WP-Safety

Perform – Performance Optimization for WordPress Security & Risk Analysis

wordpress.org/plugins/perform

Speed up your WordPress site by removing unused assets, optimize loading order, and much more; ideal for WooCommerce, page builders and busy sites.

200 active installs v1.5.1 PHP 7.4+ WP 4.8+ Updated Dec 6, 2025
assetscachingcdnoptimizeperformance
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Perform – Performance Optimization for WordPress Safe to Use in 2026?

Generally Safe

Score 100/100

Perform – Performance Optimization for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The plugin "perform" v1.5.1 exhibits a generally strong security posture based on the provided static analysis. The absence of direct SQL injection vulnerabilities through prepared statements, lack of exploitable taint flows, and presence of nonce and capability checks are significant strengths. The plugin also demonstrates good practice by avoiding file operations and external HTTP requests, further reducing its attack surface.

However, a notable concern is the moderate rate of improper output escaping, with 30% of outputs not being properly escaped. While taint analysis didn't reveal specific vulnerabilities, unescaped output can still lead to Cross-Site Scripting (XSS) attacks if user-supplied data is ever incorporated into these outputs without sanitization. The bundled Freemius library at v1.0 is also a potential point of concern if it contains known vulnerabilities that haven't been addressed in this specific version.

The plugin's vulnerability history being completely clear is a positive indicator, suggesting a history of secure development. This, combined with the static analysis findings, indicates a developer who prioritizes security. Nevertheless, the potential for XSS due to imperfect output escaping and the possibility of vulnerabilities in bundled libraries warrant attention for a comprehensive risk assessment.

Key Concerns

  • 30% of outputs not properly escaped
  • Bundled Freemius v1.0 library may be outdated
Vulnerabilities
None known

Perform – Performance Optimization for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Perform – Performance Optimization for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
40
94 escaped
Nonce Checks
1
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

70% escaped134 total outputs
Attack Surface

Perform – Performance Optimization for WordPress Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_perform_save_settingssrc\Admin\Settings\Menu.php:29
WordPress Hooks 51
actionadmin_enqueue_scriptssrc\Admin\Actions.php:30
actionadmin_bar_menusrc\Admin\Actions.php:31
filteradmin_footer_textsrc\Admin\Filters.php:24
filterpost_row_actionssrc\Admin\Filters.php:26
filterpage_row_actionssrc\Admin\Filters.php:27
actionadmin_menusrc\Admin\Settings\Menu.php:28
actionadmin_enqueue_scriptssrc\Admin\Settings\Menu.php:30
actionwp_enqueue_scriptssrc\Includes\Actions.php:26
actionwp_enqueue_scriptssrc\Includes\Actions.php:27
actionwp_footersrc\Modules\Assets_Manager.php:81
actiontemplate_redirectsrc\Modules\Assets_Manager.php:82
filterscript_loader_srcsrc\Modules\Assets_Manager.php:84
filterstyle_loader_srcsrc\Modules\Assets_Manager.php:85
actioninitsrc\Modules\Basic.php:51
actioninitsrc\Modules\Basic.php:56
actioninitsrc\Modules\Basic.php:61
filterwp_default_scriptssrc\Modules\Basic.php:71
actiondo_feedsrc\Modules\Basic.php:97
actiondo_feed_rdfsrc\Modules\Basic.php:98
actiondo_feed_rsssrc\Modules\Basic.php:99
actiondo_feed_rss2src\Modules\Basic.php:100
actiondo_feed_atomsrc\Modules\Basic.php:101
actionpre_pingsrc\Modules\Basic.php:111
actionwp_enqueue_scriptssrc\Modules\Basic.php:121
actionwp_print_scriptssrc\Modules\Basic.php:126
filterheartbeat_settingssrc\Modules\Basic.php:134
actionwp_print_scriptssrc\Modules\Basic.php:139
actionwp_headsrc\Modules\Basic.php:143
actionwp_headsrc\Modules\Basic.php:146
filterthe_generatorsrc\Modules\Basic.php:187
filterscript_loader_srcsrc\Modules\Basic.php:241
filterstyle_loader_srcsrc\Modules\Basic.php:242
filtertiny_mce_pluginssrc\Modules\Basic.php:302
filterwp_resource_hintssrc\Modules\Basic.php:303
filteremoji_svg_urlsrc\Modules\Basic.php:304
filterembed_oembed_discoversrc\Modules\Basic.php:367
filtertiny_mce_pluginssrc\Modules\Basic.php:368
filterrewrite_rules_arraysrc\Modules\Basic.php:369
filterxmlrpc_enabledsrc\Modules\Basic.php:415
filterpings_opensrc\Modules\Basic.php:416
filterwp_headerssrc\Modules\Basic.php:417
actiontemplate_redirectsrc\Modules\Cdn_Manager.php:42
filterpre_wp_nav_menusrc\Modules\Menu_Cache.php:94
filterwp_nav_menusrc\Modules\Menu_Cache.php:95
actionwp_update_nav_menusrc\Modules\Menu_Cache.php:96
actionwp_enqueue_scriptssrc\Modules\Woocommerce_Manager.php:44
actionwp_enqueue_scriptssrc\Modules\Woocommerce_Manager.php:54
actionwp_dashboard_setupsrc\Modules\Woocommerce_Manager.php:64
actionwidgets_initsrc\Modules\Woocommerce_Manager.php:74
actionplugins_loadedsrc\Plugin.php:34
actioninitsrc\Plugin.php:37
Maintenance & Trust

Perform – Performance Optimization for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 6, 2025
PHP min version7.4
Downloads6K

Community Trust

Rating100/100
Number of ratings2
Active installs200
Alternatives

Perform – Performance Optimization for WordPress Alternatives

W3 Total Cache

W3 Total Cache

w3-total-cache

B
75

Search Engine (SEO) & Performance Optimization (WPO) via caching. Integrated caching: CDN, Page, Minify, Object, Fragment, Database support.

900K 28 CVEs
LiteSpeed Cache

LiteSpeed Cache

litespeed-cache

B
82

All-in-one unbeatable acceleration & PageSpeed improvement: caching, image/CSS/JS optimization...

7.0M 18 CVEs
Breeze Cache

Breeze Cache

breeze

A
95

Breeze is a caching plugin developed by Cloudways. Breeze uses advance caching systems to improve site loading times exponentially.

400K 8 CVEs
Cachify

Cachify

cachify

A
100

Smart, efficient cache solution for WordPress. Use DB, HDD, Redis or Memcached for storing your blog pages. Make WordPress faster!

10K No CVEs
Swift Performance Lite

Swift Performance Lite

swift-performance-lite

A
96

Swift Performance is a cache and performance booster plugin. It can speed up your site, improve SEO scores and user experience.

7K 4 CVEs
Developer Profile

Perform – Performance Optimization for WordPress Developer Profile

Mehul Gohil

5 plugins · 220 total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Perform – Performance Optimization for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/perform/assets/dist/css/admin.css/wp-content/plugins/perform/assets/dist/js/admin.min.js/wp-content/plugins/perform/assets/dist/js/admin-settings.js
Script Paths
/wp-content/plugins/perform/assets/dist/js/admin.min.js/wp-content/plugins/perform/assets/dist/js/admin-settings.js
Version Parameters
perform/assets/dist/css/admin.css?ver=perform/assets/dist/js/admin.min.js?ver=perform/assets/dist/js/admin-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes
perform-settings-page
Data Attributes
data-perform-nonce
JS Globals
performwpSettings
FAQ

Frequently Asked Questions about Perform – Performance Optimization for WordPress