[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2C7Vumv_5u7vep79n_VOflCygNkTqflyUkVM2KGHmh4":3},{"slug":4,"name":5,"version":6,"author":4,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":49,"analysis":146,"fingerprints":460},"baqend","Speed Kit","2.0.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fbaqend\u002F","\u003Cp>Speed Kit makes your WordPress website load instantly with one simple click.\u003C\u002Fp>\n\u003Ch4>Only supported for Plesk users\u003C\u002Fh4>\n\u003Cp>This plugin is only supported for users of the \u003Ca href=\"https:\u002F\u002Fwww.plesk.com\u002F\" rel=\"nofollow ugc\">Plesk\u003C\u002Fa> hosting platform in combination with  the \u003Ca href=\"https:\u002F\u002Fwww.plesk.com\u002Fextensions\u002Fspeed-kit\u002F\" rel=\"nofollow ugc\">Plesk Speed Kit extension\u003C\u002Fa>. All WordPress users who already purchased a Speed Kit license can still use the WordPress plugin as usual. Only new subscriptions via WordPress are not possible anymore.\u003C\u002Fp>\n\u003Ch4>WHAT OUR CUSTOMERS LOVE\u003C\u002Fh4>\n\u003Cp>Speed Kit powers about 7,000 websites, serving 200 million users monthly, accelerated 3.6 billion euros of annual revenue and scaling 25,000 requests per second. By using Speed Kit, you’ll have the following benefits:\u003Cbr \u002F>\n* \u003Cstrong>User Experience:\u003C\u002Fstrong> Turn page speed into your competitive advantage.\u003Cbr \u002F>\n* \u003Cstrong>SEO Ranking:\u003C\u002Fstrong> Let the speed-based search rank boost your visibility.\u003Cbr \u002F>\n* \u003Cstrong>Time on Site:\u003C\u002Fstrong> Make your users stay longer and click more.\u003Cbr \u002F>\n* \u003Cstrong>Conversion Rate:\u003C\u002Fstrong> Grow e-commerce revenue and funnel metrics.\u003Cbr \u002F>\n* \u003Cstrong>Bounce Rate:\u003C\u002Fstrong> Reduce your marketing costs through lower bounce rates.\u003C\u002Fp>\n\u003Ch4>HOW IT WORKS\u003C\u002Fh4>\n\u003Cp>After activating the plugin, Speed Kit adds a Service Worker to your WordPress. The Service Worker then reroutes all requests from your WordPress backend to a fast cache which is synchronized with your website. Speed Kit accelerates your WordPress website without any changes to the backend servers. Instead of re-engineering your server, network, and frontend performance, Speed Kit hooks into the traffic and accelerates it from the user side.\u003C\u002Fp>\n\u003Ch4>WHAT IT COSTS\u003C\u002Fh4>\n\u003Cp>The first 10 days of trial are free. No bank details required.\u003C\u002Fp>\n\u003Cp>After the trial period ends you can continue using Speed Kit for 9.99 € per month. If you don’t do anything, Speed Kit simply stops handling your requests and they will be executed by your backend again. Your site remains online all the time without your users noticing anything.\u003C\u002Fp>\n\u003Cp>Transparent and straightforward. No strings attached.\u003C\u002Fp>\n","Speed Kit makes your WordPress website load instantly with one simple click.",2000,98505,80,11,"2024-05-02T14:25:00.000Z","6.2.9","4.6.0","7.3.0",[19,20,21,22,23],"caching","fast","optimization","performance","secure","https:\u002F\u002Fwww.baqend.com\u002Fguide\u002Ftopics\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbaqend.2.0.2.zip",70,1,"2026-01-07 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2026-22487","speed-kit-missing-authorization","Speed Kit \u003C= 2.0.2 - Missing Authorization","The Speed Kit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=2.0.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-01-14 19:25:00",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F541f227f-2e17-4209-b440-fb94892e572f?source=api-prod",{"slug":4,"display_name":4,"profile_url":7,"plugin_count":27,"total_installs":10,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":47,"computed_at":48},30,73,"2026-04-03T23:02:46.781Z",[50,73,91,107,127],{"slug":51,"name":52,"version":53,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":58,"downloaded":59,"rating":60,"num_ratings":61,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":66,"homepage":69,"download_link":70,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"flying-pages","Flying Pages: Preload Pages for Faster Navigation & Improved User Experience","2.4.7","Gijo Varghese","https:\u002F\u002Fprofiles.wordpress.org\u002Fgijo\u002F","\u003Cp>Flying Pages preload pages before the user click on it, making them load instantly\u003C\u002Fp>\n\u003Ch3>How it Works?\u003C\u002Fh3>\n\u003Cp>Flying Pages injects a tiny JavaScript code (1KB gzipped), waits until the browser becomes idle. Then it detects pages in the viewport and on mouse hover and preloads them.\u003C\u002Fp>\n\u003Cp>Flying Pages is intelligent to make sure preloading doesn’t crash your server or make it slow.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Preload pages in the viewport\u003C\u002Fstrong> – Detect links within the viewport (current viewing area) using ‘Intersection Observer’ and tells the browser to preload them using ‘prefetch’, switch to xhr if not available (similar to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FGoogleChromeLabs\u002Fquicklink\" rel=\"nofollow ugc\">Quicklink\u003C\u002Fa>).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Preload pages on mouse hover\u003C\u002Fstrong> – On hovering links, if it’s not preloaded yet using above ‘viewport’, then Flying Pages will prefetch them instantly (similar to \u003Ca href=\"https:\u002F\u002Finstant.page\u002F\" rel=\"nofollow ugc\">Instant.page\u003C\u002Fa>).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Limits the number of preloads per second\u003C\u002Fstrong> – If your page has too many links, prefetching all at the same time will cause the server to crash or slow down the website to visitors. Flying Pages limits the number of preloads per second (3 req\u002Fsec by default) using an in-built queue. For example, if you’ve 10 links in the viewport, preloading all these are span into 4 seconds.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Stops preloading if the server is busy\u003C\u002Fstrong> – In case the server starts to respond slowly or return errors, preloading will be stopped to reduce the server load.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Understands user’s connection and preferences\u003C\u002Fstrong> – Checks if the user is on a slow connection like 2G or has enabled data-saver. Flying Pages won’t preload anything in this case.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fflying-pages\u002F\" rel=\"ugc\">Official Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpspeedmatters\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Our premium products\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fflyingpress.com\" rel=\"nofollow ugc\">FlyingPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fflyingcdn.com\" rel=\"nofollow ugc\">FlyingCDN\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Our free plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-pages\u002F\" rel=\"ugc\">Flying Pages\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnazy-load\u002F\" rel=\"ugc\">Flying Images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-scripts\u002F\" rel=\"ugc\">Flying Scripts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-analytics\u002F\" rel=\"ugc\">Flying Analytics\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-fonts\u002F\" rel=\"ugc\">Flying Fonts\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Preload pages intelligently to boost site speed and enhance user experience by loading pages before users click, ensuring instant page transitions.",20000,241853,98,79,"2025-12-02T13:23:00.000Z","6.9.4","4.5","5.6",[20,21,22,67,68],"prefetch","speed","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-pages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflying-pages.2.4.7.zip",100,0,{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":58,"downloaded":81,"rating":82,"num_ratings":83,"last_updated":84,"tested_up_to":63,"requires_at_least":64,"requires_php":65,"tags":85,"homepage":87,"download_link":88,"security_score":60,"vuln_count":89,"unpatched_count":72,"last_vuln_date":90,"fetched_at":29},"wp-meteor","WP Meteor Website Speed Optimization Addon","3.4.17","Aleksandr Guidrevitch","https:\u002F\u002Fprofiles.wordpress.org\u002Faguidrevitch\u002F","\u003Cp>WP Meteor offers an original way to further optimize your website speed.\u003Cbr \u002F>\nWith this plugin you can \u003Cstrong>increase your PageSpeed score\u003C\u002Fstrong> by up to 5x.\u003Cbr \u002F>\nThe plugin is 100% free, it is compatible and works well with most popular caching plugins like:\u003Cbr \u002F>\n* Autoptimize\u003Cbr \u002F>\n* WP Rocket\u003Cbr \u002F>\n* WP Total Cache\u003Cbr \u002F>\n* WP Super Cache\u003Cbr \u002F>\n* Phastpress\u003Cbr \u002F>\n* LiteSpeed\u003Cbr \u002F>\n* Hummingbird\u003Cbr \u002F>\n* WP Fastest Cache\u003Cbr \u002F>\n* SiteGround Optimizer\u003C\u002Fp>\n\u003Cp>It also works well with website builders like Elementor or with image optimizers like ShortPixel.\u003C\u002Fp>\n\u003Cp>The few known incompatibilities are listed in the FAQ.\u003C\u002Fp>\n\u003Ch4>BENEFITS\u003C\u002Fh4>\n\u003Cp>WP Meteor can improve your \u003Ca href=\"https:\u002F\u002Fpagespeed.web.dev\u002F\" rel=\"nofollow ugc\">Pagespeed\u003C\u002Fa> results and the actual loading time of your website by \u003Cstrong>up to 5x\u003C\u002Fstrong>! You do not have to take our word for it, it only takes 2 minutes to install the plugin and \u003Ca href=\"https:\u002F\u002Ftest.fastpixel.io\u002F\" rel=\"nofollow ugc\">test how it improves\u003C\u002Fa> your website speed.\u003Cbr \u002F>\nAnd since the plugin is designed to leave no traces on your hard drive or database when deactivated and removed, \u003Cstrong>there is no risk for you\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>HOW IT WORKS\u003C\u002Fh4>\n\u003Cp>If the user does not interact with the page immediately, WP Meteor defers loading and firing scripts until the page is rendered, which increases the pagespeed metric, on average, by \u003Cstrong>2-5x\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This delay in loading scripts greatly improves perceived load times for your visitors. It also significantly improves the following \u003Cstrong>important SEO metrics\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpagespeed.web.dev\u002F\" rel=\"nofollow ugc\">Page Speed\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fweb.dev\u002Flcp\u002F\" rel=\"nofollow ugc\">Largest Contentful Paint (LCP)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fweb.dev\u002Ftti\u002F\" rel=\"nofollow ugc\">Time To Interactive (TTI)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fweb.dev\u002Ftbt\u002F\" rel=\"nofollow ugc\">Total Blocking Time (TBT)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>FURTHER ACCELERATE YOUR WEBSITE\u003C\u002Fh3>\n\u003Cp>If you want to optimize your website’s speed to the fullest extent automatically while ensuring that all Core Web Vitals are taken care of, we recommend trying \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffastpixel-website-accelerator\u002F\" rel=\"ugc\">FastPixel.io\u003C\u002Fa> for free.\u003Cbr \u002F>\nThe \u003Cstrong>FastPixel\u003C\u002Fstrong> project is a collaboration between the creator of WP Meteor and ShortPixel, and it addresses, with just a few clicks, \u003Ca href=\"https:\u002F\u002Ffastpixel.io\u002Fblog\u002Feasy-way-to-improve-core-web-vitals-on-wordpress\u002F?utm_source=wpmeteor-readme#common-issues-affecting-core-web-vitals\" rel=\"nofollow ugc\">all the common issues\u003C\u002Fa> that affect Core Web Vitals.\u003C\u002Fp>\n","2x-5x improvement in your Page Speed score. A completely new way of optimizing your page speed.",991079,94,77,"2026-02-21T17:46:00.000Z",[19,21,86,22],"pagespeed","https:\u002F\u002Fwp-meteor.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-meteor.3.4.17.zip",3,"2024-07-23 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":71,"num_ratings":13,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":65,"tags":104,"homepage":105,"download_link":106,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"quicklink","Quicklink for WordPress","0.10.4","WP Munich","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmunich\u002F","\u003Cp>Quicklink for WordPress attempts to make navigation to subsequent pages load faster. Embedded with the plugin is a javascript library, which detects links in the viewport, waits until the browser is idle and prefetches the URLs for these links. The library also tries to detect, if the user is on a slow connection or on a data plan.\u003C\u002Fp>\n\u003Cp>This plugin builds heavily on the amazing work done by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FGoogleChromeLabs\u002Fquicklink\" rel=\"nofollow ugc\">Google Chrome Labs\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>More information about \u003Ca href=\"https:\u002F\u002Fgetquick.link\" rel=\"nofollow ugc\">Quicklink on the official Website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Detects links within the viewport\u003C\u002Fstrong> (using \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FAPI\u002FIntersection_Observer_API\" rel=\"nofollow ugc\">Intersection Observer\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Waits until the browser is idle\u003C\u002Fstrong> (using \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FAPI\u002FWindow\u002FrequestIdleCallback\" rel=\"nofollow ugc\">requestIdleCallback\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks if the user isn’t on a slow connection\u003C\u002Fstrong> (using \u003Ccode>navigator.connection.effectiveType\u003C\u002Fcode>) or has data-saver enabled (using \u003Ccode>navigator.connection.saveData\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prefetches URLs to the links\u003C\u002Fstrong> (using \u003Ca href=\"https:\u002F\u002Fwww.w3.org\u002FTR\u002Fresource-hints\u002F#prefetch\" rel=\"nofollow ugc\">\u003Ccode>\u003Clink rel=prefetch>\u003C\u002Fcode>\u003C\u002Fa> or XHR). Provides some control over the request priority (can switch to \u003Ccode>fetch()\u003C\u002Fcode> if supported).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you are a developer, we encourage you to follow along or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fluehrsenheinrich\u002Fwp-quicklink\" rel=\"nofollow ugc\">contribute\u003C\u002Fa> to the development of this plugin \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fluehrsenheinrich\u002Fwp-quicklink\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","⚡️ Faster subsequent page-loads by prefetching in-viewport links during idle time.",1000,43097,"2025-04-06T16:31:00.000Z","6.7.5","4.9",[20,21,22,67,68],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquicklink\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquicklink.0.10.4.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":71,"downloaded":115,"rating":71,"num_ratings":89,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":124,"download_link":125,"security_score":126,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"wp-nav-menu-cache","WP Nav Menu Cache","2.2","Md Jahidul Islam","https:\u002F\u002Fprofiles.wordpress.org\u002Fonetarek\u002F","\u003Cp>“\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fonetarek.com\u002Fmy-wordpress-plugins\u002Fwp-nav-menu-cache\u002F\" rel=\"nofollow ugc\">WP Nav Menu Cache\u003C\u002Fa>\u003C\u002Fstrong>” plugin help you to make your WordPress dynamic navigation menu to a static menu. For each page visit WordPress run some MySQL query and complex PHP codes to generate navigation menu that you are using on front-end. Your menu content is not being changed until you change that manually. So why do you need to use your server resource on every page visit to generate a menu? This plugin saves your dynamic menus into some separate static HTML files. When you add, edit or remove any menu item using dashboard then this plugin update its cached files. When a menu is called from website front-end then this plugin stops WordPress to generate that newly and serve from the previouly saved static file. This process reduces some MySQL query , saves your server resource and increases page speed.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Exclude any theme location from caching you don’t want to cache any menu of\u003C\u002Fli>\n\u003Cli>Exclude any menu you don’t want to cache\u003C\u002Fli>\n\u003Cli>Choose wheather this plugin will cache each menu individually for each post\u002Fpage or any visited url.\u003C\u002Fli>\n\u003C\u002Ful>\n","Create cache for dynamically generated navigation menu HTML and serve from a static file. It reduces some MySQL queries and increases page speed.",5353,"2023-01-18T13:49:00.000Z","6.1.10","3.8.0","",[121,19,22,122,123],"cache","web-performance-optimization","wp-cache","http:\u002F\u002Fonetarek.com\u002Fmy-wordpress-plugins\u002Fwp-nav-menu-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-nav-menu-cache.2.2.zip",85,{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":82,"num_ratings":137,"last_updated":138,"tested_up_to":102,"requires_at_least":103,"requires_php":139,"tags":140,"homepage":143,"download_link":144,"security_score":145,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"mega-cache","Mega Cache","1.0.57","docjojo","https:\u002F\u002Fprofiles.wordpress.org\u002Fdocjojo\u002F","\u003Cp>This plugin offers a powerful page caching solution compatible with various cache types, including APCu, Redis, Memcached, SQLite, MongoDB, MariaDB, MySQL, and File.\u003Cbr \u002F>\nPage caching stores an entire page’s content on the server, allowing it to be quickly served from the cache upon repeat requests, rather than being regenerated from scratch.\u003C\u002Fp>\n\u003Ch3>Specifications\u003C\u002Fh3>\n\u003Cp>Size: only 305 KB\u003Cbr \u002F>\nCPU footprint (idle): \u003C5 ms.\u003C\u002Fp>\n\u003Ch3>WooCommerce\u003C\u002Fh3>\n\u003Cp>– Last viewed products will not work on cached pages and products.\u003C\u002Fp>\n","Mega Cache is an ultra-fast page caching plugin designed to enhance your WordPress site's performance, including WooCommerce product caching.",50,3541,7,"2025-03-28T10:47:00.000Z","7.4",[141,142],"including-woocommerce-product-caching","mega-cache-is-an-ultra-fast-page-caching-plugin-designed-to-enhance-your-wordpress-sites-performance","https:\u002F\u002Fwpmegacache.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmega-cache.1.0.57.zip",92,{"attackSurface":147,"codeSignals":282,"taintFlows":447,"riskAssessment":448,"analyzedAt":459},{"hooks":148,"ajaxHandlers":274,"restRoutes":275,"shortcodes":276,"cronEvents":277,"entryPointCount":72,"unprotectedCount":72},[149,155,159,163,167,172,176,180,185,188,191,194,197,200,203,206,208,211,214,219,222,225,228,231,234,236,240,243,246,249,253,256,261,264,267,270],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","admin_enqueue_scripts","assets","includes\\Controller\\AdminController.php",43,{"type":150,"name":156,"callback":157,"file":153,"line":158},"admin_init","register_settings",44,{"type":150,"name":160,"callback":161,"file":153,"line":162},"admin_menu","add_menus",45,{"type":150,"name":164,"callback":165,"file":153,"line":166},"admin_notices","add_notices",46,{"type":150,"name":168,"callback":169,"file":170,"line":171},"cron_revalidate_html","revalidate_html","includes\\Controller\\CronController.php",21,{"type":150,"name":173,"callback":174,"file":170,"line":175},"cron_update_speed_kit","update_speed_kit",22,{"type":150,"name":177,"callback":178,"file":179,"line":46},"wp_dashboard_setup","add_widget","includes\\Controller\\DashboardController.php",{"type":150,"name":181,"callback":182,"priority":27,"file":183,"line":184},"wp_head","head","includes\\Controller\\FrontendController.php",18,{"type":150,"name":186,"callback":182,"priority":27,"file":183,"line":187},"admin_head",19,{"type":150,"name":189,"callback":189,"file":190,"line":175},"save_post","includes\\Controller\\TriggerController.php",{"type":150,"name":192,"callback":192,"file":190,"line":193},"delete_post",23,{"type":150,"name":195,"callback":195,"file":190,"line":196},"add_attachment",24,{"type":150,"name":198,"callback":198,"file":190,"line":199},"attachment_updated",25,{"type":150,"name":201,"callback":201,"file":190,"line":202},"delete_attachment",26,{"type":150,"name":204,"callback":204,"file":190,"line":205},"set_object_terms",27,{"type":150,"name":207,"callback":207,"file":190,"line":46},"comment_post",{"type":150,"name":209,"callback":209,"file":190,"line":210},"edit_comment",31,{"type":150,"name":212,"callback":212,"file":190,"line":213},"delete_comment",32,{"type":150,"name":215,"callback":216,"priority":217,"file":190,"line":218},"transition_comment_status","transition_comment",10,33,{"type":150,"name":220,"callback":220,"file":190,"line":221},"edited_term",36,{"type":150,"name":223,"callback":223,"file":190,"line":224},"delete_term",37,{"type":150,"name":226,"callback":226,"file":190,"line":227},"profile_update",40,{"type":150,"name":229,"callback":229,"file":190,"line":230},"user_register",41,{"type":150,"name":232,"callback":232,"file":190,"line":233},"delete_user",42,{"type":150,"name":235,"callback":235,"file":190,"line":162},"switch_theme",{"type":237,"name":238,"callback":238,"priority":217,"file":190,"line":239},"filter","widget_update_callback",48,{"type":150,"name":241,"callback":241,"file":190,"line":242},"delete_widget",49,{"type":150,"name":244,"callback":244,"file":190,"line":245},"upgrader_process_complete",52,{"type":150,"name":244,"callback":247,"file":190,"line":248},"update_speedkit_metadata",53,{"type":150,"name":250,"callback":251,"file":190,"line":252},"shutdown","process_filters",56,{"type":150,"name":250,"callback":254,"file":190,"line":255},"process_widget_updates",57,{"type":150,"name":257,"callback":258,"file":259,"line":260},"plugins_loaded","load_textdomain","includes\\Plugin.php",141,{"type":150,"name":257,"callback":262,"file":259,"line":263},"login",144,{"type":150,"name":257,"callback":265,"file":259,"line":266},"logout",145,{"type":150,"name":268,"callback":268,"priority":217,"file":259,"line":269},"activated_plugin",146,{"type":237,"name":271,"callback":272,"file":259,"line":273},"init","handle_service_worker_request",147,[],[],[],[278,280],{"hook":173,"callback":173,"file":259,"line":279},272,{"hook":168,"callback":168,"file":259,"line":281},566,{"dangerousFunctions":283,"sqlUsage":284,"outputEscaping":286,"fileOperations":13,"externalRequests":72,"nonceChecks":72,"capabilityChecks":72,"bundledLibraries":443},[],{"prepared":72,"raw":72,"locations":285},[],{"escaped":287,"rawEcho":145,"locations":288},2,[289,293,295,296,298,300,302,303,305,307,310,311,313,314,315,316,318,319,320,323,324,325,326,327,328,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371,374,375,377,378,380,381,382,384,385,386,387,388,389,390,392,394,396,398,400,402,404,405,407,409,411,413,414,416,417,418,420,422,423,424,425,426,428,429,431,433,434,436,437,438,441],{"file":290,"line":291,"context":292},"includes\\Admin\\View.php",101,"raw output",{"file":153,"line":294,"context":292},254,{"file":153,"line":279,"context":292},{"file":153,"line":297,"context":292},282,{"file":153,"line":299,"context":292},298,{"file":153,"line":301,"context":292},338,{"file":183,"line":218,"context":292},{"file":183,"line":304,"context":292},47,{"file":183,"line":306,"context":292},54,{"file":308,"line":309,"context":292},"views\\account.php",15,{"file":308,"line":202,"context":292},{"file":308,"line":312,"context":292},38,{"file":308,"line":227,"context":292},{"file":308,"line":135,"context":292},{"file":308,"line":245,"context":292},{"file":317,"line":13,"context":292},"views\\advanced.php",{"file":317,"line":175,"context":292},{"file":317,"line":205,"context":292},{"file":321,"line":322,"context":292},"views\\dashboardWidget.php",34,{"file":321,"line":224,"context":292},{"file":321,"line":154,"context":292},{"file":321,"line":239,"context":292},{"file":321,"line":255,"context":292},{"file":321,"line":83,"context":292},{"file":321,"line":61,"context":292},{"file":321,"line":330,"context":292},86,{"file":321,"line":332,"context":292},88,{"file":321,"line":334,"context":292},95,{"file":321,"line":336,"context":292},107,{"file":321,"line":338,"context":292},108,{"file":321,"line":340,"context":292},109,{"file":321,"line":342,"context":292},110,{"file":321,"line":344,"context":292},113,{"file":321,"line":346,"context":292},114,{"file":321,"line":348,"context":292},115,{"file":321,"line":350,"context":292},116,{"file":321,"line":352,"context":292},120,{"file":321,"line":354,"context":292},123,{"file":321,"line":356,"context":292},124,{"file":321,"line":358,"context":292},125,{"file":321,"line":360,"context":292},126,{"file":321,"line":362,"context":292},130,{"file":321,"line":364,"context":292},135,{"file":321,"line":366,"context":292},137,{"file":321,"line":368,"context":292},139,{"file":321,"line":370,"context":292},142,{"file":372,"line":373,"context":292},"views\\help.php",17,{"file":372,"line":205,"context":292},{"file":376,"line":171,"context":292},"views\\overview\\performance.php",{"file":376,"line":218,"context":292},{"file":376,"line":379,"context":292},35,{"file":376,"line":233,"context":292},{"file":376,"line":304,"context":292},{"file":383,"line":154,"context":292},"views\\overview\\speedKit.php",{"file":383,"line":166,"context":292},{"file":383,"line":304,"context":292},{"file":383,"line":239,"context":292},{"file":383,"line":239,"context":292},{"file":383,"line":135,"context":292},{"file":383,"line":245,"context":292},{"file":383,"line":391,"context":292},58,{"file":383,"line":393,"context":292},61,{"file":383,"line":395,"context":292},62,{"file":383,"line":397,"context":292},63,{"file":383,"line":399,"context":292},64,{"file":383,"line":401,"context":292},65,{"file":383,"line":403,"context":292},67,{"file":383,"line":61,"context":292},{"file":383,"line":406,"context":292},81,{"file":383,"line":408,"context":292},87,{"file":383,"line":410,"context":292},89,{"file":383,"line":412,"context":292},93,{"file":383,"line":60,"context":292},{"file":383,"line":415,"context":292},99,{"file":383,"line":71,"context":292},{"file":383,"line":291,"context":292},{"file":383,"line":419,"context":292},105,{"file":383,"line":421,"context":292},112,{"file":383,"line":344,"context":292},{"file":383,"line":346,"context":292},{"file":383,"line":346,"context":292},{"file":383,"line":350,"context":292},{"file":383,"line":427,"context":292},118,{"file":383,"line":358,"context":292},{"file":430,"line":309,"context":292},"views\\overview.php",{"file":430,"line":432,"context":292},16,{"file":430,"line":184,"context":292},{"file":435,"line":13,"context":292},"views\\speedKit.php",{"file":435,"line":196,"context":292},{"file":435,"line":227,"context":292},{"file":439,"line":440,"context":292},"views\\tabs.php",4,{"file":439,"line":442,"context":292},5,[444],{"name":445,"version":36,"knownCves":446},"Guzzle",[],[],{"summary":449,"deductions":450},"The Baqend plugin version 2.0.2 exhibits a mixed security posture. While the plugin demonstrates good practices by using prepared statements for all SQL queries and avoiding external HTTP requests, significant concerns arise from its output escaping and a notable vulnerability history. The static analysis reveals a very low percentage of properly escaped output (2%), which is a major red flag for potential Cross-Site Scripting (XSS) vulnerabilities.  Furthermore, the plugin has a known medium severity vulnerability that remains unpatched, specifically related to missing authorization. This suggests a recurring pattern of authorization weaknesses. The absence of apparent AJAX handlers, REST API routes, and shortcodes with authentication checks in the static analysis might indicate a limited attack surface, but the overall security is significantly undermined by the unpatched vulnerability and the prevalent output escaping issues. The presence of bundled libraries like Guzzle also warrants attention for potential outdated versions that might introduce vulnerabilities, though this is not explicitly detailed in the provided data.",[451,453,455,457],{"reason":452,"points":184},"Unpatched Medium Severity CVE",{"reason":454,"points":137},"Low percentage of properly escaped output",{"reason":456,"points":442},"Missing Authorization vulnerability history",{"reason":458,"points":89},"Bundled library (Guzzle) present","2026-03-16T18:31:00.469Z",{"wat":461,"direct":472},{"assetPaths":462,"generatorPatterns":466,"scriptPaths":467,"versionParams":468},[463,464,465],"\u002Fwp-content\u002Fplugins\u002Fbaqend\u002Fassets\u002Fcss\u002Fbaqend-admin.css","\u002Fwp-content\u002Fplugins\u002Fbaqend\u002Fassets\u002Fjs\u002Fbaqend-admin.js","\u002Fwp-content\u002Fplugins\u002Fbaqend\u002Fassets\u002Fjs\u002Fbaqend-vendor.js",[],[],[469,470,471],"baqend\u002Fassets\u002Fcss\u002Fbaqend-admin.css?ver=","baqend\u002Fassets\u002Fjs\u002Fbaqend-admin.js?ver=","baqend\u002Fassets\u002Fjs\u002Fbaqend-vendor.js?ver=",{"cssClasses":473,"htmlComments":475,"htmlAttributes":476,"restEndpoints":479,"jsGlobals":480,"shortcodeOutput":482},[474],"wp-baqend-admin",[],[477,478],"data-baqend-app-token","data-baqend-app-id",[],[481],"SPEED_KIT_MESSAGES",[]]