[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWEuvuy9WxMFHDsZnnXAZFpFxP0kyew74mTlBqvHsEdU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":137,"fingerprints":220},"dns-prefetch","DNS Prefetch","0.1.0","jp2112","https:\u002F\u002Fprofiles.wordpress.org\u002Fjp2112\u002F","\u003Cp>This plugin implements DNS prefetching per the Mozilla specification for the Firefox browser. Hopefully, other browsers will eventually support DNS prefetching.\u003C\u002Fp>\n\u003Cp>See https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FControlling_DNS_prefetching for more detail.\u003C\u002Fp>\n\u003Cp>Disclaimer: This plugin is not affiliated with or endorsed by Mozilla.\u003C\u002Fp>\n\u003Ch3>If you need help with this plugin\u003C\u002Fh3>\n\u003Cp>If this plugin breaks your site or just flat out does not work, create a thread in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdns-prefetch\" rel=\"ugc\">Support\u003C\u002Fa> forum with a description of the issue. Make sure you are using the latest version of WordPress and the plugin before reporting issues, to be sure that the issue is with the current version and not with an older version where the issue may have already been fixed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please do not use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fdns-prefetch\" rel=\"ugc\">Reviews\u003C\u002Fa> section to report issues or request new features.\u003C\u002Fstrong>\u003C\u002Fp>\n","Adds dns prefetching meta tags to your site.",80,3864,94,3,"2015-01-20T12:32:00.000Z","4.1.42","4.0","",[20,21,22],"dns","optimization","prefetch","http:\u002F\u002Fwww.jimmyscode.com\u002Fwordpress\u002Fdns-prefetch\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdns-prefetch.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":25,"computed_at":35},14,1380,87,30,"2026-04-05T14:21:28.786Z",[37,55,77,102,119],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":14,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":53,"download_link":54,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"simple-dns-prefetch","Simple DNS Prefetch","0.5.2","andrewmoof","https:\u002F\u002Fprofiles.wordpress.org\u002Fandrewmoof\u002F","\u003Cp>DNS resolution time can lead to a significant amount of user perceived latency. The time that DNS resolution takes is highly variable.  Latency delays range from around 1ms (locally cached results) to commonly reported times of several seconds.\u003C\u002Fp>\n\u003Cp>DNS prefetching is an attempt to resolve domain names before a user tries to follow a link. This is done using the computer’s normal DNS resolution mechanism. Once a domain name has been resolved, if the user does navigate to that domain, there will be no effective delay due to DNS resolution time. When we encounter hyperlinks in pages, we extract the domain name from each one and resolving each domain to an IP address.  All this work is done in parallel with the user’s reading of the page, using minimal CPU and network resources.  When a user clicks on any of these pre-resolved names, they will on average save about 200 milliseconds in their navigation (assuming the user hadn’t already visited the domain recently). More importantly than the average savings, users won’t tend to experience the “worst case” delays for DNS resolution, which are regularly over 1 second.\u003C\u002Fp>\n","Adds (or removes) DNS prefetching meta tags to your site and speeds up your page load speed.",200,5109,74,"2018-06-08T13:41:00.000Z","4.9.29","4.1",[20,4,21,22,52],"speed","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-dns-prefetch\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-dns-prefetch.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":76,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"flying-pages","Flying Pages: Preload Pages for Faster Navigation & Improved User Experience","2.4.7","Gijo Varghese","https:\u002F\u002Fprofiles.wordpress.org\u002Fgijo\u002F","\u003Cp>Flying Pages preload pages before the user click on it, making them load instantly\u003C\u002Fp>\n\u003Ch3>How it Works?\u003C\u002Fh3>\n\u003Cp>Flying Pages injects a tiny JavaScript code (1KB gzipped), waits until the browser becomes idle. Then it detects pages in the viewport and on mouse hover and preloads them.\u003C\u002Fp>\n\u003Cp>Flying Pages is intelligent to make sure preloading doesn’t crash your server or make it slow.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Preload pages in the viewport\u003C\u002Fstrong> – Detect links within the viewport (current viewing area) using ‘Intersection Observer’ and tells the browser to preload them using ‘prefetch’, switch to xhr if not available (similar to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FGoogleChromeLabs\u002Fquicklink\" rel=\"nofollow ugc\">Quicklink\u003C\u002Fa>).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Preload pages on mouse hover\u003C\u002Fstrong> – On hovering links, if it’s not preloaded yet using above ‘viewport’, then Flying Pages will prefetch them instantly (similar to \u003Ca href=\"https:\u002F\u002Finstant.page\u002F\" rel=\"nofollow ugc\">Instant.page\u003C\u002Fa>).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Limits the number of preloads per second\u003C\u002Fstrong> – If your page has too many links, prefetching all at the same time will cause the server to crash or slow down the website to visitors. Flying Pages limits the number of preloads per second (3 req\u002Fsec by default) using an in-built queue. For example, if you’ve 10 links in the viewport, preloading all these are span into 4 seconds.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Stops preloading if the server is busy\u003C\u002Fstrong> – In case the server starts to respond slowly or return errors, preloading will be stopped to reduce the server load.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Understands user’s connection and preferences\u003C\u002Fstrong> – Checks if the user is on a slow connection like 2G or has enabled data-saver. Flying Pages won’t preload anything in this case.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fflying-pages\u002F\" rel=\"ugc\">Official Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fwpspeedmatters\" rel=\"nofollow ugc\">Facebook Group\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Our premium products\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fflyingpress.com\" rel=\"nofollow ugc\">FlyingPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fflyingcdn.com\" rel=\"nofollow ugc\">FlyingCDN\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Our free plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-pages\u002F\" rel=\"ugc\">Flying Pages\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnazy-load\u002F\" rel=\"ugc\">Flying Images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-scripts\u002F\" rel=\"ugc\">Flying Scripts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-analytics\u002F\" rel=\"ugc\">Flying Analytics\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-fonts\u002F\" rel=\"ugc\">Flying Fonts\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Preload pages intelligently to boost site speed and enhance user experience by loading pages before users click, ensuring instant page transitions.",20000,241853,98,79,"2025-12-02T13:23:00.000Z","6.9.4","4.5","5.6",[72,21,73,22,52],"fast","performance","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflying-pages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflying-pages.2.4.7.zip",100,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":76,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":96,"download_link":97,"security_score":98,"vuln_count":99,"unpatched_count":100,"last_vuln_date":101,"fetched_at":28},"pre-party-browser-hints","Pre* Party Resource Hints","1.8.20","Sam Perrow","https:\u002F\u002Fprofiles.wordpress.org\u002Fsamperrow\u002F","\u003Cp>This plugin allows users to automatically and easily embed resource hints to improve page load time.\u003C\u002Fp>\n\u003Cp>DNS prefetch, prerender, preconnect, prefetch, and preload are all supported.\u003C\u002Fp>\n\u003Cp>After installation, preconnect hints will automatically be created the next time your website is visited.\u003C\u002Fp>\n\u003Cp>You have the choice to include these resource hints in the HTTP header or the website’s .\u003C\u002Fp>\n\u003Ch3>Installation Video\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FAha9E3AXvJQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Take advantage of browser resource hints and plug-and-play features to improve page load time.",6000,174565,28,"2024-02-17T18:36:00.000Z","6.3.8","4.4","7.0.0",[4,93,22,94,95],"preconnect","preload","prerender","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpre-party-browser-hints\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpre-party-browser-hints.zip",61,2,1,"2026-03-20 14:37:45",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":76,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":70,"tags":116,"homepage":117,"download_link":118,"security_score":76,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"quicklink","Quicklink for WordPress","0.10.4","WP Munich","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmunich\u002F","\u003Cp>Quicklink for WordPress attempts to make navigation to subsequent pages load faster. Embedded with the plugin is a javascript library, which detects links in the viewport, waits until the browser is idle and prefetches the URLs for these links. The library also tries to detect, if the user is on a slow connection or on a data plan.\u003C\u002Fp>\n\u003Cp>This plugin builds heavily on the amazing work done by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FGoogleChromeLabs\u002Fquicklink\" rel=\"nofollow ugc\">Google Chrome Labs\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>More information about \u003Ca href=\"https:\u002F\u002Fgetquick.link\" rel=\"nofollow ugc\">Quicklink on the official Website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Detects links within the viewport\u003C\u002Fstrong> (using \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FAPI\u002FIntersection_Observer_API\" rel=\"nofollow ugc\">Intersection Observer\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Waits until the browser is idle\u003C\u002Fstrong> (using \u003Ca href=\"https:\u002F\u002Fdeveloper.mozilla.org\u002Fen-US\u002Fdocs\u002FWeb\u002FAPI\u002FWindow\u002FrequestIdleCallback\" rel=\"nofollow ugc\">requestIdleCallback\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checks if the user isn’t on a slow connection\u003C\u002Fstrong> (using \u003Ccode>navigator.connection.effectiveType\u003C\u002Fcode>) or has data-saver enabled (using \u003Ccode>navigator.connection.saveData\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prefetches URLs to the links\u003C\u002Fstrong> (using \u003Ca href=\"https:\u002F\u002Fwww.w3.org\u002FTR\u002Fresource-hints\u002F#prefetch\" rel=\"nofollow ugc\">\u003Ccode>\u003Clink rel=prefetch>\u003C\u002Fcode>\u003C\u002Fa> or XHR). Provides some control over the request priority (can switch to \u003Ccode>fetch()\u003C\u002Fcode> if supported).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you are a developer, we encourage you to follow along or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fluehrsenheinrich\u002Fwp-quicklink\" rel=\"nofollow ugc\">contribute\u003C\u002Fa> to the development of this plugin \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fluehrsenheinrich\u002Fwp-quicklink\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","⚡️ Faster subsequent page-loads by prefetching in-viewport links during idle time.",1000,43097,11,"2025-04-06T16:31:00.000Z","6.7.5","4.9",[72,21,73,22,52],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquicklink\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquicklink.0.10.4.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":76,"downloaded":127,"rating":26,"num_ratings":26,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":18,"download_link":136,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"disable-dns-prefetch","Disable DNS prefetch","1.0","Dhiraj Suthar","https:\u002F\u002Fprofiles.wordpress.org\u002Fdhirajsuthar\u002F","\u003Cp>This plugin will help you to remove DNS prefetch from fontend side.\u003C\u002Fp>\n","This plugin will help you to remove DNS prefetch from fontend side.",2940,"2020-02-10T09:27:00.000Z","5.3.21","3.1","5.2.4",[133,4,134,135],"disable-dns","hide-dns-prefetch","remove-dns","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-dns-prefetch.zip",{"attackSurface":138,"codeSignals":176,"taintFlows":212,"riskAssessment":213,"analyzedAt":219},{"hooks":139,"ajaxHandlers":172,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":26,"unprotectedCount":26},[140,146,150,154,158,162,166],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","init","dpf_translation_file","dns-prefetch.php",34,{"type":141,"name":147,"callback":148,"file":144,"line":149},"admin_init","dpf_options_init",41,{"type":141,"name":151,"callback":152,"file":144,"line":153},"admin_menu","dpf_plugin_menu",57,{"type":141,"name":155,"callback":156,"priority":100,"file":144,"line":157},"wp_head","dpf_prefetch",110,{"type":141,"name":159,"callback":160,"file":144,"line":161},"admin_notices","dpf_showAdminMessages",136,{"type":141,"name":163,"callback":164,"file":144,"line":165},"admin_head","insert_dpf_admin_css",157,{"type":167,"name":168,"callback":169,"priority":170,"file":144,"line":171},"filter","plugin_row_meta","dpf_meta_links",10,174,[],[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":14,"bundledLibraries":211},[],{"prepared":26,"raw":26,"locations":179},[],{"escaped":100,"rawEcho":181,"locations":182},16,[183,186,188,190,191,192,194,195,197,199,200,201,203,205,207,209],{"file":144,"line":184,"context":185},70,"raw output",{"file":144,"line":187,"context":185},76,{"file":144,"line":189,"context":185},77,{"file":144,"line":25,"context":185},{"file":144,"line":33,"context":185},{"file":144,"line":193,"context":185},88,{"file":144,"line":193,"context":185},{"file":144,"line":196,"context":185},92,{"file":144,"line":198,"context":185},93,{"file":144,"line":198,"context":185},{"file":144,"line":198,"context":185},{"file":144,"line":202,"context":185},99,{"file":144,"line":204,"context":185},101,{"file":144,"line":206,"context":185},131,{"file":144,"line":208,"context":185},148,{"file":144,"line":210,"context":185},261,[],[],{"summary":214,"deductions":215},"The \"dns-prefetch\" plugin version 0.1.0 exhibits a strong security posture in several key areas, particularly regarding its attack surface and SQL practices. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with any level of exposure significantly limits potential entry points for attackers. Furthermore, all detected SQL queries utilize prepared statements, which is an excellent practice for preventing SQL injection vulnerabilities. The vulnerability history is also clean, with no recorded CVEs, indicating a history of responsible development or a lack of significant past security issues.\n\nHowever, a notable concern arises from the output escaping. With 17 total outputs and only 6% properly escaped, this indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. This is a critical area of weakness that could be exploited by attackers to inject malicious scripts into the user interface. While the taint analysis shows no flows, this is likely due to the limited scope of the analysis or the absence of complex data flows that would trigger it. The lack of nonce checks and the presence of capability checks (though their context isn't specified) are also points to consider, though less critical than the XSS risk given the overall minimal attack surface.\n\nIn conclusion, the plugin's strengths lie in its restricted attack surface and secure database interactions. Its primary and most significant weakness is the poor handling of output escaping, leading to a substantial XSS risk. The absence of past vulnerabilities is positive, but it does not negate the immediate risks identified in the static analysis. Addressing the output escaping should be the top priority for improving this plugin's security.",[216],{"reason":217,"points":218},"High percentage of unescaped output",8,"2026-03-16T21:30:52.611Z",{"wat":221,"direct":226},{"assetPaths":222,"generatorPatterns":223,"scriptPaths":224,"versionParams":225},[],[],[],[],{"cssClasses":227,"htmlComments":228,"htmlAttributes":229,"restEndpoints":230,"jsGlobals":231,"shortcodeOutput":232},[],[],[],[],[],[]]