[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcvkYUX2EgaP2vwECoe_WRfgs1dI45OVU03CvGcy4Kfk":3},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":34,"analysis":128,"fingerprints":213},"hamecache","1.0.0","Fumiki Takahashi","https:\u002F\u002Fprofiles.wordpress.org\u002Ftakahashi_fumiki\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fcloudflare.com\" rel=\"nofollow ugc\">CloudFlare\u003C\u002Fa> is a popular CDN service. They caches static files like \u003Ccode>.jpg\u003C\u002Fcode>, \u003Ccode>.css\u003C\u002Fcode> or \u003Ccode>.html\u003C\u002Fcode>, but they doesn’t cache dynamic pages generated by WordPress without \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Ffeatures-page-rules\u002Fmust-use-page-rules\u002F\" rel=\"nofollow ugc\">Page Rule\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Once Page Rules are set, for exmple, \u003Ccode>https:\u002F\u002Fexamle.com\u002Farticle\u002F*\u003C\u002Fcode>, every single page will be cached(of course, your permalink structure should be like \u003Ccode>https:\u002F\u002Fexample.com\u002Farticle\u002F2019\u002F01\u002F01\u002FPOST_ID\u003C\u002Fcode>).\u003C\u002Fp>\n\u003Cp>This plugin \u003Cstrong>hamecache\u003C\u002Fstrong> provides cache control feature. If you update your article, hamecache automatically flush related caches  on cloudflare edge location.\u003C\u002Fp>\n","Page cache plugin by Hametuha. Use cloudflare for distribution.",30,1398,0,"2019-05-31T07:43:00.000Z","5.2.24","5.0","5.6",[18,19],"cache","cloudflare","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhamecache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhamecache.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":27,"display_name":6,"profile_url":7,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"takahashi_fumiki",14,3590,90,513,72,"2026-04-04T14:37:39.264Z",[35,57,77,95,111],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":49,"download_link":55,"security_score":56,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"cache-warmer","Cache Warmer","1.3.8","TMM Technology","https:\u002F\u002Fprofiles.wordpress.org\u002Ftmmtechnology\u002F","\u003Cp>Visits website pages to warm (create) the cache if you have any caching solutions configured.\u003C\u002Fp>\n\u003Ch3>Settings\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Configure cache warming entry points and the depth of the warming;\u003C\u002Fli>\n\u003Cli>Add all public site posts as entry points;\u003C\u002Fli>\n\u003Cli>Add entry point sites sitemaps as entry points;\u003C\u002Fli>\n\u003Cli>Select which types of assets to load, with 4 checkboxes: scripts, styles, images, fonts;\u003C\u002Fli>\n\u003Cli>Set custom URL params (?foo=bar);\u003C\u002Fli>\n\u003Cli>Set custom user agent;\u003C\u002Fli>\n\u003Cli>Set custom request headers;\u003C\u002Fli>\n\u003Cli>Set custom cookies;\u003C\u002Fli>\n\u003Cli>Set connection timeout;\u003C\u002Fli>\n\u003Cli>Set speed limit (pages to visit per minute);\u003C\u002Fli>\n\u003Cli>Autorun Interval: to run the warming each N minutes;\u003C\u002Fli>\n\u003Cli>Exclude pages (by substring or regex);\u003C\u002Fli>\n\u003Cli>Rewrite URLs to HTTPS;\u003C\u002Fli>\n\u003Cli>Visit pages second time without custom URL params (if they are set);\u003C\u002Fli>\n\u003Cli>Warm-up posts (on their publication and edit (Can be seen in Logs -> Triggered)):\n\u003Cul>\n\u003Cli>Set custom posts warming interval.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Use object cache for tree storage, when it’s available.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Additional\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds a graph to your dashboard with page load time before and after the warming (2 lines) per day.\u003C\u002Fli>\n\u003Cli>Cleans up Action Scheduler log after itself (older than 30 days for failed actions, and older than 2 days for completed actions).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect to paid service for warming from external global servers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Run from code\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Start: \u003Ccode>\\Cache_Warmer\\AJAX::start_warm_up( false );\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Stop: \u003Ccode>\\Cache_Warmer\\AJAX::stop_warm_up( false );\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Run from WP CLI\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Start: \u003Ccode>wp cache-warmer start\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Stop: \u003Ccode>wp cache-warmer stop\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Required PHP extensions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>json\u003C\u002Fli>\n\u003Cli>simplexml (optional)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Bug reports \u002F Questions \u002F Suggestions\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"mailto:wp@tmm.ventures\" rel=\"nofollow ugc\">wp@tmm.ventures\u003C\u002Fa>\u003C\u002Fp>\n","Visits website pages to warm (create) the cache if you have any caching solutions configured.",1000,19047,96,19,"2024-11-17T21:34:00.000Z","6.7.0","","7.4",[18,19,52,53,54],"object-cache","redis","warming","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcache-warmer.1.3.8.zip",92,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":43,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":50,"tags":71,"homepage":49,"download_link":76,"security_score":66,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"servebolt-optimizer","Servebolt Optimizer","3.6.1","Servebolt","https:\u002F\u002Fprofiles.wordpress.org\u002Fservebolt\u002F","\u003Cp>The Servebolt Optimizer plugin adds functionality to implement Servebolt’s best practices for WordPress. This includes database optimizations, errorlog review, automatic cache purging, automatic image optimization and resizing, performance recommendations, and support for down stream HTML caching.\u003C\u002Fp>\n\u003Cp>Specifically, Servebolt Optimizer does two things for your site:\u003C\u002Fp>\n\u003Col>\n\u003Cli>It connects your \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fe3ke3\" rel=\"nofollow ugc\">WordPress hosted\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002F724lz\" rel=\"nofollow ugc\">WooCommerce hosted\u003C\u002Fa> Servebolt site to your \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fpf3hu\" rel=\"nofollow ugc\">Servebolt Admin Panel\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Its features implement Servebolt’s best practices for performance. These best practizes include database optimizations, error log review, automatic cache purging, automatic image optimization\u002Fresizing, performance recommendations and support for down stream HTML caching.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This project is maintained on \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fsog\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Configures HTML caching to speed up your site (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Integrates with \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002F4c9dw\" rel=\"nofollow ugc\">Accelerated Domains\u003C\u002Fa> (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Rewrite headers to allow down stream HTML caching (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>View Apache\u002FPHP error log (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Database optimization – Convert tables to InnoDB\u003C\u002Fli>\n\u003Cli>Database optimization – Add performance improving indexes\u003C\u002Fli>\n\u003Cli>Automatic cache purge for Cloudflare and Accelerated Domains\u003C\u002Fli>\n\u003Cli>Recommendations on additional performance improvements\u003C\u002Fli>\n\u003Cli>Multi-site support\u003C\u002Fli>\n\u003Cli>WP CLI support\u003C\u002Fli>\n\u003Cli>Cloudflare Image Resize-support (beta feature)\u003C\u002Fli>\n\u003Cli>WP Rocket compatability (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Read more about the plugin and all its features in our \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fservebolt-optimize-documentation\" rel=\"nofollow ugc\">Help Center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Accelerated Domains\u003C\u002Fh3>\n\u003Cp>The integration with our revolutionairy add-on performance and security enhancing service \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002F4c9dw\" rel=\"nofollow ugc\">Accelerated Domains\u003C\u002Fa> is made possible by Servebolt Optimizer. Installing the Servebolt Optimizer will provide the required HTTP headers to make use of Accelerated Domains.\u003C\u002Fp>\n\u003Ch3>Automatic purge of Cloudflare cache\u003C\u002Fh3>\n\u003Cp>Servebolt Optimizer supports the most complete solution for Cloudflare cache purging. The HTML Cache is automatically purged when any post type or term has been updated. You can also purge directly from the admin bar. This Cloudflare integration supports both the use of API key and API token authentication when communicating with the Cloudflare API.\u003C\u002Fp>\n\u003Ch3>HTML Caching\u003C\u002Fh3>\n\u003Cp>This plugin rewrites HTTP headers of HTML to allow for HTML Caching, and for the browser to cache HTML. HTML Caching may introduce all sorts of problems for end users, so installation and testing should be performed by a professional.\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>This plugin can be controlled via the WordPress Dashboard or WP CLI. Additionally there are various filters and PHP constants at your disposal.\u003C\u002Fp>\n\u003Ch3>Filter and constant reference\u003C\u002Fh3>\n\u003Cp>The plugin has various filters and PHP constants that allows third-party developers to alter the behaviour of the plugin. Please read the article \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fservebolt-optimizer-filters-and-php-constants\" rel=\"nofollow ugc\">Filters and PHP constants\u003C\u002Fa> in our help center to learn more.\u003C\u002Fp>\n\u003Ch3>Testing\u003C\u002Fh3>\n\u003Cp>We test against the current production version of WordPress and the next beta\u002Fdevelopment version\u003C\u002Fp>\n","This plugin implements Servebolt's WordPress best practices, and connects your site to the Servebolt Admin Panel.",96158,100,5,"2026-02-19T16:06:00.000Z","6.8.5","4.9.2",[19,72,73,74,75],"html-cache","multisite","optimization","performance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fservebolt-optimizer.3.6.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":66,"num_ratings":87,"last_updated":88,"tested_up_to":14,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":93,"download_link":94,"security_score":22,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"cloudflare-page-cache","Cloudflare Page Cache","1.4","Cloudflare","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudflare\u002F","\u003Cp>Integrates with the “\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcloudflare\u002Fworker-examples\u002Ftree\u002Fmaster\u002Fexamples\u002Fedge-cache-html\" rel=\"nofollow ugc\">Edge Cache HTML\u003C\u002Fa>” Cloudflare Worker to edge-cache the generated HTML for anonymous users (not logged-in) resulting in huge performance gains, particularly on slower hosting.\u003C\u002Fp>\n","Adds support for caching pages on Cloudflare and automatic purging when content changes.",600,19848,8,"2019-05-22T15:36:00.000Z","3.3.1","5.2.4",[18,19,75,92],"speed","https:\u002F\u002Fgithub.com\u002Fcloudflare\u002Fworker-examples\u002Ftree\u002Fmaster\u002Fexamples\u002Fedge-cache-html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudflare-page-cache.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":66,"downloaded":103,"rating":12,"num_ratings":12,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":16,"tags":107,"homepage":109,"download_link":110,"security_score":22,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"c-purge-cache","Purge Cache","1.0.8","bebjakub","https:\u002F\u002Fprofiles.wordpress.org\u002Fbebjakub\u002F","\u003Cp>Purge Cloudflare Cache of the Post with additional URLs on the Post update, Purge Everything button.\u003C\u002Fp>\n\u003Cp>Plugin requires Cloudflare account.\u003C\u002Fp>\n\u003Cp>Feel free to create PR to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgdidentity\u002Fc-purge-cache\" rel=\"nofollow ugc\">plugin Github repo\u003C\u002Fa>.\u003C\u002Fp>\n","Purge Cloudflare Cache of the Post with additional URLs on the Post update, Purge Everything button.",4098,"2023-10-10T05:27:00.000Z","6.3.8","4.7",[18,19,108],"purge","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fc-purge-cache","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fc-purge-cache.1.0.8.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":66,"downloaded":119,"rating":66,"num_ratings":120,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":49,"tags":124,"homepage":49,"download_link":127,"security_score":22,"vuln_count":12,"unpatched_count":12,"last_vuln_date":23,"fetched_at":24},"purge-cloud-flare","Purge Cloud Flare","1.6","webrangers","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebrangers\u002F","\u003Cp>It clears whole CloudFlare cache for desired domain.\u003Cbr \u002F>\nPurge is done from WordPress admin panel or plugin’s page. Current version contains functionality which purges individual files by URL and clears CloudFlare cache after Save Post action.\u003C\u002Fp>\n\u003Cp>THINGS YOU NEED TO KNOW:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Whenever you get error clearing the cache alert popup appears with CloudFlare Api response.\u003C\u002Fli>\n\u003Cli>This version allows you to purge whole CF cache and specific files by their urs.\u003C\u002Fli>\n\u003Cli>Clear cached files to force Cloudflare to fetch a fresh version of those files from your web server. You can purge files selectively or all at once.\u003C\u002Fli>\n\u003Cli>Purging the cache may temporarily degrade performance for your website.\u003C\u002Fli>\n\u003C\u002Ful>\n","Purge CloudFlare makes clearing CloudFlare cache as simple as one click.",4904,2,"2017-02-22T14:02:00.000Z","4.7.32","3.1",[18,125,19,126,75],"cdn","free","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpurge-cloud-flare.zip",{"attackSurface":129,"codeSignals":190,"taintFlows":199,"riskAssessment":200,"analyzedAt":212},{"hooks":130,"ajaxHandlers":175,"restRoutes":176,"shortcodes":188,"cronEvents":189,"entryPointCount":120,"unprotectedCount":120},[131,137,141,144,147,151,155,159,164,166,170],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","init","register_assets","app\\Hametuha\\Hamecache\\Option.php",41,{"type":132,"name":138,"callback":139,"file":135,"line":140},"admin_menu","add_menu",43,{"type":132,"name":142,"callback":142,"file":135,"line":143},"admin_init",45,{"type":132,"name":145,"callback":145,"file":135,"line":146},"admin_enqueue_scripts",47,{"type":132,"name":148,"callback":148,"priority":66,"file":149,"line":150},"save_post","app\\Hametuha\\Hamecache\\Purger.php",21,{"type":132,"name":152,"callback":153,"priority":66,"file":149,"line":154},"transition_post_status","purge_scheduled",22,{"type":132,"name":156,"callback":157,"file":149,"line":158},"rest_api_init","register_rest",24,{"type":132,"name":160,"callback":161,"priority":162,"file":149,"line":163},"admin_bar_menu","admin_bar",998,26,{"type":132,"name":133,"callback":134,"file":149,"line":165},28,{"type":132,"name":167,"callback":168,"file":149,"line":169},"wp_enqueue_scripts","enqueue_scripts",29,{"type":132,"name":171,"callback":172,"file":173,"line":174},"plugins_loaded","hamecache_init","hamecache.php",48,[],[177,184],{"namespace":178,"route":179,"methods":180,"callback":182,"permissionCallback":23,"file":149,"line":183},"hamecache\u002Fv1","cache\u002Feverything",[181],"GET","anonymous",250,{"namespace":178,"route":185,"methods":186,"callback":182,"permissionCallback":23,"file":149,"line":187},"cache\u002Fpost\u002F(?P\u003Cpost_id>\\d+)",[181],262,[],[],{"dangerousFunctions":191,"sqlUsage":192,"outputEscaping":194,"fileOperations":12,"externalRequests":197,"nonceChecks":12,"capabilityChecks":67,"bundledLibraries":198},[],{"prepared":12,"raw":12,"locations":193},[],{"escaped":195,"rawEcho":12,"locations":196},27,[],1,[],[],{"summary":201,"deductions":202},"The \"hamecache\" v1.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices in several areas. There are no dangerous functions, all SQL queries use prepared statements, all output is properly escaped, and there are no file operations or external HTTP requests that would typically introduce significant risks. The lack of any recorded vulnerabilities, past or present, further suggests a level of care in its development.  However, significant security concerns arise from the attack surface analysis.  The plugin exposes two REST API routes that lack any permission callbacks. This means that any unauthenticated user could potentially interact with these routes, leading to unintended actions or information disclosure depending on their functionality. The absence of nonce checks on these entry points further exacerbates this risk, making them vulnerable to CSRF attacks. The plugin's claim of 5 capability checks is noted, but their absence on the REST API routes undermines their protective value in this context.  Overall, while the underlying code quality regarding data handling and output escaping appears strong, the unprotected REST API routes represent a critical weakness that needs immediate attention. The absence of historical vulnerabilities is a positive sign, but it does not negate the current, identifiable security flaws.",[203,206,209],{"reason":204,"points":205},"REST API routes without permission callbacks",15,{"reason":207,"points":208},"Unprotected REST API entry points",10,{"reason":210,"points":211},"Lack of nonce checks on entry points",7,"2026-03-16T22:35:44.775Z",{"wat":214,"direct":221},{"assetPaths":215,"generatorPatterns":217,"scriptPaths":218,"versionParams":219},[216],"\u002Fwp-content\u002Fplugins\u002Fhamecache\u002Fassets\u002Fcss\u002Fadmin.css",[],[],[220],"hamecache-admin",{"cssClasses":222,"htmlComments":232,"htmlAttributes":233,"restEndpoints":236,"jsGlobals":237,"shortcodeOutput":238},[223,224,225,226,227,228,229,230,231],"hamecache-divider","hamecache-error","hamecache-rule-list","hamecache-rule-item","hamecache-rule-url","hamecache-rule-status","hamecache-rule-actions","hamecache-rule-action","hamecache-label",[],[234,235],"readonly","value",[],[],[]]