Does hamecache have any unpatched vulnerabilities?

No. All known vulnerabilities in hamecache have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is hamecache compatible with WordPress 5.2.24?

According to WordPress.org data, hamecache 1.0.0 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

Is hamecache compatible with PHP 5.6+?

hamecache requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is hamecache updated?

hamecache was last updated on May 31, 2019. Frequent updates are generally a positive security signal.

What is hamecache's security score?

hamecache has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

hamecache Security & Risk Analysis

wordpress.org/plugins/hamecache

Page cache plugin by Hametuha. Use cloudflare for distribution.

30 active installs v1.0.0 PHP 5.6+ WP 5.0+ Updated May 31, 2019

cachecloudflare

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is hamecache Safe to Use in 2026?

Generally Safe

Score 85/100

hamecache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "hamecache" v1.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices in several areas. There are no dangerous functions, all SQL queries use prepared statements, all output is properly escaped, and there are no file operations or external HTTP requests that would typically introduce significant risks. The lack of any recorded vulnerabilities, past or present, further suggests a level of care in its development. However, significant security concerns arise from the attack surface analysis. The plugin exposes two REST API routes that lack any permission callbacks. This means that any unauthenticated user could potentially interact with these routes, leading to unintended actions or information disclosure depending on their functionality. The absence of nonce checks on these entry points further exacerbates this risk, making them vulnerable to CSRF attacks. The plugin's claim of 5 capability checks is noted, but their absence on the REST API routes undermines their protective value in this context. Overall, while the underlying code quality regarding data handling and output escaping appears strong, the unprotected REST API routes represent a critical weakness that needs immediate attention. The absence of historical vulnerabilities is a positive sign, but it does not negate the current, identifiable security flaws.

Key Concerns

REST API routes without permission callbacks
Unprotected REST API entry points
Lack of nonce checks on entry points

Vulnerabilities

None known

hamecache Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

hamecache Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped27 total outputs

Attack Surface

2 unprotected

hamecache Attack Surface

Entry Points2

Unprotected2

REST API Routes 2

GET/wp-json/hamecache/v1cache/everythingapp\Hametuha\Hamecache\Purger.php:250

GET/wp-json/hamecache/v1cache/post/(?P<post_id>\d+)app\Hametuha\Hamecache\Purger.php:262

WordPress Hooks 11

actioninitapp\Hametuha\Hamecache\Option.php:41

actionadmin_menuapp\Hametuha\Hamecache\Option.php:43

actionadmin_initapp\Hametuha\Hamecache\Option.php:45

actionadmin_enqueue_scriptsapp\Hametuha\Hamecache\Option.php:47

actionsave_postapp\Hametuha\Hamecache\Purger.php:21

actiontransition_post_statusapp\Hametuha\Hamecache\Purger.php:22

actionrest_api_initapp\Hametuha\Hamecache\Purger.php:24

actionadmin_bar_menuapp\Hametuha\Hamecache\Purger.php:26

actioninitapp\Hametuha\Hamecache\Purger.php:28

actionwp_enqueue_scriptsapp\Hametuha\Hamecache\Purger.php:29

actionplugins_loadedhamecache.php:48

Maintenance & Trust

hamecache Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedMay 31, 2019

PHP min version5.6

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

hamecache Alternatives

Cache Warmer

cache-warmer

Visits website pages to warm (create) the cache if you have any caching solutions configured.

1K No CVEs

Servebolt Optimizer

servebolt-optimizer

100

This plugin implements Servebolt's WordPress best practices, and connects your site to the Servebolt Admin Panel.

1K No CVEs

Cloudflare Page Cache

cloudflare-page-cache

Adds support for caching pages on Cloudflare and automatic purging when content changes.

600 No CVEs

Purge Cache

c-purge-cache

Purge Cloudflare Cache of the Post with additional URLs on the Post update, Purge Everything button.

100 No CVEs

Purge Cloud Flare

purge-cloud-flare

Purge CloudFlare makes clearing CloudFlare cache as simple as one click.

100 No CVEs

Developer Profile

hamecache Developer Profile

Fumiki Takahashi

14 plugins · 4K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

513 days

View full developer profile

Detection Fingerprints

How We Detect hamecache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hamecache/assets/css/admin.css

Version Parameters

hamecache-admin

HTML / DOM Fingerprints

CSS Classes

hamecache-dividerhamecache-errorhamecache-rule-listhamecache-rule-itemhamecache-rule-urlhamecache-rule-statushamecache-rule-actionshamecache-rule-action+1 more

Data Attributes

readonlyvalue

FAQ