat Ads to track conversions and export products for advertising.",20000,84105,"2025-12-02T22:38:00.000Z","6.7",[77,78,79,80],"ads","product-feed","snapchat","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsnapchat-for-woocommerce.1.0.2.zip",100,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":72,"downloaded":91,"rating":92,"num_ratings":62,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":18,"download_link":100,"security_score":101,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"spiderblocker","Spider Blocker","1.3.7","Niteo","https:\u002F\u002Fprofiles.wordpress.org\u002Fniteoweb\u002F","\u003Cp>Spider Blocker blocks most common bots that consume bandwidth and slow down your blog.\u003Cbr \u002F>\nIt accomplishes this by using .htaccess file to minimize impact on your website. It’s hidden from external scanners.\u003C\u002Fp>\n\u003Cp>Spider Blocker is specifically designed for Apache servers with mod_rewrite enabled, allowing you to effortlessly safeguard your website from the most prevalent bots that hamper performance and drain resources.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block Unlimited bots from viewing your site\u003C\u002Fli>\n\u003Cli>Easy Export\u002FImport rules (comes with most common list of bots)\u003C\u002Fli>\n\u003Cli>Zero Footprint\u003C\u002Fli>\n\u003C\u002Ful>\n","SpiderBlocker will block most common bots that consume bandwidth and slow down your blog.",612410,80,"2024-05-07T13:39:00.000Z","6.5.8","4.0",[22,97,98,57,99],"block","bots","seo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspiderblocker.1.3.7.zip",92,{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":101,"num_ratings":112,"last_updated":113,"tested_up_to":51,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":122,"download_link":123,"security_score":82,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"apcu-manager","APCu Manager","4.3.0","Pierre Lannoy","https:\u002F\u002Fprofiles.wordpress.org\u002Fpierrelannoy\u002F","\u003Cp>\u003Cstrong>APCu statistics and management right in the WordPress admin dashboard.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> is a full featured APCu management and analytics reporting tool. It allows you to monitor and optimize APCu operations on your WordPress site or network.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> offers a persistent object cache backend to WordPress: just activate the option in the settings and you will experience a real speed up of your site or network.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> works on dedicated or shared servers. It is compatible with all plugins using APCu, like PerfOps One suite or W3 Total Cache. Its main management features are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>drop-in replacement for WordPress object caching;\u003C\u002Fli>\n\u003Cli>individual object deletion;\u003C\u002Fli>\n\u003Cli>bulk object deletion;\u003C\u002Fli>\n\u003Cli>objects browsing and inspecting;\u003C\u002Fli>\n\u003Cli>smart garbage collection;\u003C\u002Fli>\n\u003Cli>full cache clearing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>⚠️ \u003Cstrong>APCu Manager\u003C\u002Fstrong> doesn’t work on PHP clustered environments!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> is also a full featured analytics reporting tool that analyzes all APCu operations on your site. It can report:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>KPIs: hit ratio, free memory, cached objects, keys saturation, memory fragmentation and availability;\u003C\u002Fli>\n\u003Cli>metrics variations;\u003C\u002Fli>\n\u003Cli>metrics distributions;\u003C\u002Fli>\n\u003Cli>plugins consumption.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> supports multisite report delegation (see FAQ).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> supports a set of WP-CLI commands to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>toggle on\u002Foff main settings – see \u003Ccode>wp help apcu settings\u003C\u002Fcode> for details;\u003C\u002Fli>\n\u003Cli>obtain operational statistics – see \u003Ccode>wp help apcu analytics\u003C\u002Fcode> for details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For a full help on WP-CLI commands in APCu Manager, please \u003Ca href=\"https:\u002F\u002Fperfops.one\u002Fapcu-manager-wpcli\" rel=\"nofollow ugc\">read this guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> is part of \u003Ca href=\"https:\u002F\u002Fperfops.one\u002F\" rel=\"nofollow ugc\">PerfOps One\u003C\u002Fa>, a suite of free and open source WordPress plugins dedicated to observability and operations performance.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>APCu Manager\u003C\u002Fstrong> is a free and open source plugin for WordPress. It integrates many other free and open source works (as-is or modified). Please, see ‘about’ tab in the plugin settings to see the details.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>This plugin is free and provided without warranty of any kind. Use it at your own risk, I’m not responsible for any improper use of this plugin, nor for any damage it might cause to your site. Always backup all your data before installing a new plugin.\u003C\u002Fp>\n\u003Cp>Anyway, I’ll be glad to help you if you encounter issues when using this plugin. Just use the support section of this plugin page.\u003C\u002Fp>\n\u003Ch4>Privacy\u003C\u002Fh4>\n\u003Cp>This plugin, as any piece of software, is neither compliant nor non-compliant with privacy laws and regulations. It is your responsibility to use it with respect for the personal data of your users and applicable laws.\u003C\u002Fp>\n\u003Cp>This plugin doesn’t set any cookie in the user’s browser.\u003C\u002Fp>\n\u003Cp>This plugin doesn’t handle personally identifiable information (PII).\u003C\u002Fp>\n\u003Ch4>Donation\u003C\u002Fh4>\n\u003Cp>If you like this plugin or find it useful and want to thank me for the work done, please consider making a donation to \u003Ca href=\"https:\u002F\u002Fwww.laquadrature.net\u002Fen\" rel=\"nofollow ugc\">La Quadrature Du Net\u003C\u002Fa> or the \u003Ca href=\"https:\u002F\u002Fwww.eff.org\u002F\" rel=\"nofollow ugc\">Electronic Frontier Foundation\u003C\u002Fa> which are advocacy groups defending the rights and freedoms of citizens on the Internet. By supporting them, you help the daily actions they perform to defend our fundamental freedoms!\u003C\u002Fp>\n","APCu statistics and management right in the WordPress admin dashboard.",10000,131451,20,"2025-11-22T13:21:00.000Z","6.2","8.1",[117,118,119,120,121],"apcu","cache","monitor","object-cache","w3tc","https:\u002F\u002Fperfops.one\u002Fapcu-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapcu-manager.4.3.0.zip",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":110,"downloaded":132,"rating":48,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":137,"tags":138,"homepage":142,"download_link":143,"security_score":82,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"custom-php-settings","Custom PHP Settings","2.4.1","cyclonecode","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyclonecode\u002F","\u003Cp>This plugin can be used to customize php settings for you WordPress installation.\u003C\u002Fp>\n\u003Cp>The plugin will modify either the \u003Cstrong>.htaccess\u003C\u002Fstrong> file or \u003Cstrong>.user.ini\u003C\u002Fstrong> file in order to change the current php settings directly from within the settings page.\u003C\u002Fp>\n\u003Cp>Since the configuration file needs to be modified this file \u003Cstrong>must\u003C\u002Fstrong> be writable for this plugin to work as expected.\u003C\u002Fp>\n\u003Ch4>Apache module\u003C\u002Fh4>\n\u003Cp>When PHP is running as an Apache module the \u003Cstrong>.htaccess\u003C\u002Fstrong> file will be used to set customized settings; make sure so that this file \u003Cstrong>exists\u003C\u002Fstrong> and is \u003Cstrong>writable\u003C\u002Fstrong> by the webserver.\u003C\u002Fp>\n\u003Ch4>CGI\u002FFast-CGI\u003C\u002Fh4>\n\u003Cp>If instead PHP is running in CGI\u002FFast-CGI mode then a custom INI file will be used. The name of this file depends on the value of \u003Cstrong>user_ini.filename\u003C\u002Fstrong> in the php configuration, by default it is \u003Cstrong>.user.ini\u003C\u002Fstrong>.\u003Cbr \u002F>\nYou can check the name of you custom INI file in the \u003Cstrong>PHP Information\u003C\u002Fstrong> table. The custom INI file should be placed under the root folder and \u003Cstrong>most\u003C\u002Fstrong> be \u003Cstrong>writable\u003C\u002Fstrong> by the webserver.\u003C\u002Fp>\n\u003Cp>Notice that there is also a \u003Cstrong>User INI file cache TTL\u003C\u002Fstrong> value in the information table, this value tells how long the custom INI file will be cached before it gets reloaded.\u003Cbr \u002F>\nFor instance, if this value is set to 300 then any changes to your custom INI file will not be reflected for up to 5 minutes. The name for this setting in the php configuration is \u003Cstrong>user_ini.cache_ttl\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>One important thing is to make sure that your \u003Ccode>.user.ini\u003C\u002Fcode> file is blocked by your webserver. If you are running NGINX this can be done by adding:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>location ~ \u002F\\.user\\.ini {\n  deny all;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>to your server configuration. The same thing using Apache is done by adding the following to the configuration if not already done:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003CFiles .user.ini>\norder allow,deny\ndeny from all\n\u003C\u002FFiles>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Available Settings\u003C\u002Fh4>\n\u003Cp>The settings table will display all non-system php settings that can be customized by the plugin. All modified settings will be displayed in red in this table.\u003C\u002Fp>\n\u003Cp>Some settings might be displayed in red because they are changed somewhere else, perhaps through a customized php.ini file, by WordPress itself, a plugin or in some other way.\u003Cbr \u002F>\nFor instance if you have enabled \u003Cstrong>WP_DEBUG\u003C\u002Fstrong> in your \u003Cstrong>wp-config.php\u003C\u002Fstrong> file the \u003Cstrong>error_reporting\u003C\u002Fstrong> setting will turn red.\u003C\u002Fp>\n\u003Cp>If you have questions or perhaps some idea on things that should be added you can also try \u003Ca href=\"https:\u002F\u002Fjoin.slack.com\u002Ft\u002Fcyclonecode\u002Fshared_invite\u002Fzt-6bdtbdab-n9QaMLM~exHP19zFDPN~AQ\" rel=\"nofollow ugc\">slack\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Multiple Configurations\u003C\u002Fh4>\n\u003Cp>The premium version adds support for creating multiple named configurations which all can hold their own custom PHP settings.\u003Cbr \u002F>\nYou will then be able to easily switch between the different configurations entries applying them to you configuration file.\u003C\u002Fp>\n\u003Ch4>Environment Variables\u003C\u002Fh4>\n\u003Cp>In the premium version, when running PHP as an apache module and using an \u003Cstrong>.htaccess\u003C\u002Fstrong> file for configuration, you are able\u003Cbr \u002F>\nto add custom environment variables. These will be accessible by using the super global \u003Cstrong>$_SERVER\u003C\u002Fstrong> array.\u003Cbr \u002F>\nIn order for this to work you will need to have the mod_env module enabled in your apache setup.\u003C\u002Fp>\n\u003Ch4>Resources\u003C\u002Fh4>\n\u003Cp>A complete list of settings that can be modified can be found here: \u003Ca href=\"http:\u002F\u002Fphp.net\u002Fmanual\u002Fen\u002Fini.list.php\" rel=\"nofollow ugc\">List of php.ini directives\u003C\u002Fa>\u003Cbr \u002F>\nNotice that directives marked as \u003Ccode>PHP_INI_SYSTEM\u003C\u002Fcode> can not be modified.\u003C\u002Fp>\n\u003Ch3>Warning\u003C\u002Fh3>\n\u003Cp>Make sure you know how a value should be configured and what different settings do before changing anything.\u003Cbr \u002F>\nThis is important since some settings might render your page inaccessible, depending on what value you are using.\u003Cbr \u002F>\nA good example of this is the \u003Cstrong>variables_order\u003C\u002Fstrong> configuration:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Sets the order of the EGPCS (Environment, Get, Post, Cookie, and Server) variable parsing. For example, if variables_order is set to “SP” then PHP will create the superglobals $_SERVER and $_POST, but not create $_ENV, $_GET, and $_COOKIE. Setting to “” means no superglobals will be set.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>If this value would be configured to \u003Cstrong>EPCS\u003C\u002Fstrong> then no \u003Cstrong>$_GET\u003C\u002Fstrong> superglobal would be set which would make your page inaccessible.\u003C\u002Fp>\n\u003Cp>Another example is setting the \u003Cstrong>post_max_size\u003C\u002Fstrong> to a very low value so that no form data is sent to the server, which in turn would result in that form data is never saved.\u003C\u002Fp>\n\u003Cp>If you by mistake changed some value and your site is now inaccessible you could simply manually remove everything from between the plugin markers in your \u003Cstrong>.htaccess\u003C\u002Fstrong> file:\u003C\u002Fp>\n\u003Cpre>\u003Ccode># BEGIN CUSTOM PHP SETTINGS PRO\nphp_value variables_order EPCS  \u003C-- Remove\n# END CUSTOM PHP SETTINGS PRO\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you are running PHP in CGI\u002FFast-CGI mode then instead remove everything between the plugins markers in your \u003Cstrong>.user.ini\u003C\u002Fstrong> file:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>; BEGIN CUSTOM PHP SETTINGS\nphp_value variables_order EPCS  \u003C-- Remove\n; END CUSTOM PHP SETTINGS\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you run into any trouble, don’t hesitate to add a new topic under the support section:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcustom-php-settings\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcustom-php-settings\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also try contacting me on \u003Ca href=\"https:\u002F\u002Fjoin.slack.com\u002Ft\u002Fcyclonecode\u002Fshared_invite\u002Fzt-6bdtbdab-n9QaMLM~exHP19zFDPN~AQ\" rel=\"nofollow ugc\">slack\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin makes it possible to override php settings.",407953,15,"2025-11-20T20:06:00.000Z","6.8.5","4.1.0","5.6",[22,139,57,140,141],"apache2","php","settings","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-php-settings\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-php-settings.2.4.1.zip",{"attackSurface":145,"codeSignals":183,"taintFlows":193,"riskAssessment":231,"analyzedAt":236},{"hooks":146,"ajaxHandlers":179,"restRoutes":180,"shortcodes":181,"cronEvents":182,"entryPointCount":27,"unprotectedCount":27},[147,153,158,161,166,169,174],{"type":148,"name":149,"callback":150,"file":151,"line":152},"action","admin_menu","aio_add_main_pages","aio.php",19,{"type":154,"name":155,"callback":156,"priority":133,"file":151,"line":157},"filter","script_loader_src","aio_cache_make_resources_static",47,{"type":154,"name":159,"callback":156,"priority":133,"file":151,"line":160},"style_loader_src",48,{"type":148,"name":162,"callback":163,"file":164,"line":165},"wp","phpch_headers","resources\\cachehead\\aio-cachehead.php",2,{"type":148,"name":149,"callback":167,"file":164,"line":168},"phpch_setting",3,{"type":148,"name":170,"callback":171,"file":172,"line":173},"init","wp_http_compression","resources\\compression\\aio-compression.php",23,{"type":148,"name":175,"callback":176,"file":177,"line":178},"wp_enqueue_scripts","custom_clean_head","resources\\footscripts\\aio-footscripts.php",7,[],[],[],[],{"dangerousFunctions":184,"sqlUsage":185,"outputEscaping":187,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":33,"bundledLibraries":192},[],{"prepared":27,"raw":27,"locations":186},[],{"escaped":27,"rawEcho":33,"locations":188},[189],{"file":164,"line":190,"context":191},51,"raw output",[],[194,220],{"entryPoint":195,"graph":196,"unsanitizedCount":27,"severity":219},"phpch_setting_page (resources\\cachehead\\aio-cachehead.php:23)",{"nodes":197,"edges":215},[198,203,209,211],{"id":199,"type":200,"label":201,"file":164,"line":202},"n0","source","$_POST",32,{"id":204,"type":205,"label":206,"file":164,"line":207,"wp_function":208},"n1","sink","update_option() [Settings Manipulation]",33,"update_option",{"id":210,"type":200,"label":201,"file":164,"line":202},"n2",{"id":212,"type":205,"label":213,"file":164,"line":190,"wp_function":214},"n3","echo() [XSS]","echo",[216,218],{"from":199,"to":204,"sanitized":217},true,{"from":210,"to":212,"sanitized":217},"low",{"entryPoint":221,"graph":222,"unsanitizedCount":27,"severity":219},"\u003Caio-cachehead> (resources\\cachehead\\aio-cachehead.php:0)",{"nodes":223,"edges":228},[224,225,226,227],{"id":199,"type":200,"label":201,"file":164,"line":202},{"id":204,"type":205,"label":206,"file":164,"line":207,"wp_function":208},{"id":210,"type":200,"label":201,"file":164,"line":202},{"id":212,"type":205,"label":213,"file":164,"line":190,"wp_function":214},[229,230],{"from":199,"to":204,"sanitized":217},{"from":210,"to":212,"sanitized":217},{"summary":232,"deductions":233},"The 'aio-cache' plugin v2.5 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code signals indicate good practices with 100% of SQL queries using prepared statements and a single recorded capability check, suggesting that access control is being considered.  The plugin also shows no history of known vulnerabilities, which is a positive indicator.\n\nHowever, a notable concern arises from the output escaping analysis, where 0% of the single total output was properly escaped. This means that any data being outputted by the plugin is potentially vulnerable to cross-site scripting (XSS) attacks if the data originates from user input or external sources that are not sufficiently sanitized before being passed to the plugin. While taint analysis found no unsanitized flows, the lack of output escaping is a specific and actionable risk that should be addressed.\n\nIn conclusion, 'aio-cache' v2.5 is relatively secure due to its limited attack surface and lack of vulnerability history. The primary weakness lies in the unescaped output, which presents a potential XSS risk. Addressing this single output escaping issue would significantly enhance the plugin's security.",[234],{"reason":235,"points":62},"Unescaped output detected","2026-03-17T05:41:37.015Z",{"wat":238,"direct":246},{"assetPaths":239,"generatorPatterns":243,"scriptPaths":244,"versionParams":245},[240,241,242],"\u002Fwp-content\u002Fplugins\u002Faio-cache\u002Fresources\u002Fcachehead\u002Faio-cachehead.php","\u002Fwp-content\u002Fplugins\u002Faio-cache\u002Fresources\u002Fcompression\u002Faio-compression.php","\u002Fwp-content\u002Fplugins\u002Faio-cache\u002Fresources\u002Ffootscripts\u002Faio-footscripts.php",[],[],[],{"cssClasses":247,"htmlComments":248,"htmlAttributes":249,"restEndpoints":250,"jsGlobals":251,"shortcodeOutput":252},[],[],[],[],[],[]]