[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsT4rNjnWxgNry7kzP1Pq9LsPj7d_yEWOjxveRAvWyNE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":126,"fingerprints":187},"filename-based-asset-cache-busting","Filename based asset cache busting","1.4","benlumley","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenlumley\u002F","\u003Cp>Filename based cache busting for WordPress scripts\u002Fstyles using last modified date.\u003C\u002Fp>\n\u003Cp>Stop telling clients or users to hard refresh \u002F shift refresh. The url to all of the css\u002Fjs files on your site will change automatically whenever the files are modified. You can set proper long cache lifetimes to help get top scores on Google Pagespeed without running into cached css\u002Fjavascript problems.\u003C\u002Fp>\n\u003Cp>Based on this gist https:\u002F\u002Fgist.github.com\u002Focean90\u002F1966227 from Dominik Schilling, I’ve enhanced it by automatically replacing the asset version with the files modification time and automatically editing htaccess – making it install + forget.\u003C\u002Fp>\n\u003Cp>Includes querystring option as a fallback – which works in more scenarios.\u003C\u002Fp>\n\u003Ch3>Webservers\u003C\u002Fh3>\n\u003Ch4>Apache\u003C\u002Fh4>\n\u003Cp>The plugin should add what it needs to your .htaccess file jsut like WP itself. But if for any reason that doesn’t work for you – here’s what it adds:\u003C\u002Fp>\n\u003Cpre>\u003Ccode># FBACB\n\u003CIfModule mod_rewrite.c>\n  RewriteEngine On\n  RewriteBase \u002F\n\n  RewriteCond %{REQUEST_FILENAME} !-f\n  RewriteCond %{REQUEST_FILENAME} !-d\n  RewriteRule ^(.+)\\.([0-9\\.]+)\\.(js|css)$ $1.$3 [L]\n\u003C\u002FIfModule>\n\n# still fbacb\n\u003CIfModule mod_expires.c>\n    ExpiresActive on\n    ExpiresByType text\u002Fcss                            \"access plus 1 year\"\n    ExpiresByType application\u002Fjavascript              \"access plus 1 year\"\n\u003C\u002FIfModule>\n# END FBACB\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>NGINX\u003C\u002Fh4>\n\u003Cpre>\u003Ccode> location ~* ^(.+)\\.(?:\\d+)\\.(min.js|min.css|js|css)($|\\?.*$) {\n   try_files $uri $1.$2;\n }\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Host specific notes\u003C\u002Fh3>\n\u003Cp>Some webhosts need a bit of custom config to get the filename based urls working.\u003C\u002Fp>\n\u003Ch4>WP Engine\u003C\u002Fh4>\n\u003Cp>To work on WP-Engine, you’ll need the following redirect added via my.wpengine -> installname -> Redirect rules\u003C\u002Fp>\n\u003Cpre>\u003Ccode> Source: ^(.+)\\.([0-9\\.]+)\\.(js|css)$\n Dest: $1.$3\n Type: break (this is under advanced)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>CloudWays\u003C\u002Fh4>\n\u003Cp>Just works.\u003C\u002Fp>\n\u003Ch4>Flywheel\u003C\u002Fh4>\n\u003Cp>Just works.\u003C\u002Fp>\n\u003Ch4>PHP Fallback\u003C\u002Fh4>\n\u003Cp>If your webserver is failing to serve assets using url rewriting, the plugin attempts to serve them itsef (ie: via PHP). Obviously this is slow\u002Fless than ideal in production (it’ll be much slower) – so you should configure your web server correctly to serve the files. If you see this HTTP header “FBACB-Php-Fallback: yes” on your assets, this applies to you.\u003C\u002Fp>\n\u003Cp>Note that hosts are increasingly configured to serve css\u002Fjs directly from disk and won’t fall back to PHP + WordPress error handling – this fallback then won’t work.\u003C\u002Fp>\n","Filename based cache busting for WordPress scripts\u002Fstyles using last modified date.",200,9968,100,5,"2020-04-27T21:47:00.000Z","5.4.19","3.0.1","",[20,21,22,23,24],"asset","assets","css","js","version","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffilename-based-asset-cache-busting\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilename-based-asset-cache-busting.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,270,30,84,"2026-04-04T16:28:35.422Z",[39,56,76,94,109],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":11,"downloaded":47,"rating":13,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":18,"download_link":55,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"assets-to-footer","Assets to footer","1.0.1","Sebastian Pisula","https:\u002F\u002Fprofiles.wordpress.org\u002Fsebastianpisula\u002F","\u003Cp>Moves scripts and styles to the footer to decrease page load times. You can exclude to move specific styles and scripts to footer.\u003C\u002Fp>\n","Moves scripts and styles to the footer.",6417,1,"2021-08-20T10:21:00.000Z","5.8.13","4.6",[21,22,53,23,54],"footer","pagespeed","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fassets-to-footer.1.0.1.zip",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"assetsminify","AssetsMinify","2.0.2","Alessandro Carbone","https:\u002F\u002Fprofiles.wordpress.org\u002Falecarbo\u002F","\u003Cp>How many times have you wished to minify in a clean way all the stylesheets and scripts of a WordPress website?\u003C\u002Fp>\n\u003Cp>AssetsMinify takes every CSS and JS asset included using \u003Ccode>wp_enqueue_style()\u003C\u002Fcode> and \u003Ccode>wp_enqueue_script()\u003C\u002Fcode>, merges and minifies them.\u003C\u002Fp>\n\u003Cp>You can also use AssetsMinify to create your WP theme using Compass \u002F Sass \u002F Less without configuring any \u003Ccode>config.rb\u003C\u002Fcode> or \u003Cem>that kind of stuff\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>AssetsMinify is based on Assetic library.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Facarbone\u002FAssetsMinify\" rel=\"nofollow ugc\">Fork me on Github\u003C\u002Fa>.\u003C\u002Fp>\n","Use Compass, Sass, Less, Stylus, CoffeeScript (and more ...) to develop your themes and minify your stylesheets and JavaScript.",40,19994,98,19,"2015-04-20T22:15:00.000Z","4.2.39","3.3",[21,22,23,72,73],"less","minify","https:\u002F\u002Fgithub.com\u002Facarbone\u002FAssetsMinify","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fassetsminify.2.0.2.zip",{"slug":73,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":92,"download_link":93,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Minify","0.2","Scott Taylor","https:\u002F\u002Fprofiles.wordpress.org\u002Fwonderboymusic\u002F","\u003Cp>Similar to what we use on eMusic – this software is still experimental, but take a look!\u003C\u002Fp>\n\u003Cp>Automagically concatenates JS and CSS files that are output in wp_head() and wp_footer() – stores \u002F serves them from Memcached (if installed) or Database. In a load-balanced environment, the generation of flat files can be expensive and hard to distribute. Minify takes advantage of Memcached and Site Options \u002F Transients to do the work once and share it among all servers in your cluster. File names are dynamically-generated to allow cache-busting of a CDN like Akamai that doesn’t always cache-bust by query string.\u003C\u002Fp>\n\u003Cp>New .htaccess rule!\u003Cbr \u002F>\n    RewriteRule ^([_0-9a-zA-Z-]+)?\u002F?wp-content\u002Fcache\u002Fminify-(.+)-(.*).(css|js)$ \u002Fwp-content\u002Fplugins\u002Fminify\u002Fmake.php?hash=$2&type=$4&incr=$3&site=$1 [L]\u003C\u002Fp>\n","Automagically concatenates JS and CSS files that are output in wp_head() and wp_footer()",10,19986,74,3,"2012-09-02T05:57:00.000Z","3.4.2","3.0",[21,22,23,73,91],"performance","http:\u002F\u002Femusic.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminify.0.2.zip",{"slug":95,"name":96,"version":42,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":11,"downloaded":101,"rating":13,"num_ratings":48,"last_updated":102,"tested_up_to":103,"requires_at_least":17,"requires_php":18,"tags":104,"homepage":107,"download_link":108,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cs-remove-version-number-from-css-js","CS Remove Version Number From CSS & JS","Chetan Satasiya","https:\u002F\u002Fprofiles.wordpress.org\u002Fketuchetan\u002F","\u003Cp>This plugin will remove the version number from CSS and JS files.\u003C\u002Fp>\n","This plugin will remove the version number from CSS and JS files.",4930,"2022-01-27T04:59:00.000Z","5.9.13",[22,23,105,106,24],"remove","remover-version-number","http:\u002F\u002Fchetansatasiya.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcs-remove-version-number-from-css-js.zip",{"slug":110,"name":111,"version":42,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":13,"downloaded":116,"rating":13,"num_ratings":48,"last_updated":117,"tested_up_to":118,"requires_at_least":17,"requires_php":119,"tags":120,"homepage":123,"download_link":124,"security_score":125,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"manageremove-version-number-from-css-js","Manage\u002FRemove version number from CSS & JS","Chetan Vaghela","https:\u002F\u002Fprofiles.wordpress.org\u002Fthechetanvaghela\u002F","\u003Cp>The plugin allows you to manage or remove the version number from CSS and JS files.\u003C\u002Fp>\n","This plugin provide an option to manage or remove the version number from CSS and JS files.",2126,"2024-05-01T13:41:00.000Z","6.5.8","7.0",[121,122,105,24],"js-css","manage","https:\u002F\u002Fgithub.com\u002Fthechetanvaghela\u002Fmanage-remove-version-number-from-css-js","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanageremove-version-number-from-css-js.zip",92,{"attackSurface":127,"codeSignals":163,"taintFlows":173,"riskAssessment":174,"analyzedAt":186},{"hooks":128,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":28,"unprotectedCount":28},[129,135,138,142,147,151,155],{"type":130,"name":131,"callback":132,"file":133,"line":134},"filter","script_loader_src","fb_acb_fix_urls","filename-based-asset-cachebusting.php",95,{"type":130,"name":136,"callback":132,"file":133,"line":137},"style_loader_src",96,{"type":130,"name":139,"callback":140,"file":133,"line":141},"mod_rewrite_rules","fbacb_rewrite_rules",124,{"type":143,"name":144,"callback":145,"file":133,"line":146},"action","parse_query","fbacb_parse_query",146,{"type":130,"name":148,"callback":149,"priority":48,"file":133,"line":150},"template_redirect","fbacb_404",154,{"type":143,"name":152,"callback":153,"file":133,"line":154},"admin_menu","fbacb_add_admin_menu",185,{"type":143,"name":156,"callback":157,"file":133,"line":158},"admin_init","fbacb_settings_init",186,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":48,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":172},[],{"prepared":28,"raw":28,"locations":166},[],{"escaped":28,"rawEcho":48,"locations":168},[169],{"file":133,"line":170,"context":171},235,"raw output",[],[],{"summary":175,"deductions":176},"The \"filename-based-asset-cache-busting\" v1.4 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. Furthermore, the plugin avoids dangerous functions and utilizes prepared statements for all its SQL queries, indicating good secure coding practices in these areas.  The vulnerability history also shows a clean slate with no recorded CVEs, suggesting a history of secure development or effective patching.\n\nHowever, there are notable concerns that temper this otherwise positive assessment. The most significant issue is the lack of output escaping. With one total output identified and 0% properly escaped, this presents a clear risk of cross-site scripting (XSS) vulnerabilities. Any dynamic data outputted by the plugin without proper sanitization could be exploited by attackers. Additionally, the presence of a file operation without explicit context regarding its security implications is a minor point of concern. The lack of nonces and capability checks, while not directly exploitable due to the limited attack surface, represents a missed opportunity for robust security in broader contexts.\n\nIn conclusion, while the plugin has a solid foundation with a minimal attack surface and secure database practices, the unescaped output is a critical vulnerability that needs immediate attention. The absence of past vulnerabilities is a positive indicator, but it does not negate the immediate risk posed by the unescaped output. Addressing the output escaping issue should be the highest priority to improve the plugin's overall security.",[177,180,182,184],{"reason":178,"points":179},"Unescaped output",8,{"reason":181,"points":33},"File operation without context",{"reason":183,"points":33},"Missing capability checks",{"reason":185,"points":33},"Missing nonce checks","2026-03-16T20:29:31.109Z",{"wat":188,"direct":196},{"assetPaths":189,"generatorPatterns":191,"scriptPaths":192,"versionParams":193},[190],"\u002Fwp-content\u002Fplugins\u002Ffilename-based-asset-cache-busting\u002F",[],[190],[194,195],"ver=",".([0-9\\.]+)\\.(js|css)",{"cssClasses":197,"htmlComments":198,"htmlAttributes":202,"restEndpoints":204,"jsGlobals":205,"shortcodeOutput":206},[],[199,200,201],"\u003C!-- FBACB -->","\u003C!-- still fbacb -->","\u003C!-- END FBACB -->",[203],"FBACB-Php-Fallback: yes",[],[],[]]