Does CLP Varnish Cache have any unpatched vulnerabilities?

No. All known vulnerabilities in CLP Varnish Cache have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CLP Varnish Cache compatible with WordPress 6.9.4?

According to WordPress.org data, CLP Varnish Cache 1.0.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is CLP Varnish Cache compatible with PHP 7.1+?

CLP Varnish Cache requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is CLP Varnish Cache updated?

CLP Varnish Cache was last updated on Feb 17, 2026. Frequent updates are generally a positive security signal.

What is CLP Varnish Cache's security score?

CLP Varnish Cache has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CLP Varnish Cache Security & Risk Analysis

wordpress.org/plugins/clp-varnish-cache

CLP Varnish Cache lets you configure the cache lifetime, paths, and parameters to exclude from caching. You can purge single urls or cache entries by …

9K active installs v1.0.3 PHP 7.1+ WP 6.0+ Updated Feb 17, 2026

cachecachingvarnishvarnish-cache

A · Safe

CVEs total1

Unpatched0

Last CVEJan 26, 2026

Download

Safety Verdict

Is CLP Varnish Cache Safe to Use in 2026?

Generally Safe

Score 99/100

CLP Varnish Cache has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 26, 2026Updated 1mo ago

Risk Assessment

The "clp-varnish-cache" v1.0.4 plugin exhibits a generally strong security posture, with no identified critical or high severity vulnerabilities in static analysis or taint flows. The absence of an attack surface through AJAX, REST API, shortcodes, or cron events is a significant positive, as is the complete absence of dangerous functions and the universal use of prepared statements for SQL queries. The plugin also demonstrates good practices with nonce and capability checks. However, a minor concern arises from the 15% of outputs that are not properly escaped, which could potentially lead to cross-site scripting (XSS) vulnerabilities if those outputs are user-controllable. The single external HTTP request could also be a vector if the target is malicious or compromised. The plugin's vulnerability history shows one past medium-severity vulnerability related to missing authorization, although it is currently patched. This suggests that while the developers are responsive to security issues, a focus on robust authorization checks in all potential entry points remains important.

Key Concerns

Unescaped output detected
One medium severity vulnerability in history
External HTTP request

Vulnerabilities

CLP Varnish Cache Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2026-24525medium · 5.3Missing Authorization

CLP Varnish Cache <= 1.0.2 - Missing Authorization

Jan 26, 2026 Patched in 1.0.3 (23d)

Code Analysis

Analyzed Mar 16, 2026

CLP Varnish Cache Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

85% escaped27 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<clp-varnish-cache> (pages\clp-varnish-cache.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

CLP Varnish Cache Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_initclass.varnish-cache-admin.php:13

actionadmin_bar_menuclass.varnish-cache-admin.php:14

actionadmin_menuclass.varnish-cache-admin.php:15

actionnetwork_admin_menuclass.varnish-cache-admin.php:16

actionadmin_enqueue_scriptsclass.varnish-cache-admin.php:17

actionadmin_noticesclass.varnish-cache-admin.php:36

Maintenance & Trust

CLP Varnish Cache Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 17, 2026

PHP min version7.1

Downloads57K

Community Trust

Rating100/100

Number of ratings6

Active installs9K

Alternatives

CLP Varnish Cache Alternatives

Purge Varnish Cache

purge-varnish

Clean clear VARNISH cache automatically when content on your site is created or modified, also allow you to purge VARNISH cache manually.

2K 1 unpatched

Varnish/Nginx Proxy Caching

vcaching

Wordpress Varnish Cache 3.x/4.x/5.x and Nginx Proxy Cache integration

900 2 unpatched

Varnish WordPress

varnish-wp

This plugin enables you to use the Varnish cache with WordPress, designed for high performance websites.

70 1 unpatched

Is Varnish Working?

is-varnish-working

Test your wordpress url to see if it contains the Varnish Cache HTTP headers

10 No CVEs

WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance

wp-optimize

Get caching and more with this powerful cache plugin. Cache, optimize images, clean your database and minify for maximum performance.

1.0M 3 CVEs

Developer Profile

CLP Varnish Cache Developer Profile

CloudPanel

1 plugin · 9K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

23 days

View full developer profile

Detection Fingerprints

How We Detect CLP Varnish Cache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/clp-varnish-cache/style.css

Version Parameters

clp-varnish-cache/style.css?ver=1.0.4

HTML / DOM Fingerprints

CSS Classes

clp-varnish-cache

Data Attributes

data-clp-varnish-cache-settings

FAQ