Does Flash Cache have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Flash Cache compatible with WordPress 6.8.5?

According to WordPress.org data, Flash Cache 3.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Flash Cache compatible with PHP 5.6+?

Flash Cache requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Flash Cache updated?

Flash Cache was last updated on Apr 16, 2025. Frequent updates are generally a positive security signal.

What is Flash Cache's security score?

Flash Cache has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Flash Cache Security & Risk Analysis

wordpress.org/plugins/flash-cache

Flash Cache is a plugin to improve the performance of Wordpress Websites by making html versions of each post, pages or sections of your website.

20 active installs v3.6 PHP 5.6+ WP 3.6+ Updated Apr 16, 2025

cacheoptimizeperformancespeedwp-cache

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Flash Cache Safe to Use in 2026?

Generally Safe

Score 92/100

Flash Cache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "flash-cache" v3.6 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of known CVEs and a clean vulnerability history are significant strengths, indicating a mature and well-maintained codebase. Furthermore, the plugin demonstrates good development practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks where appropriate. This significantly reduces the risk of common vulnerabilities like SQL injection and unauthorized access.

However, there are some areas for concern. The taint analysis reveals a notable number of flows with unsanitized paths (8 out of 16 analyzed). While no critical or high-severity issues were flagged in this specific analysis, this indicates a potential for path traversal or file inclusion vulnerabilities if these unsanitized paths interact with user-supplied input or external data. Additionally, the output escaping is only 65% proper, which could lead to cross-site scripting (XSS) vulnerabilities in certain scenarios. The presence of a single cron event also represents a potential, albeit small, entry point that should be monitored for security implications.

In conclusion, "flash-cache" v3.6 appears to be a relatively secure plugin with a strong history. The use of prepared statements and robust authentication checks are commendable. The primary risks stem from the identified unsanitized paths in the taint analysis and the incomplete output escaping. Addressing these areas would further harden the plugin's security.

Key Concerns

Unsanitized paths in taint analysis
Low percentage of properly escaped output

Vulnerabilities

None known

Flash Cache Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Flash Cache Release Timeline

v3.6Current

v3.5

v3.4

v3.3

v3.2.3

v3.2.2

v3.2.1

v3.2

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1

Code Analysis

Analyzed Mar 16, 2026

Flash Cache Code Analysis

Dangerous Functions

Raw SQL Queries

24 prepared

Unescaped Output

91 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared24 total queries

Output Escaping

65% escaped139 total outputs

Data Flows · Security

8 unsanitized

Data Flow Analysis

16 flows8 with unsanitized paths

flash_cache_delete_action (includes\functions.php:104)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Flash Cache Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 54

actionpermalink_structure_changedflash_cache.php:112

actioninitflash_cache.php:113

actionplugins_loadedflash_cache.php:199

actionwp_before_admin_bar_renderincludes\functions.php:102

actionadmin_post_flash_cache_deleteincludes\functions.php:128

actionadmin_noticesincludes\notices.php:30

filterflash_cache_save_fontsincludes\optimize_fonts.php:17

filterflash_cache_response_htmlincludes\optimize_scripts.php:20

filterflash_cache_response_htmlincludes\optimize_styles.php:20

actioninitincludes\patterns.php:24

actionadmin_menuincludes\patterns.php:25

filterparent_fileincludes\patterns.php:26

filtersubmenu_fileincludes\patterns.php:27

actiontransition_post_statusincludes\patterns.php:28

filterflash_cache_patterns_fields_cleanincludes\patterns.php:29

actionsave_postincludes\patterns.php:30

actionrestrict_manage_postsincludes\patterns.php:31

actionadmin_print_scripts-edit.phpincludes\patterns.php:32

actionadmin_print_scripts-post.phpincludes\patterns.php:33

actionadmin_print_scripts-post-new.phpincludes\patterns.php:34

actionadmin_post_reset_to_default_patterns_optionsincludes\patterns.php:35

actionadmin_initincludes\plugin_functions.php:9

filterplugin_row_metaincludes\plugin_functions.php:12

actionpingback_postincludes\posts.php:18

actioncomment_postincludes\posts.php:19

actionedit_commentincludes\posts.php:20

actionpost_submitbox_minor_actionsincludes\posts.php:21

actionadmin_post_flash_cache_delete_cacheincludes\posts.php:22

actiontransition_post_statusincludes\posts.php:26

actionadmin_menuincludes\preload.php:15

actionadmin_post_save_flash_cache_preloadincludes\preload.php:16

filtercron_schedulesincludes\preload.php:17

actionflash_cache_cronincludes\preload.php:18

actionadmin_post_save_flash_cache_preload_executionincludes\preload.php:24

actionadmin_post_reset_to_default_preloadincludes\preload.php:25

actiontemplate_redirectincludes\process.php:34

actionadmin_post_nopriv_onload_flash_cacheincludes\process.php:35

actionadmin_post_onload_flash_cacheincludes\process.php:36

filterflash_cache_response_htmlincludes\process.php:37

actionadmin_noticesincludes\settings.php:28

actionadmin_menuincludes\settings.php:29

actionadmin_print_stylesincludes\settings.php:30

actionadmin_post_save_flash_cache_generalincludes\settings.php:31

actionadmin_post_save_flash_cache_advancedincludes\settings.php:32

actionadmin_post_update_flash_cache_httacessincludes\settings.php:33

actionadmin_post_delete_flash_cacheincludes\settings.php:34

actionadmin_post_reset_to_default_general_settingsincludes\settings.php:35

actionadmin_post_reset_to_default_advanced_optionsincludes\settings.php:36

actionadmin_print_scriptsincludes\settings.php:37

actionadmin_print_stylesincludes\settings.php:38

actionall_admin_noticesincludes\settings.php:40

actionin_admin_footerincludes\settings.php:41

actiondbx_post_sidebarincludes\settings.php:42

actionadmin_initincludes\version.php:17

Scheduled Events 1

flash_cache_cron

Maintenance & Trust

Flash Cache Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 16, 2025

PHP min version5.6

Downloads10K

Community Trust

Rating74/100

Number of ratings3

Active installs20

Alternatives

Flash Cache Alternatives

WP Fastest Cache – WordPress Cache Plugin

wp-fastest-cache

The simplest and fastest WP Cache system

1.0M 35 CVEs

Aruba HiSpeed Cache

aruba-hispeed-cache

Aruba HiSpeed Cache interfaces directly with an Aruba hosting platform's HiSpeed Cache service and automates its management.

100K 7 CVEs

10Web Booster – Website speed optimization, Cache & Page Speed optimizer

tenweb-speed-optimizer

Speed up your site with 10Web Booster. Pass Core Web Vitals by optimizing HTML / CSS / JavaScript, Image Optimization, Lazy Loading, Cache, Google Fon …

90K 5 CVEs

A2 Optimized WP – Turbocharge and secure your WordPress site

a2-optimized-wp

Make your site faster and more secure with the click of a few buttons

70K 1 CVE

Seraphinite Accelerator

seraphinite-accelerator

Turns on site high speed to be attractive for people and search engines.

60K 9 CVEs

Developer Profile

Flash Cache Developer Profile

etruel

12 plugins · 13K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

116 days

View full developer profile

Detection Fingerprints

How We Detect Flash Cache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/flash-cache/assets/css/flash-cache.css/wp-content/plugins/flash-cache/assets/js/flash-cache.js

Script Paths

/wp-content/plugins/flash-cache/assets/js/flash-cache.js

Version Parameters

/wp-content/plugins/flash-cache/assets/css/flash-cache.css?ver=/wp-content/plugins/flash-cache/assets/js/flash-cache.js?ver=

HTML / DOM Fingerprints

CSS Classes

flash-cache-settings-wrapflash-cache-settings-page

HTML Comments

Data Attributes

data-flash-cache-iddata-flash-cache-type

JS Globals

FlashCacheParams

FAQ