[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fmW4JE1V1jOU1fgiE1-PG2s4F-Y5poSFIvYyNigo2NPE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":147,"fingerprints":241},"interactive-posts-ippm","Interactive Posts","1.0.2","hasanirogers","https:\u002F\u002Fprofiles.wordpress.org\u002Fhasanirogers\u002F","\u003Cp>Interactive Posts Package Manager (IPPM) brings packages to WordPress. A package is a zip file containing assets such as CSS, JavaScript, and images. You can attach the CSS and JavaScript script to a post by adding a package to it. From there you may enhance the experience of posts to whatever your heart desires with beautiful animations and interactive experiences.\u003C\u002Fp>\n","Interactive Posts allows you to upload and attach assets to posts from packages enhancing the experience of any post.",0,2611,"2024-09-03T21:32:00.000Z","6.6.5","5.7.0","7.4",[18,19,20,21,22],"enhanced-posts","javascript","package-manager","packages","zip","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finteractive-posts-ippm.1.0.2.zip",92,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,88,"2026-04-04T17:25:37.399Z",[35,59,79,100,123],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":23,"tags":50,"homepage":55,"download_link":56,"security_score":57,"vuln_count":30,"unpatched_count":30,"last_vuln_date":58,"fetched_at":27},"advanced-speed-increaser","Advanced Speed Increaser","2.2.1","Animesh Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fanimeshsarakd\u002F","\u003Cp>Advanced Speed Increaser is a light weighted plugin to speed up wordpress website by using GZIP compression and setting header expiration for images. The plugin uses .htaccess file for compression. This plugin also minify HTML, inline CSS and Javascript. Including Database cleanup and optimization tool to make your wordpress website lighter and faster.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Advanced Speed Increaser enable GZIP compression in your website.\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser enable Leverage Browser Caching.\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser Turn Off ETags.\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser minify HTML, inline CSS and Javascript.\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser set far future expiration date for static files (eg. image,fonts,javascript etc).\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser gives you an option to remove auto revisions posts.\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser gives you an option to remove auto drafts posts.\u003C\u002Fli>\n\u003Cli>Advanced Speed Increaser gives you an option to remove transient options.\u003C\u002Fli>\n\u003C\u002Ful>\n","Advanced Speed Increaser is a light weighted plugin to speed up wordpress website by using GZIP compression and setting header expiration for images.",300,18745,76,10,"2020-04-03T05:44:00.000Z","5.4.19","3.5",[51,52,53,54,19],"expires-header","expiry-header","far-future-expiration","gzip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-speed-increaser\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-speed-increaser.zip",64,"2025-04-01 00:00:00",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":11,"downloaded":67,"rating":11,"num_ratings":11,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":23,"download_link":77,"security_score":78,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"package-installator","Package Installator","1.2.1","Thomas Lloancy","https:\u002F\u002Fprofiles.wordpress.org\u002Ftlloancy\u002F","\u003Cp>Package Installator empowers WordPress administrators to manage system-level packages, such as PHP extensions, directly from the WordPress admin dashboard. It features a modern, React-based interface with a searchable table, animated progress bars, and detailed command output for installing and uninstalling packages via SSH.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Modern UI\u003C\u002Fstrong>: React-based interface with search functionality and animated progress bars.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Package Management\u003C\u002Fstrong>: Install or uninstall packages like \u003Ccode>php-xml\u003C\u002Fcode>, \u003Ccode>php-mbstring\u003C\u002Fcode>, \u003Ccode>php-curl\u003C\u002Fcode>, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSH Integration\u003C\u002Fstrong>: Secure SSH connections using private key or password authentication.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Feedback\u003C\u002Fstrong>: AJAX updates for package status, progress, and detailed command logs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Expandable Logs\u003C\u002Fstrong>: View raw command output for each package operation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SSH Status\u003C\u002Fstrong>: Visual indicators for SSH connection status on both settings and package manager pages.\u003Cbr \u002F>\n\u003Cstrong>Important Note\u003C\u002Fstrong>: Currently compatible only with Debian-based distributions (e.g., Debian, Ubuntu) using \u003Ccode>apt\u003C\u002Fcode>. Future versions will support other Linux distributions (Red Hat, Fedora, Arch, etc.) with tools like \u003Ccode>yum\u003C\u002Fcode>, \u003Ccode>dnf\u003C\u002Fcode>, and \u003Ccode>pacman\u003C\u002Fcode>.\u003Cbr \u002F>\n\u003Cstrong>Warning\u003C\u002Fstrong>: This plugin executes system commands via SSH, which can impact your server. Ensure proper SSH configuration and test on a staging environment.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>Includes all dependencies: React, Axios, React-Select, phpseclib3.\u003Cbr \u002F>\nNo Composer or npm required.\u003C\u002Fp>\n\u003Ch3>⚠️ Avertissements de sécurité très importants\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Ce plugin exécute des commandes \u003Cstrong>root\u003C\u002Fstrong> via SSH depuis WordPress.\u003C\u002Fli>\n\u003Cli>Une vulnérabilité (XSS, vol de session, compte admin compromis) pourrait permettre une prise de contrôle totale du serveur.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>N’utilisez PAS en production sans\u003C\u002Fstrong> :\n\u003Cul>\n\u003Cli>HTTPS forcé\u003C\u002Fli>\n\u003Cli>2FA sur tous les comptes admin\u003C\u002Fli>\n\u003Cli>Restriction IP sur l’admin WP\u003C\u002Fli>\n\u003Cli>Liste blanche stricte des commandes autorisées\u003C\u002Fli>\n\u003Cli>Sauvegardes régulières (fichiers + base)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Testez \u003Cstrong>uniquement sur staging\u003C\u002Fstrong> au début.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.1.0 – December 2025\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Full internationalization (i18n) support with French and English translations\u003C\u002Fli>\n\u003Cli>Command history logging with database table\u003C\u002Fli>\n\u003Cli>Non-interactive root command executor\u003C\u002Fli>\n\u003Cli>Improved session handling and security\u003C\u002Fli>\n\u003Cli>Updated for WordPress 6.9 compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>1.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial release with React UI, SSH package management, and support for Debian-based systems.\u003C\u002Fli>\n\u003Cli>Features animated progress bars, expandable command output, and SSH status indicators.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary Section\u003C\u002Fh3>\n\u003Ch3>Future Plans\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Support for Red Hat, Fedora, Arch, and other Linux distributions.\u003C\u002Fli>\n\u003Cli>Enhanced error handling and user feedback.\u003C\u002Fli>\n\u003Cli>Real-time log streaming for long-running operations.\u003C\u002Fli>\n\u003Cli>Support for additional package managers (\u003Ccode>yum\u003C\u002Fcode>, \u003Ccode>dnf\u003C\u002Fcode>, \u003Ccode>pacman\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For contributions or issues, contact Tlloancy at [tlloancy@deter-mi.net].\u003C\u002Fp>\n","A plugin to manage system packages (e.g., php-xml) with a modern React-based UI via SSH.",319,"2026-03-03T05:35:00.000Z","6.9.4","5.0","8.2",[73,20,74,75,76],"debian","react-ui","ssh","system-packages","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpackage-installator.1.2.1.zip",100,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":69,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":23,"download_link":99,"security_score":78,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"cache-enabler","Cache Enabler","1.8.16","KeyCDN","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeycdn\u002F","\u003Cp>Cache Enabler is a simple, yet powerful WordPress caching plugin that is easy to use, needs minimal configuration, and best of all helps improve site performance for a faster load time. It creates static HTML files of frontend pages and stores them on the server’s disk. This allows the static HTML files to be delivered instead of generating pages on the fly, avoiding resource intensive backend processes from the WordPress core, plugins, and database.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fast and efficient cache engine\u003C\u002Fli>\n\u003Cli>Automatic smart cache clearing\u003C\u002Fli>\n\u003Cli>Manual cache clearing\u003C\u002Fli>\n\u003Cli>WP-CLI cache clearing\u003C\u002Fli>\n\u003Cli>Cache expiry\u003C\u002Fli>\n\u003Cli>WebP support (convert images to WebP with \u003Ca href=\"https:\u002F\u002Foptimus.io\" rel=\"nofollow ugc\">Optimus\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Mobile support\u003C\u002Fli>\n\u003Cli>Brotli and Gzip pre-compression support\u003C\u002Fli>\n\u003Cli>Minification of HTML excluding or including inline CSS and JavaScript\u003C\u002Fli>\n\u003Cli>Real-time cache size display in the WordPress dashboard\u003C\u002Fli>\n\u003Cli>Custom post type support\u003C\u002Fli>\n\u003Cli>\u003Ccode>304 Not Modified\u003C\u002Fcode> support\u003C\u002Fli>\n\u003Cli>Works perfectly with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fautoptimize\u002F\" rel=\"ugc\">Autoptimize\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How does the caching work?\u003C\u002Fh4>\n\u003Cp>Cache Enabler captures page contents and saves it as a static HTML file on the server’s disk. The static HTML file created can be one of several possible cache versions depending on the plugin settings and HTTP request. Accepted static HTML files are then delivered without any database queries or on the fly compression, allowing for a quicker page load.\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\u002Fsupport\u002Fwordpress-cache-enabler-plugin#installation\" rel=\"nofollow ugc\">Installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\u002Fsupport\u002Fwordpress-cache-enabler-plugin#settings\" rel=\"nofollow ugc\">Settings\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\u002Fsupport\u002Fwordpress-cache-enabler-plugin#hooks\" rel=\"nofollow ugc\">Hooks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\u002Fsupport\u002Fwordpress-cache-enabler-plugin#wp-cli\" rel=\"nofollow ugc\">WP-CLI\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\u002Fsupport\u002Fwordpress-cache-enabler-plugin#advanced-configuration\" rel=\"nofollow ugc\">Advanced configuration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\u002Fsupport\u002Fwordpress-cache-enabler-plugin#faq\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Want to help?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Want to file a bug, contribute some code, or improve translations? Excellent! Check out our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkeycdn\u002Fcache-enabler\u002Fissues\" rel=\"nofollow ugc\">GitHub issues\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fcache-enabler\u002F\" rel=\"nofollow ugc\">translations\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Maintainer\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.keycdn.com\" rel=\"nofollow ugc\">KeyCDN\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight caching plugin for WordPress that makes your website faster by generating static HTML files.",100000,2619625,86,138,"2026-03-02T07:50:00.000Z","5.1","5.6",[95,96,54,97,98],"cache","caching","performance","webp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcache-enabler.1.8.16.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":87,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":69,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":119,"download_link":120,"security_score":109,"vuln_count":121,"unpatched_count":11,"last_vuln_date":122,"fetched_at":27},"shortcoder","Shortcoder — Create Shortcodes for Anything","6.5.2","vaakash","https:\u002F\u002Fprofiles.wordpress.org\u002Fvaakash\u002F","\u003Cp>Shortcoder plugin allows to create a custom shortcodes for HTML, JavaScript, CSS and other code snippets. Now the shortcodes can be used in posts\u002Fpages and the snippet will be replaced in place.\u003C\u002Fp>\n\u003Ch3>✍ Create shortcodes easily\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Give a name for the shortcode\u003C\u002Fli>\n\u003Cli>Paste the HTML\u002FJavaScript\u002FCSS as shortcode content\u003C\u002Fli>\n\u003Cli>Save !\u003C\u002Fli>\n\u003Cli>Now insert the shortcode \u003Ccode>[sc name=\"my_shortcode\"]\u003C\u002Fcode> in your post\u002Fpage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Voila !\u003C\u002Fstrong> You got the HTML\u002FJavascript\u002FCSS in your post.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>✨ Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create \u003Cstrong>custom shortcodes\u003C\u002Fstrong> easily and use them in any place where shortcode is supported.\u003C\u002Fli>\n\u003Cli>Have any \u003Cstrong>HTML\u003C\u002Fstrong>, \u003Cstrong>Javascript\u003C\u002Fstrong>, \u003Cstrong>CSS\u003C\u002Fstrong> as Shortcode content.\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>Custom parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Insert: \u003Cstrong>WordPress parameters\u003C\u002Fstrong> in shortcode\u003C\u002Fli>\n\u003Cli>Multiple editors: Code, Visual and text modes.\u003C\u002Fli>\n\u003Cli>Globally disable the shortcode when not needed.\u003C\u002Fli>\n\u003Cli>Disable shortcode on desktop, mobile devices.\u003C\u002Fli>\n\u003Cli>A button in post editor to pick the shortcodes to insert.\u003C\u002Fli>\n\u003Cli>Execute blocks HTML in shortcode content.\u003C\u002Fli>\n\u003Cli>Insert shortcodes in Gutenberg\u002Fblock editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎲 An example usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Create a shortcode named “adsenseAd” in the Shortcoder admin page.\u003C\u002Fli>\n\u003Cli>Paste the adsense code in the box given and save it.\u003C\u002Fli>\n\u003Cli>Use \u003Ccode>[sc name=\"adsenseAd\"]\u003C\u002Fcode> in your posts and pages.\u003C\u002Fli>\n\u003Cli>Tada !!! the ad code is replaced and it appears in the post.\u003C\u002Fli>\n\u003Cli>Now you can edit the ad code at one place and the code is updated in all the locations where the shortcode is used.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Similarly shortcodes can be created for frequently used snippets.\u003C\u002Fp>\n\u003Cp>You can also add \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">custom parameters\u003C\u002Fa> (like \u003Ccode>%%id%%\u003C\u002Fcode>) inside the snippets, and change it’s value like \u003Ccode>[sc name=\"youtube\" id=\"GrlRADfvjII\"]\u003C\u002Fcode> when using them.\u003C\u002Fp>\n\u003Ch3>🧱 Using in block editor\u003C\u002Fh3>\n\u003Cp>Though shortcodes can be used in \u003Cstrong>any\u003C\u002Fstrong> place manually, Shortcoder provides below options to select and insert the shortcodes created easily when working with the block editor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shortcoder block\u003C\u002Fli>\n\u003Cli>Toolbar button to select and insert shortcodes inline (under “more”)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Upgrade to PRO\u003C\u002Fh3>\n\u003Cp>Shortcoder also provides a \u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa> which has additional features to further enhance the experience. Below features are offered in the PRO version.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom editor\u003C\u002Fstrong> – Edit Shortcode content using block editor or page builder plugins like Elementor and WPBakery.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>(New) Translation with WPML\u003C\u002Fstrong> – Translate Shortcode content with WPML.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Revisions\u003C\u002Fstrong> – Revisions support for Shortcode content.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Locate shortcode\u003C\u002Fstrong> – Search posts and pages where a shortcode is used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Extra code\u003C\u002Fstrong> – Include extra code to the footer when a shortcode is used in a page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Get started with Shortcoder – PRO\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fdocs\u002Fshortcoder\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fforum\u002F\" rel=\"nofollow ugc\">Support forum\u002FReport bugs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F#pro\" rel=\"nofollow ugc\">PRO features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Create custom \"Shortcodes\" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets",1888190,98,225,"2026-03-01T17:44:00.000Z","4.9.0","5.3",[115,116,19,117,118],"code","html","shortcode","snippets","https:\u002F\u002Fwww.aakashweb.com\u002Fwordpress-plugins\u002Fshortcoder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortcoder.6.5.2.zip",2,"2026-01-09 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":87,"downloaded":131,"rating":109,"num_ratings":132,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":93,"tags":136,"homepage":142,"download_link":143,"security_score":144,"vuln_count":145,"unpatched_count":11,"last_vuln_date":146,"fetched_at":27},"wp-asset-clean-up","Asset CleanUp: Page Speed Booster","1.4.0.3","Gabe Livan","https:\u002F\u002Fprofiles.wordpress.org\u002Fgabelivan\u002F","\u003Cp>Don’t just minify & combine CSS\u002FJavaScript files ending up with large, bloated and slow loading pages: \u003Cstrong>Strip the “fat” first and get a faster website\u003C\u002Fstrong> 🙂\u003C\u002Fp>\n\u003Cp>Faster page load = Happier Visitors = More Conversions = More Revenue\u003C\u002Fp>\n\u003Cp>There are often times when you are using a theme and a number of plugins which are enabled and run on the same page. However, you don’t need to use all of them and to improve the speed of your website and make the HTML source code cleaner (convenient for debugging purposes), it’s better to prevent those styles and scripts from loading.\u003C\u002Fp>\n\u003Cp>For instance, you might use a plugin that generates contact forms and it loads its assets (.CSS and .JS files) in every page of your website instead of doing it only in the \u002Fcontact page (if that’s the only place where you need it).\u003C\u002Fp>\n\u003Cp>“Asset CleanUp” scans your page and detects all the assets that are loaded. All you have to do when editing a page\u002Fpost is just to select the CSS\u002FJS that are not necessary to load, this way reducing the bloat.\u003C\u002Fp>\n\u003Cp>The plugin works best in combination with a cache plugin (e.g. WP Rocket, WP Fastest Cache, W3 Total Cache), a hosting company that offers packages with server-level caching available (e.g. WP Engine, Kinsta) or a service like Cloudflare that has page caching enabled.\u003C\u002Fp>\n\u003Ch4>Main plugin’s benefits include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Decreases the number of HTTP requests loaded and eliminate render-blocking resources (important for faster page load) by unloading useless CSS\u002FJS\u003C\u002Fli>\n\u003Cli>Preload CSS\u002FJS, Local Fonts & Google Fonts files to instruct the browser to download the chosen assets as soon as possible\u003C\u002Fli>\n\u003Cli>Minify CSS files (including inline code within STYLE tags)\u003C\u002Fli>\n\u003Cli>Minify JavaScript files (including inline code within SCRIPT tags)\u003C\u002Fli>\n\u003Cli>Combine remaining loaded CSS & JavaScript files\u003C\u002Fli>\n\u003Cli>Inline CSS Files (automatically & by specifying the path to the stylesheets)\u003C\u002Fli>\n\u003Cli>Defer combined JavaScript files by applying “defer” attribute to the SCRIPT tags\u003C\u002Fli>\n\u003Cli>Site-wide removal for Emojis, Dashicons for guest users and Comment Reply if they are not used\u003C\u002Fli>\n\u003Cli>Disable RSS Feeds\u003C\u002Fli>\n\u003Cli>Reduces the HTML code of the actual page (that’s even better if GZIP compression is enabled)\u003C\u002Fli>\n\u003Cli>Makes source code easier to scan in case you’re a developer and want to search for something\u003C\u002Fli>\n\u003Cli>Remove possible conflicts between plugins\u002Ftheme (e.g. 2 JavaScript files that are loading from different plugins and they interfere one with another)\u003C\u002Fli>\n\u003Cli>Better performance score if you test your URL on websites such as GTmetrix, PageSpeed Insights, Pingdom Website Speed Test\u003C\u002Fli>\n\u003Cli>Google will love your website more as it would be faster and fast page load is nowadays a factor in search ranking\u003C\u002Fli>\n\u003Cli>Your server access log files (e.g the Apache ones) will be easier to scan and would take less space on your server\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google Fonts Optimization \u002F Removal\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Combine all Google Font requests into fewer (usually one) requests, saving one round trip to the server for each additional font requested\u003C\u002Fli>\n\u003Cli>Choose between three methods of delivery: Render-blocking, Asynchronous via Web Font Loader (webfont.js) or Asynchronous by preloading the CSS stylesheet\u003C\u002Fli>\n\u003Cli>Option to preload Google Font Files from fonts.gstatic.com (e.g. ending in .woff2)\u003C\u002Fli>\n\u003Cli>Apply “font-display” CSS property to all loaded Google Font requests\u003C\u002Fli>\n\u003Cli>Enable preconnect resource hint for fonts.gstatic.com in case you use Google Fonts; don’t let the browser wait until it fetches the CSS for loading the font files before it begins DNS\u002FTCP\u002FTLS\u003C\u002Fli>\n\u003Cli>Remove all Google Font requests including link\u002Ffont preloads, @import\u002F@font-face from CSS files & STYLE tags, resource hints\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Local Fonts Optimization\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Preload local font files (ending in .woff, .woff2, .ttf, etc.)\u003C\u002Fli>\n\u003Cli>Apply “font-display:” CSS property to @font-face from existing to LINK \u002F STYLE tags to improve the PageSpeed score for “Ensure text remains visible during webfont load”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Critical CSS\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>You can add already generated critical CSS (e.g. via tools such as \u003Ca href=\"https:\u002F\u002Fwww.corewebvitals.io\u002Ftools\u002Fcritical-css-generator\" rel=\"nofollow ugc\">Advanced Critical CSS Generator\u003C\u002Fa> customly for the homepage, posts, pages, taxonomy pages (e.g. category), archive pages (e.g. date, author), search, 404 not found\u003C\u002Fli>\n\u003Cli>The critical CSS can be added within the Dashboard as well as via code \u002F \u003Ca href=\"https:\u002F\u002Fwww.assetcleanup.com\u002Fdocs\u002F?p=608\" rel=\"nofollow ugc\">Read More\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Remove useless links, meta tags and HTML comments within the HEAD and BODY (footer) tags of the website\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Really Simple Discovery (RSD) link tag\u003C\u002Fli>\n\u003Cli>REST API link tag\u003C\u002Fli>\n\u003Cli>Pages\u002FPosts Shortlink tag\u003C\u002Fli>\n\u003Cli>WordPress version meta tag (also good for security reasons)\u003C\u002Fli>\n\u003Cli>All “generator” meta tags (also good for security reasons)\u003C\u002Fli>\n\u003Cli>RSS Feed Link Tags (usually they are not needed if your website is not used for blogging purposes)\u003C\u002Fli>\n\u003Cli>oEmbeds, if you do not need to embed videos (e.g. YouTube), tweets and audios\u003C\u002Fli>\n\u003Cli>Valid HTML Comments (exceptions from stripping can be added and Internet Explorer conditional comments are preserved)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Each option can be turned on\u002Foff depending on your needs. Instructions about each of them are given in the plugin’s settings page.\u003C\u002Fp>\n\u003Ch4>Disable partially or completely XML-RPC protocol\u003C\u002Fh4>\n\u003Cp>This is an API service used by WordPress for 3rd party applications, such as mobile apps, communication between blogs and plugins such as Jetpack. If you use or are planning to use a remote system to post content to your website, you can keep this feature enabled (which it is by default). Many users do not use this function at all and if you’re one of them, you can disable it.\u003C\u002Fp>\n\u003Cp>Plugin works with WordPress Multisite Network enabled!\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Asset CleanUp Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n  This plugin is the lite version of Asset CleanUp Pro that comes with more benefits including managing assets (CSS & JS files) on all WordPress pages, unloading plugins site-wide or via Regex(es), apply “async” and “defer” attributes on loaded JavaScript files which would boost the speed score even higher, move the loading location of CSS\u002FJS files (from HEAD to BODY to reduce render-blocking or vice-versa if you need specific files to trigger earlier) and premium support. \u003Ca href=\"https:\u002F\u002Fwww.gabelivan.com\u002Fitems\u002Fwp-asset-cleanup-pro\u002F?utm_source=wp_org_lite&utm_medium=inside_quote\" rel=\"nofollow ugc\">Click here to purchase Asset CleanUp Pro!\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>NOTES\u003C\u002Fh4>\n\u003Cp>People that have tested the plugin are so far happy with it and I want to keep a good reputation for it. In case something is not working for you or have any suggestions, please write to me on the forum and I will be happy to assist you. \u003Cstrong>BEFORE rating this plugin\u003C\u002Fstrong>, please check the following post http:\u002F\u002Fchrislema.com\u002Ftheres-wrong-way-give-plugin-feedback-wordpress-org\u002F and then use your common sense when writing the feedback 🙂\u003C\u002Fp>\n\u003Ch4>GO PRO\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Unload CSS\u002FJS files on all WordPress pages including Categories, Tags, Custom Taxonomy (e.g. WooCommerce product category), 404 Not Found, Date & Author Archives, Search Results)\u003C\u002Fli>\n\u003Cli>Unload plugins in the frontend view (for guest visitors) * This will not just unload the CSS\u002FJS files loaded from the plugins, but everything else related to them (e.g. slow database queries)\u003C\u002Fli>\n\u003Cli>Unload plugins within the Dashboard \u002Fwp-admin\u002F * Do you have any slow pages that are loading within the Dashboard? You can reduce seconds in page load for some bulky ones or fix plugin conflicts\u003C\u002Fli>\n\u003Cli>Instruct the browser to download a CSS\u002FJS file based on the visitor’s screen size (e.g. avoid downloading assets in mobile view when they are not needed, if the screen size is smaller than 768px)\u003C\u002Fli>\n\u003Cli>Defer CSS by appending it to the BODY to load it asynchronously (Render blocking CSS delays a web page from being visible in a timely manner)\u003C\u002Fli>\n\u003Cli>Move JavaScript files from HEAD to BODY and vice-versa (CSS files moved to the BODY are automatically deferred)\u003C\u002Fli>\n\u003Cli>Defer JavaScript loaded files (by applying “defer” attribute to any enqueued JS file)\u003C\u002Fli>\n\u003Cli>Async JavaScript loaded files (by applying “async” attribute to any enqueued JS file)\u003C\u002Fli>\n\u003Cli>Inline JavaScript files (automatically & by specifying the path to the stylesheets)\u003C\u002Fli>\n\u003Cli>Priority in releasing new features & other improvements (updates that are meant for both Lite and Pro plugins are first released to the Pro users)\u003C\u002Fli>\n\u003Cli>Premium support and updates within the Dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Give Asset CleanUp a try! If you want to unlock all features, you can \u003Ca href=\"https:\u002F\u002Fwww.gabelivan.com\u002Fitems\u002Fwp-asset-cleanup-pro\u002F?utm_source=wp_org_lite&utm_medium=go_pro\" rel=\"nofollow ugc\">Upgrade to the Pro version\u003C\u002Fa>.\u003C\u002Fp>\n","Make your website load FASTER by stopping specific styles (.CSS) & scripts (.JS) from loading. It works best with a page caching plugin \u002F service.",4846454,1550,"2025-03-12T21:24:00.000Z","6.7.5","4.5",[137,138,139,140,141],"defer-css-javascript","dequeue","minify-css","minify-javascript","page-speed","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-asset-clean-up\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-asset-clean-up.1.4.0.3.zip",89,6,"2024-11-27 00:00:00",{"attackSurface":148,"codeSignals":218,"taintFlows":228,"riskAssessment":229,"analyzedAt":240},{"hooks":149,"ajaxHandlers":190,"restRoutes":203,"shortcodes":215,"cronEvents":216,"entryPointCount":217,"unprotectedCount":121},[150,156,160,164,168,172,176,181,186],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","admin_enqueue_scripts","ippm_admin_scripts","interactiveposts.php",32,{"type":151,"name":157,"callback":158,"file":154,"line":159},"init","ippm_gutenberg_blocks",46,{"type":151,"name":161,"callback":162,"file":154,"line":163},"admin_menu","ippm_package_manager_menu",94,{"type":151,"name":165,"callback":166,"file":154,"line":167},"wp","ippm_dependencies",113,{"type":151,"name":169,"callback":170,"file":154,"line":171},"wp_head","ippm_add_import_maps",139,{"type":151,"name":173,"callback":174,"file":154,"line":175},"wp_enqueue_scripts","ippm_add_assets",184,{"type":177,"name":178,"callback":179,"priority":46,"file":154,"line":180},"filter","script_loader_tag","add_type_attribute",198,{"type":151,"name":182,"callback":183,"file":184,"line":185},"rest_api_init","ippm_add_get_package","rest\\getpackage.php",19,{"type":151,"name":182,"callback":187,"file":188,"line":189},"ippm_add_get_packages","rest\\getpackages.php",28,[191,198],{"action":192,"nopriv":193,"callback":194,"hasNonce":195,"hasCapCheck":193,"file":196,"line":197},"ippm_package_delete",false,"ippm_delete_package",true,"ajax\\deletepackage.php",49,{"action":199,"nopriv":193,"callback":200,"hasNonce":195,"hasCapCheck":193,"file":201,"line":202},"ippm_package_upload","ippm_upload_package","ajax\\uploadpackage.php",96,[204,211],{"namespace":205,"route":206,"methods":207,"callback":209,"permissionCallback":26,"file":184,"line":210},"ippm\u002Fv1","\u002Fpackage\u002F(?P\u003Cslug>[a-zA-Z0-9-]+)",[208],"GET","anonymous",17,{"namespace":205,"route":212,"methods":213,"callback":209,"permissionCallback":26,"file":188,"line":214},"\u002Fpackages",[208],26,[],[],4,{"dangerousFunctions":219,"sqlUsage":220,"outputEscaping":222,"fileOperations":217,"externalRequests":11,"nonceChecks":121,"capabilityChecks":11,"bundledLibraries":227},[],{"prepared":11,"raw":11,"locations":221},[],{"escaped":46,"rawEcho":30,"locations":223},[224],{"file":154,"line":225,"context":226},128,"raw output",[],[],{"summary":230,"deductions":231},"The plugin 'interactive-posts-ippm' version 1.0.2 demonstrates a generally good security posture with several positive indicators. Notably, it uses prepared statements for all SQL queries and a high percentage of its outputs are properly escaped, suggesting a proactive approach to preventing common web vulnerabilities like SQL injection and XSS.  The absence of known CVEs and a clean vulnerability history further contribute to this positive assessment, indicating a consistent track record of security awareness.\n\nHowever, there are clear areas of concern. The plugin exposes two REST API routes without any permission callbacks, creating a significant attack surface that is unprotected. While the static analysis did not identify any specific dangerous functions or taint flows, the unprotected REST API endpoints could still be leveraged for various malicious activities if sensitive data or functionality can be accessed without proper authorization.  Additionally, while nonce checks are present on AJAX handlers, the lack of capability checks on these entry points and REST API routes is a missed opportunity to enforce granular access control.\n\nIn conclusion, while the plugin shows strengths in core security practices like prepared statements and output escaping, the unprotected REST API routes represent a notable weakness.  The absence of vulnerabilities in its history is encouraging, but this should not lead to complacency, especially given the identified attack surface. Further investigation into the functionality exposed by the REST API endpoints is recommended to fully understand the potential impact of these unprotected routes.",[232,234,237],{"reason":233,"points":46},"Unprotected REST API routes",{"reason":235,"points":236},"REST API routes without permission callbacks",8,{"reason":238,"points":239},"AJAX handlers without capability checks",5,"2026-03-17T06:24:15.697Z",{"wat":242,"direct":252},{"assetPaths":243,"generatorPatterns":246,"scriptPaths":247,"versionParams":249},[244,245],"\u002Fwp-content\u002Fplugins\u002Finteractive-posts-ippm\u002Fbuild\u002Finteractiveposts.css","\u002Fwp-content\u002Fplugins\u002Finteractive-posts-ippm\u002Fbuild\u002Finteractiveposts.js",[],[245,248],"\u002Fwp-content\u002Fplugins\u002Finteractive-posts-ippm\u002Fscripts\u002Fes-module-shims.js",[250,251],"interactive-posts-ippm\u002Fbuild\u002Finteractiveposts.css?ver=","interactive-posts-ippm\u002Fbuild\u002Finteractiveposts.js?ver=",{"cssClasses":253,"htmlComments":256,"htmlAttributes":257,"restEndpoints":259,"jsGlobals":262,"shortcodeOutput":264},[254,255],"ippm-alert","ippm-packages",[],[254,255,258],"kemet-upload",[260,261],"\u002Fwp-json\u002Fippm\u002Fv1\u002Fpackage\u002F","\u002Fwp-json\u002Fippm\u002Fv1\u002Fpackages",[263],"ippmData",[265,266],"\u003Cippm-alert>","\u003Cippm-packages"]