[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7ExNG6ZK3wjqEbCzEe7Nl0pOIxY2l1Hjb487xd-Ii94":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":52,"analysis":76,"fingerprints":295},"easy-wp-optimizer","Easy WP Optimizer – Optimize DB & WordPress","1.1.0","coothemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoothemes\u002F","\u003Cp>Easy WP Optimizer allows you to optimize database,Backup WordPress database and non-WordPress-based database (including very large databases), Restore database.\u003Cbr \u002F>\nV1.04 – Support zip format backup files download\u003C\u002Fp>\n\u003Ch4>Tested on\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Safari\u003C\u002Fli>\n\u003Cli>Chrome\u003C\u002Fli>\n\u003Cli>Firefox\u003C\u002Fli>\n\u003Cli>ie7,8,9,10\u003C\u002Fli>\n\u003Cli>Edge\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features in Easy WP Optimizer\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Optimizes the database and improves its efficiency.\u003C\u002Fli>\n\u003Cli>It supports translation-ready.\u003C\u002Fli>\n\u003Cli>Backupup  WP Database \u003C\u002Fli>\n\u003Cli>Restore WP Database\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translate this Plugin\u003C\u002Fh4>\n\u003Cp>If you can help us with translation to some other language please contact us at support@coothemes.com\u003C\u002Fp>\n\u003Cp>We really appreciate it!\u003C\u002Fp>\n\u003Ch4>Technical Support\u003C\u002Fh4>\n\u003Cp>Dear users, our plugins are available for free download. If you have any questions or recommendations regarding the functionality of our plugins, please feel free to contact us.\u003C\u002Fp>\n\u003Cp>If you think, that you found a bug in our Easy WP Optimizer plugin or have any question contact us at support@coothemes.com\u003C\u002Fp>\n","Easy WP Optimizer allows you to optimize database,Backup WordPress database and non-WordPress-based database (including very large databases), Restore &hellip;",40,3469,0,"2018-07-25T02:00:00.000Z","4.9.29","4.5","",[19,20,21,22,23],"auto-drafts","clean-up-optimizer","clean-up-wordpress","clean-up-wp","database-optimize","https:\u002F\u002Fwww.coothemes.com\u002FEasy-WP-Optimizer-Manual\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-wp-optimizer.zip",63,1,"2025-04-04 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-32147","easy-wp-optimizer-missing-authorization","Easy WP Optimizer \u003C= 1.1.0 - Missing Authorization","The Easy WP Optimizer – Optimize DB & WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to perform an unauthorized action.",null,"\u003C=1.1.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-04-08 14:18:56",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb889440b-33f9-410b-b3d5-f41e08bcee82?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},3,60,78,30,79,"2026-04-04T21:22:39.355Z",[53],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":73,"download_link":74,"security_score":75,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"itpathsolutions-media-cleaner-and-database-optimizer","Media Cleaner and Database Optimizer by ITPath","1.0.5","IT Path Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fitpathsolutions\u002F","\u003Cp>Media Cleaner and Database Optimizer by ITPath helps you manage unused media files and clean unnecessary data from your WordPress database.\u003C\u002Fp>\n\u003Cp>The plugin allows you to identify media files that are not associated with posts or pages and remove them safely. It also provides tools to clean unused database data such as revisions, drafts, transients, and metadata.\u003C\u002Fp>\n\u003Cp>By keeping your media library and database organized, the plugin helps maintain a cleaner WordPress installation and supports smooth site operation.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Media Cleaner\u003C\u002Fp>\n\u003Cul>\n\u003Cli>View all media files utilized on your site.\u003C\u002Fli>\n\u003Cli>Easily clear unused media not associated with any posts or pages.\u003C\u002Fli>\n\u003Cli>Streamline media management by deleting unused files.\u003C\u002Fli>\n\u003Cli>Detect media usage across your website effortlessly.\u003C\u002Fli>\n\u003Cli>Save time by skipping the cleanup process for media files that are in use.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Database Cleaner\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Inactive & unused Plugins cleaner\u003C\u002Fli>\n\u003Cli>Inactive & unused Themes cleaner\u003C\u002Fli>\n\u003Cli>Revision clean up\u003C\u002Fli>\n\u003Cli>Draft clean up\u003C\u002Fli>\n\u003Cli>Auto draft clean up\u003C\u002Fli>\n\u003Cli>Post meta clean up\u003C\u002Fli>\n\u003Cli>Comment meta clean up\u003C\u002Fli>\n\u003Cli>All comments clean up\u003C\u002Fli>\n\u003Cli>User meta clean up\u003C\u002Fli>\n\u003Cli>Term meta clean up\u003C\u002Fli>\n\u003Cli>Trashed post &  product clean ip\u003C\u002Fli>\n\u003Cli>Trashed post \u002F product clean up\u003C\u002Fli>\n\u003Cli>Transients clean up\u003C\u002Fli>\n\u003Cli>Pingback & trackback clean up\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","The most powerful tool for clearing unused media from your website and optimizing your database to boost site performance",20,2883,"2026-01-08T10:20:00.000Z","6.9.4","6.2","7.4",[68,69,70,71,72],"cleanup","database","database-optimizer","media","media-cleaner","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fitpathsolutions-media-cleaner-and-database-optimizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fitpathsolutions-media-cleaner-and-database-optimizer.1.0.5.zip",100,{"attackSurface":77,"codeSignals":97,"taintFlows":259,"riskAssessment":279,"analyzedAt":294},{"hooks":78,"ajaxHandlers":93,"restRoutes":94,"shortcodes":95,"cronEvents":96,"entryPointCount":13,"unprotectedCount":13},[79,85,89],{"type":80,"name":81,"callback":82,"file":83,"line":84},"action","admin_init","ewo_call_functions_for_easy_wp_optimizer","easy-wp-optimizer.php",72,{"type":80,"name":86,"callback":87,"file":83,"line":88},"admin_menu","ewo_sidebar_menu_for_easy_wp_optimizer",88,{"type":80,"name":90,"callback":91,"file":83,"line":92},"plugins_loaded","ewo_load_textdomain_for_easy_wp_optimizer",97,[],[],[],[],{"dangerousFunctions":98,"sqlUsage":99,"outputEscaping":134,"fileOperations":256,"externalRequests":13,"nonceChecks":257,"capabilityChecks":27,"bundledLibraries":258},[],{"prepared":100,"raw":101,"locations":102},53,13,[103,107,109,111,114,118,120,122,124,126,128,130,132],{"file":104,"line":105,"context":106},"includes\\action.php",148,"$wpdb->query() with variable interpolation",{"file":104,"line":108,"context":106},155,{"file":104,"line":110,"context":106},316,{"file":104,"line":112,"context":113},350,"$wpdb->get_results() with variable interpolation",{"file":115,"line":116,"context":117},"includes\\q.php",94,"$wpdb->get_var() with variable interpolation",{"file":115,"line":119,"context":117},112,{"file":115,"line":121,"context":117},119,{"file":115,"line":123,"context":117},126,{"file":115,"line":125,"context":117},144,{"file":115,"line":127,"context":117},151,{"file":115,"line":129,"context":117},158,{"file":115,"line":131,"context":117},252,{"file":115,"line":133,"context":117},274,{"escaped":135,"rawEcho":136,"locations":137},19,61,[138,142,145,146,148,150,152,154,156,158,160,162,163,165,167,169,171,173,174,176,178,179,181,183,185,187,189,191,192,194,196,198,200,202,204,206,208,210,211,213,215,217,219,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,251,252,254],{"file":139,"line":140,"context":141},"includes\\class\\DbManage.class.php",224,"raw output",{"file":143,"line":144,"context":141},"includes\\inc\\footer.php",9,{"file":143,"line":61,"context":141},{"file":143,"line":147,"context":141},25,{"file":143,"line":149,"context":141},34,{"file":143,"line":151,"context":141},66,{"file":143,"line":153,"context":141},67,{"file":143,"line":155,"context":141},70,{"file":143,"line":157,"context":141},71,{"file":143,"line":159,"context":141},74,{"file":143,"line":161,"context":141},75,{"file":143,"line":50,"context":141},{"file":143,"line":164,"context":141},80,{"file":143,"line":166,"context":141},84,{"file":143,"line":168,"context":141},85,{"file":143,"line":170,"context":141},89,{"file":143,"line":172,"context":141},90,{"file":143,"line":116,"context":141},{"file":143,"line":175,"context":141},95,{"file":143,"line":177,"context":141},99,{"file":143,"line":75,"context":141},{"file":143,"line":180,"context":141},104,{"file":143,"line":182,"context":141},105,{"file":143,"line":184,"context":141},109,{"file":143,"line":186,"context":141},110,{"file":143,"line":188,"context":141},114,{"file":143,"line":190,"context":141},115,{"file":143,"line":121,"context":141},{"file":143,"line":193,"context":141},120,{"file":143,"line":195,"context":141},124,{"file":143,"line":197,"context":141},125,{"file":143,"line":199,"context":141},129,{"file":143,"line":201,"context":141},130,{"file":143,"line":203,"context":141},134,{"file":143,"line":205,"context":141},135,{"file":143,"line":207,"context":141},139,{"file":143,"line":209,"context":141},140,{"file":143,"line":125,"context":141},{"file":143,"line":212,"context":141},145,{"file":143,"line":214,"context":141},149,{"file":143,"line":216,"context":141},150,{"file":143,"line":218,"context":141},154,{"file":143,"line":108,"context":141},{"file":143,"line":221,"context":141},159,{"file":143,"line":223,"context":141},160,{"file":143,"line":225,"context":141},164,{"file":143,"line":227,"context":141},165,{"file":143,"line":229,"context":141},169,{"file":143,"line":231,"context":141},170,{"file":143,"line":233,"context":141},174,{"file":143,"line":235,"context":141},175,{"file":143,"line":237,"context":141},179,{"file":143,"line":239,"context":141},180,{"file":143,"line":241,"context":141},184,{"file":143,"line":243,"context":141},185,{"file":143,"line":245,"context":141},225,{"file":143,"line":247,"context":141},234,{"file":249,"line":250,"context":141},"includes\\inc\\sidebar.php",46,{"file":249,"line":100,"context":141},{"file":249,"line":253,"context":141},54,{"file":249,"line":255,"context":141},58,8,4,[],[260],{"entryPoint":261,"graph":262,"unsanitizedCount":27,"severity":38},"\u003Cdownload> (includes\\download.php:0)",{"nodes":263,"edges":276},[264,270],{"id":265,"type":266,"label":267,"file":268,"line":269},"n0","source","$_REQUEST","includes\\download.php",38,{"id":271,"type":272,"label":273,"file":268,"line":274,"wp_function":275},"n1","sink","header() [Header Injection]",57,"header",[277],{"from":265,"to":271,"sanitized":278},false,{"summary":280,"deductions":281},"The static analysis of easy-wp-optimizer v1.1.0 reveals a generally good security posture in terms of its direct attack surface. There are no apparent AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication, which is a strong positive indicator. The plugin also shows good practice in its SQL query handling, with a high percentage (80%) utilizing prepared statements.\n\nHowever, concerns arise from the output escaping, where only 24% of outputs are properly escaped. This significantly increases the risk of cross-site scripting (XSS) vulnerabilities. The taint analysis, while limited in scope (1 flow analyzed), did identify a flow with unsanitized paths. While classified as low severity, any unsanitized path is a potential entry point for malicious manipulation, especially when combined with inadequate output escaping.\n\nThe vulnerability history, particularly a medium severity CVE for Missing Authorization reported on 2025-04-04, is a significant concern. This indicates a recurring pattern of authorization issues. The fact that this vulnerability is currently unpatched is a critical risk. While the static analysis did not flag explicit authorization checks missed in its current scan, the historical data strongly suggests that the plugin may have underlying authorization weaknesses. The presence of only one capability check in the code signals might also contribute to this. The plugin's strengths lie in its limited attack surface and good SQL practices, but the poor output escaping and the history of authorization vulnerabilities, coupled with an unpatched CVE, present significant risks.",[282,285,288,291],{"reason":283,"points":284},"Unpatched CVE (Medium severity)",18,{"reason":286,"points":287},"Flow with unsanitized paths",7,{"reason":289,"points":290},"Low percentage of properly escaped output",15,{"reason":292,"points":293},"Low number of capability checks",5,"2026-03-16T22:19:16.456Z",{"wat":296,"direct":306},{"assetPaths":297,"generatorPatterns":303,"scriptPaths":304,"versionParams":305},[298,299,300,301,302],"\u002Fwp-content\u002Fplugins\u002Feasy-wp-optimizer\u002Finc\u002Fcss\u002Fmain.css","\u002Fwp-content\u002Fplugins\u002Feasy-wp-optimizer\u002Finc\u002Fcss\u002Ftoastr.css","\u002Fwp-content\u002Fplugins\u002Feasy-wp-optimizer\u002Finc\u002Fcss\u002Fhtml5tooltips.css","\u002Fwp-content\u002Fplugins\u002Feasy-wp-optimizer\u002Finc\u002Fjs\u002Ftoastr.js","\u002Fwp-content\u002Fplugins\u002Feasy-wp-optimizer\u002Finc\u002Fjs\u002Fhtml5tooltips.js",[],[],[],{"cssClasses":307,"htmlComments":309,"htmlAttributes":311,"restEndpoints":314,"jsGlobals":315,"shortcodeOutput":316},[308],"ewo_main_container",[310],"Easy WP Optimizer",[312,313],"data-title","data-message",[],[],[]]