WP-Safety

HT Fast webp Security & Risk Analysis

wordpress.org/plugins/ht-fast-web

HT Fast webp

10 active installs v1.0.1 PHP 7.0+ WP + Updated Apr 10, 2021
fastfast-webpagespeedweb
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is HT Fast webp Safe to Use in 2026?

Generally Safe

Score 85/100

HT Fast webp has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The ht-fast-web plugin v1.0.1 demonstrates a generally positive security posture based on the provided static analysis. The absence of known CVEs and the plugin's clean vulnerability history are strong indicators of good development practices and ongoing maintenance. Notably, the plugin has zero reported vulnerabilities, and no critical or high-severity issues have been recorded in its history. This suggests a mature and secure codebase.

However, the static analysis reveals a potential concern with taint analysis. While the total number of flows analyzed is low, there is one flow identified with unsanitized paths. Although this did not escalate to a critical or high severity issue, it warrants attention as unsanitized paths can sometimes lead to vulnerabilities if not handled carefully. Furthermore, the absence of nonce checks and capability checks, while not inherently a vulnerability on its own given the zero attack surface, suggests a reliance on other security mechanisms or a minimal feature set. The excellent output escaping and complete use of prepared statements for SQL queries are commendable strengths.

In conclusion, ht-fast-web v1.0.1 appears to be a secure plugin with a strong track record. The identified taint flow is a minor concern that should be monitored, but the lack of any significant vulnerabilities in its history and the robust implementation of SQL and output sanitization are significant strengths. The plugin's small attack surface also contributes to its security.

Key Concerns

  • Flow with unsanitized paths
  • No nonce checks detected
  • No capability checks detected
Vulnerabilities
None known

HT Fast webp Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

HT Fast webp Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
20 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

83% escaped24 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<webp-on-demand> (actions\webp-on-demand.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

HT Fast webp Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 11
actionadmin_initsettings\myOptions.php:31
actionadmin_initsettings\myOptions.php:42
actionadmin_menusettings\run.php:5
actionadmin_enqueue_scriptssettings\script _admin.php:10
actionwp_enqueue_scriptssettings\script.php:40
filterscript_loader_tagsettings\script.php:59
filterthe_contentsettings\script.php:125
filterget_avatarsettings\script.php:126
filterwidget_textsettings\script.php:127
filterget_image_tagsettings\script.php:128
filterpost_thumbnail_htmlsettings\script.php:129
Maintenance & Trust

HT Fast webp Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15
Last updatedApr 10, 2021
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

HT Fast webp Alternatives

WP Fastest Cache – WordPress Cache Plugin

WP Fastest Cache – WordPress Cache Plugin

wp-fastest-cache

B
76

The simplest and fastest WP Cache system

1.0M 35 CVEs
Autoptimize

Autoptimize

autoptimize

B
77

Autoptimize speeds up your website by optimizing JS, CSS, images (incl. lazy-load), HTML and Google Fonts, asyncing JS, removing emoji cruft and more.

900K 12 CVEs
Fast Velocity Minify

Fast Velocity Minify

fast-velocity-minify

A
98

Maximize GTmetrix, PageSpeed and enhance Web Vitals by minifying CSS/JS, lazy loading scripts, optimizing images, and improving load speed overall.

40K 2 CVEs
Speed Booster Pack ⚡ PageSpeed Optimization Suite

Speed Booster Pack ⚡ PageSpeed Optimization Suite

speed-booster-pack

A
98

PageSpeed optimization is vital for SEO: A faster website equals better conversions. Optimize your Core Web Vitals metrics (CLS, LCP, TBT) today!

10K 2 CVEs
AEH Speed Optimization: Browser Cache, Optimized Minify, Lazy Loading & Image Optimization

AEH Speed Optimization: Browser Cache, Optimized Minify, Lazy Loading & Image Optimization

add-expires-headers

B
76

AEH Speed Optimization boosts site speed with caching, minification, lazy loading, and image optimization to improve performance and SEO.

3K 1 unpatched
Developer Profile

HT Fast webp Developer Profile

Henry Torres

3 plugins · 30 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect HT Fast webp

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ht-fast-web/assets/css/admin.css/wp-content/plugins/ht-fast-web/assets/js/index.js/wp-content/plugins/ht-fast-web/assets/js/cookie-consent.js/wp-content/plugins/ht-fast-web/assets/css/cookie-consent.css/wp-content/plugins/ht-fast-web/assets/js/lazyload.min.js
Script Paths
../assets/js/index.js../assets/js/cookie-consent.js../assets/js/lazyload.min.js
Version Parameters
HTFastWebp_admin_cssHTFastWebp_index_jsHTFastWebp_cookie_jsHTFastWebp_cookie_cssHTFastWebp_lazyload_js

HTML / DOM Fingerprints

CSS Classes
img-fluid
Data Attributes
data-srcdata-lazyloaddata-srcset
JS Globals
HTFastWebp_settings
FAQ

Frequently Asked Questions about HT Fast webp