Does ezCache have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ezCache compatible with WordPress 6.8.5?

According to WordPress.org data, ezCache 1.7.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is ezCache compatible with PHP 5.6+?

ezCache requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ezCache updated?

ezCache was last updated on Apr 9, 2026. Frequent updates are generally a positive security signal.

What is ezCache's security score?

ezCache has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ezCache Security & Risk Analysis

wordpress.org/plugins/ezcache

EzCache is an easy and innovative cache plugin that will help you significantly improve your site speed.

10K active installs v1.7.2 PHP 5.6+ WP 4.6+ Updated Apr 9, 2026

boostcachehostingspeedupress

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ezCache Safe to Use in 2026?

Generally Safe

Score 100/100

ezCache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "ezcache" v1.6.6 plugin presents a mixed security posture. On one hand, the static analysis reveals a relatively small attack surface with no identified AJAX handlers, REST API routes, or shortcodes that lack authentication or permission checks. The plugin also demonstrates some good practices with a moderate percentage of SQL queries using prepared statements and a reasonable number of capability checks. However, significant concerns arise from the presence of the `unserialize` function without explicit taint analysis results suggesting this is handled safely. Furthermore, the low percentage of properly escaped output (38%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. The lack of any recorded vulnerabilities in its history is a positive indicator of past security diligence, but it doesn't negate the current code-level risks.

Key Concerns

Unescaped output is a concern
Presence of unserialize function

Vulnerabilities

None known

ezCache Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ezCache Release Timeline

v1.7.2Current

v1.7.1

v1.6.6

v1.6.5

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5

v1.4.1.1

v1.4.1

v1.4

v1.3.11

v1.3.10

v1.3.9

v1.3.8

v1.3.7

Code Analysis

Analyzed Mar 16, 2026

ezCache Code Analysis

Dangerous Functions

Raw SQL Queries

18 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn unserialize( $decrypted );includes\Utilities\Encrypter.php:64

SQL Query Safety

60% prepared30 total queries

Output Escaping

38% escaped16 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

maybe_serve_cached_data (includes\Cache.php:720)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ezCache Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 21

actioninitezcache.php:104

filtercron_schedulesezcache.php:105

actioninitezcache.php:106

actionezcache_clear_expired_cacheezcache.php:111

actionplugins_loadedezcache.php:300

filtershow_admin_barincludes\Admin.php:27

actionadmin_initincludes\Admin.php:28

actionadmin_menuincludes\Admin.php:29

actionadmin_enqueue_scriptsincludes\Admin.php:30

actionadmin_noticesincludes\Admin.php:35

actionadmin_bar_menuincludes\Admin.php:37

actionadmin_post_wpb_clear_cacheincludes\Admin.php:38

actiondelete_attachmentincludes\Admin.php:39

actioninitincludes\Admin.php:41

actionadd_meta_boxesincludes\Admin.php:42

actionsave_postincludes\Admin.php:43

actionpre_post_updateincludes\Admin.php:44

actioninitincludes\Cache.php:777

filteremoji_svg_urlincludes\Cache.php:785

actionwp_enqueue_scriptsincludes\Cache.php:791

actionrest_api_initincludes\RestApi.php:23

Scheduled Events 1

ezcache_clear_expired_cache

Maintenance & Trust

ezCache Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 9, 2026

PHP min version5.6

Downloads118K

Community Trust

Rating92/100

Number of ratings5

Active installs10K

Alternatives

ezCache Alternatives

A2 Optimized WP – Turbocharge and secure your WordPress site

a2-optimized-wp

Make your site faster and more secure with the click of a few buttons

70K 1 CVE

LWS Optimize – All-in-One Speed Booster & Cache Tools

lws-optimize

All-in-one speed optimization: caching, WebP/AVIF, Critical CSS, lazy loading, CDN, and more. Instantly boost Core Web Vitals and site speed!

10K 2 CVEs

Instant Page Load – SPA Speed & Turbo Cache

instant-page-load

Turn Your WordPress into a React-like Single Page App (SPA) – Zero Coding Needed! Instant Page Load doesn’t just speed up your site—it transforms Word …

30 No CVEs

All in one Minifier

all-in-one-minifier

Reduce your page load by minify your HTML source on page with all the CSS and JS code present in your page.

10 1 unpatched

Easy & Fast Optimization

easy-fast-optimization

Start optimization your website without the need for setup and code information. You can run this plugin with one click.

10 No CVEs

Developer Profile

ezCache Developer Profile

SecuPress

5 plugins · 64K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

156 days

View full developer profile

Detection Fingerprints

How We Detect ezCache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ezcache/css//wp-content/plugins/ezcache/js/

Script Paths

/wp-content/plugins/ezcache/js/ezcache-admin.js/wp-content/plugins/ezcache/js/ezcache-frontend.js

Version Parameters

ezcache/style.css?ver=ezcache/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

ezcache-wrapperezcache-container

HTML Comments

Data Attributes

data-ezcache-id

JS Globals

ezcache_data

REST Endpoints

/wp-json/ezcache/v1/flush/wp-json/ezcache/v1/settings

FAQ