[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSteFzah2Mc-b6eCTu43D4lGQ65ITlLFACKgahOCDlTM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":128,"fingerprints":312},"fv-gravatar-cache","FV Gravatar Cache","0.5","FolioVision","https:\u002F\u002Fprofiles.wordpress.org\u002Ffoliovision\u002F","\u003Cp>There’s one problem with Gravatars. They are very slow to load. Each page with comments on them makes one call per comment to the Gravatar server. While a single call takes only a 100ms, on a page with hundreds of comments, we are talking about major slowdowns. Page loads can take 20 seconds and more.\u003C\u002Fp>\n\u003Cp>This plugin solves this problem by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>caching gravatars with WordPress cron job..\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>caching gravatars on comment submission\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>maintaining a single copy of the default gravatar instead of downloading it again and again for all the email addresses with no gravatar associtated\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Ffv-gravatar-cache\u002Finstallation\" rel=\"nofollow ugc\">Installation guide\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Ffv-gravatar-cache\" rel=\"nofollow ugc\">Support and more information\u003C\u002Fa>\u003C\u002Fp>\n","Speeds up your website by making sure the gravatars are stored on your website and not loading from the gravatar server.",700,38645,78,11,"2025-05-19T14:13:00.000Z","6.8.5","2.7","",[20,21,22],"avatar","cache","gravatar","http:\u002F\u002Ffoliovision.com\u002Fseo-tools\u002Fwordpress\u002Fplugins\u002Ffv-gravatar-cache","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffv-gravatar-cache.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"foliovision",19,47930,92,1121,73,"2026-04-04T16:27:17.956Z",[39,58,76,97,113],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":25,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":55,"download_link":56,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"harrys-gravatar-cache","Harrys Gravatar Cache","2.0.2","Harry Milatz","https:\u002F\u002Fprofiles.wordpress.org\u002Fharry-milatz\u002F","\u003Cp>Accelerates the site speed by simply and effective caching Gravatars (Globally Recognized Avatars) so that they are delivered from the own web server and do not need to be reloaded from the Gravatar server.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW feature:\u003C\u002Fstrong> Other Avatars, e.g. from a “social login” plugin for comments are cached in version 1.3.0 and above.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW feature:\u003C\u002Fstrong> Avatars from captured Facebook comments with a plugin like \u003Cstrong>“Facebook Comments Importer”\u003C\u002Fstrong> are cached in version 1.4.0 and above. The cache have to be emptied once after update.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW feature:\u003C\u002Fstrong> Avatars from the plugin \u003Cstrong>“Wapuuvatar”\u003C\u002Fstrong> are cached in version 1.4.3 and above.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW feature:\u003C\u002Fstrong> The plugin is now ready for Multisite in version 1.5.0 and above.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW feature:\u003C\u002Fstrong> The plugin is now ready for being used with \u003Cstrong>“Avatar Manager”\u003C\u002Fstrong> in version 1.5.1 and above.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NEW feature:\u003C\u002Fstrong> The plugin is now ready for being used with \u003Cstrong>“Jetpack’s Author Widget”\u003C\u002Fstrong> in version 2.0.0 and above.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>You can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>change the Gravatar Size\u003C\u002Fli>\n\u003Cli>add a second Gravatar Size\u003C\u002Fli>\n\u003Cli>change the cachetime\u003C\u002Fli>\n\u003Cli>change the option how the Gravatars will be copied to your server\u003C\u002Fli>\n\u003Cli>update the options depending on the server configuration\u003C\u002Fli>\n\u003Cli>build the cache in the backend and see the cached images in all cached sizes\u003C\u002Fli>\n\u003Cli>empty the Cache\u003C\u002Fli>\n\u003Cli>get the size to use for the Gravatars from your template or set the size manually\u003C\u002Fli>\n\u003Cli>You see a statistic how many files are cached and the filesizes of the files.\u003C\u002Fli>\n\u003Cli>change the output file from a JPG-Image to a PNG-Image\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English (US) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fharry-milatz\u002F\" rel=\"nofollow ugc\">Harry Milatz\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>English (UK) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fharry-milatz\u002F\" rel=\"nofollow ugc\">Harry Milatz\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fharry-milatz\u002F\" rel=\"nofollow ugc\">Harry Milatz\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (formal) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fharry-milatz\u002F\" rel=\"nofollow ugc\">Harry Milatz\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (Spain) – \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwpverwalter\u002F\" rel=\"nofollow ugc\">WPVerwalter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>German (Switzerland, Informal) – Pascal Krapf\u003C\u002Fli>\n\u003Cli>German (Switzerland) – Pascal Krapf\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Harrys Gravatar Cache now supports WordPress.org language packs. Want to translate Harrys Gravatar Cache? Visit \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fharrys-gravatar-cache\u002F\" rel=\"nofollow ugc\">Harrys Gravatar Cache’s WordPress.org translation project\u003C\u002Fa>.\u003C\u002Fp>\n","Accelerates the site speed by simply and effective caching Gravatar (Globally Recognized Avatars).",200,15397,4,"2022-01-23T01:20:00.000Z","5.9.13","4.2",[20,21,22,54],"php7","https:\u002F\u002Fwww.all4hardware4u.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fharrys-gravatar-cache.zip",85,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":25,"downloaded":66,"rating":25,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"optimum-gravatar-cache","Optimum Gravatar Cache","1.4.10","José Miguel","https:\u002F\u002Fprofiles.wordpress.org\u002Fjomisica\u002F","\u003Cp>Optimum Gravatar Cache allows you to create a local cache with optimized copies of gravatars. The optimization is accomplished by resizing the avatars to the sizes used on your site, in addition to optimizing the images internally. Optimizations are performed to minimize the size of each avatar served by the plugin.\u003C\u002Fp>\n\u003Cp>The plugin uses WordPress CRON to perform heavier tasks. Avatars are resized in the background. Avatars are optimized internally in the background. Except in certain cases where it is necessary to resize the avatars in the page request.\u003C\u002Fp>\n\u003Cp>The plugin handles all your site’s gravatar as long as the wordpress get_avatar() function or buddypress bp_member_avatar() function is used. Works with plugins, themes, etc.\u003C\u002Fp>\n\u003Cp>The plugin allows you to customize the avatar by default. This avatar is served whenever the user \u002F visitor does not have a custom gravatar. This greatly reduces the number of requests made by your page, improving the user experience. Besides allowing to frame the avatar by default with the theme of your site.\u003C\u002Fp>\n\u003Cp>The plugin, after being configured and activated, starts by serving gravatar for all. And it begins to create the cache dynamically in the background with the sizes being collected by the requests, as well as those configured on the plug-in page. When the avatar already exists in the cache, the plugin serves the avatar in cache. The plugin periodically checks to see if the user updated their gravatar on gravatar.com if yes is updated locally. This way, keeping an updated cache.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The plugin intends the following:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Work with the gravatars locally, cache;\u003C\u002Fli>\n\u003Cli>Reduce the number of requests per page, thus reducing the total time required to load all files. This is achieved because most users do not have a custom gravatar, and for those, only one file needs to be downloaded;\u003C\u002Fli>\n\u003Cli>Optimize all avatars by reducing their size and transfer time again.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please if you find any bugs of any kind please contact me so that I can solve it as soon as possible.\u003C\u002Fp>\n\u003Ch3>Languages\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English en_GB (@willstockstech)\u003C\u002Fli>\n\u003Cli>Portuguese pt_PT (@jomisica)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Help translate this plugin into your language\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>This plugin depends on the following PHP modules:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>php-gd or php-imagick (So that it can resize the avatars)\u003C\u002Fli>\n\u003Cli>php-curl (So that it can communicate with the gravatar using the same connection to update several avatars)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin also depends on WordPress CRON to be able to solve the heaviest tasks in the background.\u003C\u002Fp>\n","It stores optimized copies of gravatars locally, reducing the total number of requests. This will speed up site loading and consequently improve the u &hellip;",8277,3,"2024-02-07T17:57:00.000Z","6.4.8","4.7",[20,21,22,72,73],"lazy-load","optimization","https:\u002F\u002Fwww.ncdc.pt\u002Fgroups\u002Fwordpress-optimum-gravatar-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foptimum-gravatar-cache.1.4.10.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":25,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":95,"download_link":96,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wp-duoshuo-gravatar","WP-DuoShuo-Gravatar","1.0","shines77","https:\u002F\u002Fprofiles.wordpress.org\u002Fshines77\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.yunfast.com\u002Fwp-plugins\u002Fwp-duoshuo-gravatar.html\" rel=\"nofollow ugc\">WP-DuoShuo-Gravatar\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fwww.yunfast.com\u002F\" rel=\"nofollow ugc\">YunFast\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>In China, the reason of Gravatar avatar can not be accessed is not the Gravatar site server unstable, it is the firewall problem, so the solution is to use the DuoShuo.com Gravatar avatar URL: “http:\u002F\u002Fgravatar.duoshuo.com”.\u003C\u002Fli>\n\u003Cli>在国内(中国大陆), Gravatar 头像无法稳定访问的原因不是因为 Gravatar 网站服务器不稳定，而是国内防火墙的问题，解决的办法是替换成 “http:\u002F\u002Fgravatar.duoshuo.com” 。\u003C\u002Fli>\n\u003Cli>SVN Build Version: 1156728\u003C\u002Fli>\n\u003C\u002Ful>\n","WP-DuoShuo-Gravatar | YunFast",40,16433,1,"2015-05-09T10:25:00.000Z","4.2.39","3.0",[91,92,22,93,94],"duoshuo","gfw","gravatar-cache","https","http:\u002F\u002Fwww.yunfast.com\u002Fwp-plugins\u002Fwp-duoshuo-gravatar.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-duoshuo-gravatar.zip",{"slug":98,"name":99,"version":79,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":26,"num_ratings":26,"last_updated":106,"tested_up_to":107,"requires_at_least":42,"requires_php":18,"tags":108,"homepage":111,"download_link":112,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"gravatar-china","Gravatar China","LOO2K","https:\u002F\u002Fprofiles.wordpress.org\u002Floo2k\u002F","\u003Cp>这是一个关于 Gravatar Cache 的重要更新，之前（2010.10.15） Gravatar 由于一些众所未知的原因不能访问，所以当初制作了一个 Gravatar 头像的本地缓存插件，但是由于当时编写的比较匆忙，遗留下了一些问题，包括但不限于：无法使用默认图片、无法缓存不同大小的头像等；\u003C\u002Fp>\n\u003Cp>最近一段时间（2011.08.02），Gravatar 再次无法访问，所以重新写了一个插件 Gravatar China for WordPress，并解决的之前存在的所有已知的问题；\u003C\u002Fp>\n\u003Cp>Gravatar China for WordPress 特性\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* Gravatar 头像防墙补丁：替换 Gravatar 头像能正常访问的地址；\n* Gravatar 本地缓存：对特殊的网络环境下给头像进行本地缓存；\n* 自定义设置缓存过期时间；\n* 国内、国外主机用户通用；\n* 完美兼容 WordPress；\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Gravatar China for WordPress 说明\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>本插件针对中国大陆的网络环境制作；\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>一般情况下，你可以在 Gravatar 头像不能正常访问的时候启用本插件的 “Gravatar 补丁”，它能帮助你的 WordPress 访客连接到正常的头像地址上；\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>通常，根据网页前端的性能优化来说，不推荐用户启用 “Gravatar 本地缓存”，因为它对 WordPress 的性能有一定的影响，当然这个影响仅限于生成本地缓存的时候；（启用缓存前请确认你的 WordPress 目录 wp-content\u002Fplugins\u002Fgravatar-cn\u002Fcache 可写）\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Here is a short description of the plugin.  This should be no more than 150 characters.  No markup here.",10,4244,"2011-08-06T02:42:00.000Z","1.1",[20,109,22,110],"comments","local-cache","http:\u002F\u002Floo2k.com\u002Fblog\u002Fgravatar-cache-reset\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgravatar-china.1.0.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":104,"downloaded":121,"rating":26,"num_ratings":26,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":126,"download_link":127,"security_score":57,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wp-gravatar-mini-cache","WP Gravatar Mini Cache","1.0.6","evlos","https:\u002F\u002Fprofiles.wordpress.org\u002Fevlos\u002F","\u003Cp>Cache gravatars for you to speed up the loading. It works perfectly.\u003C\u002Fp>\n","Cache gravatars for you to speed up the loading. It works perfectly.",5097,"2012-12-03T20:25:00.000Z","3.4.2","2.7.0",[21,22],"http:\u002F\u002Fwww.evlos.org\u002F2010\u002F01\u002F24\u002Fmy-first-plugin-mini_gravatar_cache","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-gravatar-mini-cache.zip",{"attackSurface":129,"codeSignals":210,"taintFlows":277,"riskAssessment":303,"analyzedAt":311},{"hooks":130,"ajaxHandlers":199,"restRoutes":205,"shortcodes":206,"cronEvents":207,"entryPointCount":86,"unprotectedCount":26},[131,137,140,144,148,152,156,160,164,168,173,176,180,183,186,189,191,195],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_init","CheckVersion","fv-gravatar-cache.php",27,{"type":132,"name":133,"callback":138,"file":135,"line":139},"OptionsHead",28,{"type":132,"name":141,"callback":142,"file":135,"line":143},"admin_menu","OptionsPage",29,{"type":132,"name":145,"callback":146,"priority":86,"file":135,"line":147},"wp_footer","IsAdmin",30,{"type":149,"name":150,"callback":150,"priority":104,"file":135,"line":151},"filter","plugin_action_links",31,{"type":132,"name":153,"callback":154,"file":135,"line":155},"admin_notices","AdminNotices",36,{"type":149,"name":157,"callback":158,"priority":159,"file":135,"line":84},"get_avatar","GetAvatar",9,{"type":149,"name":161,"callback":162,"priority":159,"file":135,"line":163},"fv_gravatar_url","cdn_rewrite",41,{"type":149,"name":165,"callback":166,"file":135,"line":167},"comments_array","CommentsArray",44,{"type":132,"name":169,"callback":170,"priority":171,"file":135,"line":172},"comment_post","NewComment",100000,46,{"type":132,"name":174,"callback":170,"priority":171,"file":135,"line":175},"edit_comment",47,{"type":132,"name":177,"callback":178,"file":135,"line":179},"init","closure",51,{"type":132,"name":181,"callback":181,"file":135,"line":182},"profile_update",60,{"type":149,"name":184,"callback":178,"file":135,"line":185},"comments_list_table_query_args",63,{"type":149,"name":187,"callback":178,"priority":104,"file":135,"line":188},"render_block_context",72,{"type":149,"name":190,"callback":178,"file":135,"line":57},"the_comments",{"type":149,"name":192,"callback":193,"file":135,"line":194},"cron_schedules","fv_gravatar_cache_cron_schedules",1047,{"type":132,"name":196,"callback":197,"file":135,"line":198},"fv_gravatar_cache_cron","fv_gravatar_cache_cron_run",1055,[200],{"action":201,"nopriv":202,"callback":201,"hasNonce":203,"hasCapCheck":203,"file":135,"line":204},"load_gravatar_list",false,true,49,[],[],[208],{"hook":196,"callback":196,"file":135,"line":209},1052,{"dangerousFunctions":211,"sqlUsage":212,"outputEscaping":235,"fileOperations":159,"externalRequests":86,"nonceChecks":274,"capabilityChecks":275,"bundledLibraries":276},[],{"prepared":213,"raw":159,"locations":214},8,[215,218,220,222,225,227,229,231,233],{"file":135,"line":216,"context":217},290,"$wpdb->query() with variable interpolation",{"file":135,"line":219,"context":217},303,{"file":135,"line":221,"context":217},663,{"file":135,"line":223,"context":224},732,"$wpdb->get_var() with variable interpolation",{"file":135,"line":226,"context":224},919,{"file":135,"line":228,"context":217},987,{"file":135,"line":230,"context":217},995,{"file":135,"line":232,"context":217},1016,{"file":135,"line":234,"context":224},1077,{"escaped":236,"rawEcho":237,"locations":238},6,17,[239,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272],{"file":135,"line":240,"context":241},118,"raw output",{"file":135,"line":243,"context":241},739,{"file":135,"line":245,"context":241},742,{"file":135,"line":247,"context":241},748,{"file":135,"line":249,"context":241},758,{"file":135,"line":251,"context":241},761,{"file":135,"line":253,"context":241},764,{"file":135,"line":255,"context":241},776,{"file":135,"line":257,"context":241},778,{"file":135,"line":259,"context":241},786,{"file":135,"line":261,"context":241},833,{"file":135,"line":263,"context":241},944,{"file":135,"line":265,"context":241},952,{"file":135,"line":267,"context":241},961,{"file":135,"line":269,"context":241},964,{"file":135,"line":271,"context":241},970,{"file":135,"line":273,"context":241},971,5,2,[],[278,295],{"entryPoint":279,"graph":280,"unsanitizedCount":26,"severity":294},"load_gravatar_list (fv-gravatar-cache.php:905)",{"nodes":281,"edges":292},[282,287],{"id":283,"type":284,"label":285,"file":135,"line":286},"n0","source","$_POST (x4)",920,{"id":288,"type":289,"label":290,"file":135,"line":265,"wp_function":291},"n1","sink","echo() [XSS]","echo",[293],{"from":283,"to":288,"sanitized":203},"low",{"entryPoint":296,"graph":297,"unsanitizedCount":26,"severity":294},"\u003Cfv-gravatar-cache> (fv-gravatar-cache.php:0)",{"nodes":298,"edges":301},[299,300],{"id":283,"type":284,"label":285,"file":135,"line":286},{"id":288,"type":289,"label":290,"file":135,"line":265,"wp_function":291},[302],{"from":283,"to":288,"sanitized":203},{"summary":304,"deductions":305},"The fv-gravatar-cache plugin v0.5 demonstrates a generally good security posture, with no known historical vulnerabilities and a proactive approach to security checks. The static analysis reveals a small attack surface with all identified entry points secured by authorization checks. Notably, the plugin utilizes nonce checks and capability checks, indicating an awareness of common WordPress security practices.\n\nHowever, there are areas for improvement. A significant concern is the low percentage of properly escaped output (26%), suggesting a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed. While no critical or high severity taint flows were found, the presence of file operations and external HTTP requests could be vectors for more complex attacks if combined with other weaknesses. The relatively high percentage of SQL queries not using prepared statements (53%) also warrants attention, as it increases the risk of SQL injection vulnerabilities, though the analysis did not explicitly flag any such flows.\n\nIn conclusion, fv-gravatar-cache v0.5 is a relatively safe plugin due to its minimal attack surface, historical lack of vulnerabilities, and implementation of core security features like nonces and capability checks. The primary weaknesses lie in output escaping and the non-prepared SQL queries, which, while not exploited according to the current analysis, represent potential risks that should be addressed to further harden the plugin.",[306,308],{"reason":307,"points":213},"Low output escaping percentage",{"reason":309,"points":310},"High percentage of raw SQL queries",7,"2026-03-16T19:23:47.031Z",{"wat":313,"direct":322},{"assetPaths":314,"generatorPatterns":316,"scriptPaths":317,"versionParams":319},[315],"\u002Fwp-content\u002Fplugins\u002Ffv-gravatar-cache\u002Fcss\u002Fstyle.css",[],[318],"\u002Fwp-content\u002Fplugins\u002Ffv-gravatar-cache\u002Fjs\u002Ffv-gravatar-cache.js",[320,321],"fv-gravatar-cache\u002Fstyle.css?ver=","fv-gravatar-cache\u002Fjs\u002Ffv-gravatar-cache.js?ver=",{"cssClasses":323,"htmlComments":324,"htmlAttributes":325,"restEndpoints":326,"jsGlobals":327,"shortcodeOutput":329},[],[],[],[],[328],"fvGravatarCacheAjax",[]]