WP-Safety

OptiCache Security & Risk Analysis

wordpress.org/plugins/opticache

Comprehensive performance optimization: page caching, cache warmup, CSS/JS minification, defer/async loading, and intelligent .htaccess management.

10 active installs v1.0.9 PHP 8.0+ WP 5.8+ Updated Feb 12, 2026
cacheminifyoptimizationperformancespeed
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is OptiCache Safe to Use in 2026?

Generally Safe

Score 100/100

OptiCache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The opticache plugin exhibits a generally strong security posture, with a robust implementation of security best practices. The plugin demonstrates excellent utilization of prepared statements for SQL queries and a high percentage of properly escaped outputs, significantly mitigating common web vulnerabilities. Furthermore, the absence of any recorded CVEs and a history free of known vulnerabilities suggests a well-maintained and secure codebase. The static analysis also reveals a comprehensive use of nonce and capability checks, reinforcing its defensive mechanisms against unauthorized actions.

However, the presence of the `unserialize` function, even if not directly tied to a critical taint flow in this analysis, warrants attention. While the static analysis did not reveal any directly exploitable unsanitized paths in the taint flow, the `unserialize` function is inherently risky when used with user-supplied data, as it can lead to Remote Code Execution if not handled with extreme care. The absence of critical taint flows is a positive indicator, but the potential risk associated with `unserialize` should not be overlooked.

In conclusion, opticache appears to be a secure plugin, with a strong foundation of secure coding practices and a clean vulnerability history. The identified concerns are minor in the context of the overall analysis, but the responsible use of `unserialize` should be a continued focus for developers to ensure long-term security.

Key Concerns

  • Use of unserialize function
Vulnerabilities
None known

OptiCache Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

OptiCache Code Analysis

Dangerous Functions
2
Raw SQL Queries
25
42 prepared
Unescaped Output
12
526 escaped
Nonce Checks
45
Capability Checks
50
File Operations
40
External Requests
10
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = @unserialize( $item );includes\class-object-cache-metrics.php:415
unserialize$data = @unserialize( $result );includes\class-opticache.php:3054

SQL Query Safety

63% prepared67 total queries

Output Escaping

98% escaped538 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

15 flows2 with unsanitized paths
render_settings_page (includes\class-admin-settings.php:204)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

OptiCache Attack Surface

Entry Points44
Unprotected0

AJAX Handlers 44

authwp_ajax_opticache_dismiss_cache_noticeincludes\class-cache-checker.php:29
authwp_ajax_opticache_start_preloadincludes\class-cache-preload.php:26
authwp_ajax_opticache_stop_preloadincludes\class-cache-preload.php:27
authwp_ajax_opticache_preload_statusincludes\class-cache-preload.php:28
authwp_ajax_opticache_detect_sitemapincludes\class-cache-preload.php:29
authwp_ajax_opticache_test_cloudflareincludes\class-cdn.php:94
authwp_ajax_opticache_purge_cloudflareincludes\class-cdn.php:95
authwp_ajax_opticache_validate_cdnincludes\class-cdn.php:96
authwp_ajax_opticache_test_varnishincludes\class-cdn.php:97
authwp_ajax_opticache_purge_varnishincludes\class-cdn.php:98
authwp_ajax_opticache_view_cdn_logincludes\class-cdn.php:99
authwp_ajax_opticache_clear_cdn_logincludes\class-cdn.php:100
authwp_ajax_opticache_download_cdn_logincludes\class-cdn.php:101
authwp_ajax_opticache_db_optimizeincludes\class-database-optimizer.php:21
authwp_ajax_opticache_db_get_statsincludes\class-database-optimizer.php:22
authwp_ajax_opticache_dismiss_disk_space_noticeincludes\class-disk-space-notice.php:20
authwp_ajax_opticache_log_js_errorincludes\class-js-debug.php:49
noprivwp_ajax_opticache_log_js_errorincludes\class-js-debug.php:50
authwp_ajax_opticache_purge_js_errorsincludes\class-js-debug.php:51
authwp_ajax_opticache_toggle_js_debugincludes\class-js-debug.php:52
authwp_ajax_opticache_adminbar_clearincludes\class-opticache.php:289
authwp_ajax_opticache_adminbar_clear_assetsincludes\class-opticache.php:290
authwp_ajax_opticache_adminbar_clear_opcacheincludes\class-opticache.php:291
authwp_ajax_opticache_flush_opcacheincludes\class-opticache.php:292
authwp_ajax_opticache_save_settingsincludes\class-opticache.php:293
authwp_ajax_opticache_reset_defaultsincludes\class-opticache.php:294
authwp_ajax_opticache_get_htaccess_previewincludes\class-opticache.php:295
authwp_ajax_opticache_test_htaccessincludes\class-opticache.php:296
authwp_ajax_opticache_get_toggle_codeincludes\class-opticache.php:297
authwp_ajax_opticache_htaccess_viewedincludes\class-opticache.php:298
authwp_ajax_opticache_ecommerce_viewedincludes\class-opticache.php:299
authwp_ajax_opticache_css_ecommerce_dismissincludes\class-opticache.php:300
authwp_ajax_opticache_plugin_viewedincludes\class-opticache.php:301
authwp_ajax_opticache_gateway_viewedincludes\class-opticache.php:302
authwp_ajax_opticache_dismiss_noticeincludes\class-opticache.php:303
authwp_ajax_opticache_support_notificationincludes\class-opticache.php:304
authwp_ajax_opticache_object_enableincludes\class-opticache.php:317
authwp_ajax_opticache_object_disableincludes\class-opticache.php:318
authwp_ajax_opticache_object_flushincludes\class-opticache.php:319
authwp_ajax_opticache_object_testincludes\class-opticache.php:320
authwp_ajax_opticache_object_metricsincludes\class-opticache.php:321
authwp_ajax_opticache_test_serverincludes\class-opticache.php:322
authwp_ajax_opticache_dismiss_review_noticeincludes\class-review-notice.php:25
authwp_ajax_opticache_review_clickedincludes\class-review-notice.php:26
WordPress Hooks 127
actionadmin_menuincludes\class-admin-settings.php:17
actionadmin_initincludes\class-admin-settings.php:18
actionadmin_enqueue_scriptsincludes\class-admin-settings.php:19
filterwp_redirectincludes\class-admin-settings.php:48
actionwp_enqueue_scriptsincludes\class-asset-optimizer.php:26
actionwp_headincludes\class-asset-optimizer.php:27
actionwp_enqueue_scriptsincludes\class-asset-optimizer.php:32
actionwp_footerincludes\class-asset-optimizer.php:33
filterscript_loader_tagincludes\class-asset-optimizer.php:38
actionwp_enqueue_scriptsincludes\class-asset-optimizer.php:43
actionwp_headincludes\class-asset-optimizer.php:48
filterscript_loader_tagincludes\class-asset-optimizer.php:469
actionplugins_loadedincludes\class-cache-checker.php:26
actionadmin_noticesincludes\class-cache-checker.php:28
filtercron_schedulesincludes\class-cache-preload.php:20
actionopticache_cache_clearedincludes\class-cache-preload.php:33
actionsetup_themeincludes\class-cdn.php:58
filterwp_resource_hintsincludes\class-cdn.php:59
actionsave_postincludes\class-cdn.php:64
actiondelete_postincludes\class-cdn.php:65
actionswitch_themeincludes\class-cdn.php:66
actioncustomize_save_afterincludes\class-cdn.php:67
actionopticache_cache_clearedincludes\class-cdn.php:68
actionsave_postincludes\class-cdn.php:73
actiondeleted_postincludes\class-cdn.php:74
actionedit_postincludes\class-cdn.php:75
actionswitch_themeincludes\class-cdn.php:76
actioncomment_postincludes\class-cdn.php:77
actionwp_set_comment_statusincludes\class-cdn.php:78
actionopticache_cache_clearedincludes\class-cdn.php:79
actionshutdownincludes\class-cdn.php:81
actionadmin_bar_menuincludes\class-cdn.php:88
actionadmin_post_opticache_purge_cloudflareincludes\class-cdn.php:89
actionadmin_post_opticache_purge_varnishincludes\class-cdn.php:90
actionadmin_noticesincludes\class-cdn.php:104
actionload-toplevel_page_opticacheincludes\class-conflict-detector.php:20
actionopticache_db_cleanupincludes\class-database-optimizer.php:26
filterwp_resource_hintsincludes\class-disable-emoji.php:29
filtertiny_mce_pluginsincludes\class-disable-emoji.php:32
filteremoji_svg_urlincludes\class-disable-emoji.php:35
actionadmin_noticesincludes\class-disk-space-notice.php:19
actionadmin_enqueue_scriptsincludes\class-disk-space-notice.php:21
actionwp_headincludes\class-font-preload.php:24
filterstyle_loader_tagincludes\class-font-preload.php:28
actionwp_headincludes\class-font-preload.php:29
actionwp_headincludes\class-font-preload.php:34
filteropticache_html_bufferincludes\class-font-preload.php:39
actioninitincludes\class-heartbeat-control.php:22
filterheartbeat_settingsincludes\class-heartbeat-control.php:23
actionwp_footerincludes\class-js-debug.php:46
filteropticache_html_bufferincludes\class-js-delay.php:48
actionwp_footerincludes\class-js-delay.php:51
actionwp_headincludes\class-js-delay.php:54
filterthe_contentincludes\class-lazy-load.php:33
filterpost_thumbnail_htmlincludes\class-lazy-load.php:34
filterget_avatarincludes\class-lazy-load.php:35
filterwidget_textincludes\class-lazy-load.php:36
filteropticache_html_bufferincludes\class-lazy-load.php:39
actionwp_headincludes\class-lazy-load.php:42
actionwp_headincludes\class-lazy-load.php:46
actionwp_footerincludes\class-lazy-load.php:47
filterthe_contentincludes\class-lazy-load.php:52
filteropticache_html_bufferincludes\class-lazy-load.php:53
actionwp_footerincludes\class-lazy-load.php:58
actionwp_footerincludes\class-link-prefetch.php:39
actionshutdownincludes\class-object-cache-metrics.php:41
actionadmin_bar_menuincludes\class-opticache.php:288
actionactivated_pluginincludes\class-opticache.php:307
actiondeleted_pluginincludes\class-opticache.php:308
actionopticache_cleanupincludes\class-opticache.php:331
actionupgrader_process_completeincludes\class-opticache.php:334
filterupgrader_pre_installincludes\class-opticache.php:338
actionupgrader_process_completeincludes\class-opticache.php:341
actionupdated_optionincludes\class-opticache.php:344
actionsave_postincludes\class-page-cache.php:28
actionedit_postincludes\class-page-cache.php:29
actionwp_insert_postincludes\class-page-cache.php:30
actionpost_updatedincludes\class-page-cache.php:31
actiondelete_postincludes\class-page-cache.php:32
actiontrash_postincludes\class-page-cache.php:33
actioncomment_postincludes\class-page-cache.php:36
actionedit_commentincludes\class-page-cache.php:37
actionupdate_option_sidebars_widgetsincludes\class-page-cache.php:40
filterwidget_update_callbackincludes\class-page-cache.php:41
actionwp_update_nav_menuincludes\class-page-cache.php:44
actionswitch_themeincludes\class-page-cache.php:47
actioncustomize_save_afterincludes\class-page-cache.php:48
actionupdate_option_permalink_structureincludes\class-page-cache.php:51
actionupdate_option_page_on_frontincludes\class-page-cache.php:52
actionupdate_option_page_for_postsincludes\class-page-cache.php:53
actionupdate_option_show_on_frontincludes\class-page-cache.php:54
actionwoocommerce_product_set_stock_statusincludes\class-page-cache.php:57
actionwoocommerce_product_set_stockincludes\class-page-cache.php:58
actionwoocommerce_update_productincludes\class-page-cache.php:59
actionedd_save_downloadincludes\class-page-cache.php:62
actionavada_options_saveincludes\class-page-cache.php:65
actionfusion_builder_history_savedincludes\class-page-cache.php:66
actionfusion_builder_after_save_historyincludes\class-page-cache.php:67
filterfusion_save_post_return_valueincludes\class-page-cache.php:68
actionelementor/editor/after_saveincludes\class-page-cache.php:71
actionelementor/core/files/clear_cacheincludes\class-page-cache.php:72
actionacf/save_postincludes\class-page-cache.php:75
actionupgrader_process_completeincludes\class-page-cache.php:78
actionactivated_pluginincludes\class-page-cache.php:79
actiondeactivated_pluginincludes\class-page-cache.php:80
actiontemplate_redirectincludes\class-page-cache.php:92
actiontemplate_redirectincludes\class-page-cache.php:95
actionadmin_initincludes\class-review-notice.php:22
actionadmin_noticesincludes\class-review-notice.php:23
actionadmin_enqueue_scriptsincludes\class-review-notice.php:24
filterscript_loader_srcincludes\class-wp-hardening.php:32
filterstyle_loader_srcincludes\class-wp-hardening.php:33
filterxmlrpc_enabledincludes\class-wp-hardening.php:38
filterwp_headersincludes\class-wp-hardening.php:39
filterpings_openincludes\class-wp-hardening.php:40
filterthe_generatorincludes\class-wp-hardening.php:46
filterwp_revisions_to_keepincludes\class-wp-hardening.php:72
actionadmin_initincludes\class-wp-hardening.php:77
actionwp_footerincludes\class-wp-hardening.php:123
filterrewrite_rules_arrayincludes\class-wp-hardening.php:126
actionplugins_loadedopticache.php:72
actioninitopticache.php:75
actioninitopticache.php:81
actionadmin_enqueue_scriptsopticache.php:92
actioninitopticache.php:102
filterplugin_row_metaopticache.php:104
actionadmin_enqueue_scriptsopticache.php:146

Scheduled Events 2

opticache_db_cleanup
opticache_cleanup
Maintenance & Trust

OptiCache Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 12, 2026
PHP min version8.0
Downloads391

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

OptiCache Alternatives

All in one Minifier

All in one Minifier

all-in-one-minifier

B
76

Reduce your page load by minify your HTML source on page with all the CSS and JS code present in your page.

10 1 unpatched
Quickfire Cache and Speed Booster

Quickfire Cache and Speed Booster

quickfire-cache-speed-booster

A
100

Boost website performance with page caching, HTML/CSS/JS minification, lazy loading, script deferring, and server optimization.

0 No CVEs
Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer

clearfy

A
95

Optimize and tweak WordPress by disable unused features. Improve performance, SEO and security using Clearfy — super easy, fast and zero code.

50K 6 CVEs
LWS Optimize – All-in-One Speed Booster & Cache Tools

LWS Optimize – All-in-One Speed Booster & Cache Tools

lws-optimize

A
99

All-in-one speed optimization: caching, WebP/AVIF, Critical CSS, lazy loading, CDN, and more. Instantly boost Core Web Vitals and site speed!

10K 2 CVEs
WP Compress – Instant Performance & Speed Optimization

WP Compress – Instant Performance & Speed Optimization

wp-compress-image-optimizer

B
82

Everything you need for a faster website – smart optimization, advanced caching, adaptive images, WebP creation, script improvements, optional CDN del …

10K 13 CVEs
Developer Profile

OptiCache Developer Profile

artiosmedia

8 plugins · 5K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
14 days
View full developer profile
Detection Fingerprints

How We Detect OptiCache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

JS Globals
OptiCache_WP_Object_Cache
FAQ

Frequently Asked Questions about OptiCache