WP-Safety

Pressidium Performance Security & Risk Analysis

wordpress.org/plugins/pressidium-performance

Speed up your WordPress site, improve Core Web Vitals and enhance user experience with one-click image optimization, CSS & JavaScript minification.

100 active installs v1.0.1 PHP 8.1+ WP 6.9+ Updated Jan 16, 2026
convert-avifconvert-webpimage-optimizationoptimizationsperformance
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Pressidium Performance Safe to Use in 2026?

Generally Safe

Score 100/100

Pressidium Performance has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "pressidium-performance" v1.0.1 plugin demonstrates a generally good security posture, with strong practices in output escaping and a high percentage of SQL queries using prepared statements. The absence of known vulnerabilities in its history is a positive indicator. However, there are a few areas that warrant attention. The presence of two dangerous functions, `unserialize` and `preg_replace(/e)`, suggests potential risks if these functions are used with user-supplied data without proper sanitization. While no taint flows were found in this specific analysis, the potential for exploitation exists if these functions are invoked in vulnerable contexts. Additionally, the plugin has one REST API route exposed without permission callbacks, creating an unprotected entry point that could be leveraged by unauthenticated users.

Key Concerns

  • REST API route without permission callbacks
  • Use of unserialize function
  • Use of preg_replace with /e modifier
Vulnerabilities
None known

Pressidium Performance Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Pressidium Performance Code Analysis

Dangerous Functions
2
Raw SQL Queries
3
49 prepared
Unescaped Output
0
160 escaped
Nonce Checks
16
Capability Checks
14
File Operations
7
External Requests
2
Bundled Libraries
0

Dangerous Functions Found

unserializereturn @unserialize( $data, $options ); // @phpcs:ignoreincludes\Background_Processing\WP_Background_Process.php:939
preg_replace(/e)preg_replace('/eincludes\Dependencies\MatthiasMullie\Minify\JS.php:433

SQL Query Safety

94% prepared52 total queries

Output Escaping

100% escaped160 total outputs
Attack Surface
1 unprotected

Pressidium Performance Attack Surface

Entry Points15
Unprotected1

REST API Routes 15

GET/wp-json/pressidium-performance/v1/processesincludes\API\Background_Processes_API.php:229
POST/wp-json/pressidium-performance/v1/processes/pauseincludes\API\Background_Processes_API.php:241
POST/wp-json/pressidium-performance/v1/processes/resumeincludes\API\Background_Processes_API.php:265
POST/wp-json/pressidium-performance/v1/processes/cancelincludes\API\Background_Processes_API.php:289
GET/wp-json/pressidium-performance/v1/logsincludes\API\Logs_API.php:106
DELETE/wp-json/pressidium-performance/v1/logsincludes\API\Logs_API.php:125
POST/wp-json/pressidium-performance/v1/optimization/image/convertincludes\API\Optimization_API.php:442
POST/wp-json/pressidium-performance/v1/optimization/image/convert-allincludes\API\Optimization_API.php:461
GET/wp-json/pressidium-performance/v1/optimization/minification/minificationsincludes\API\Optimization_API.php:480
GET/wp-json/pressidium-performance/v1/optimization/concatenation/concatenationsincludes\API\Optimization_API.php:505
GET/wp-json/pressidium-performance/v1/optimization/statsincludes\API\Optimization_API.php:530
GET/wp-json/pressidium-performance/v1/settingsincludes\API\Settings_API.php:476
POST/wp-json/pressidium-performance/v1/settingsincludes\API\Settings_API.php:486
DELETE/wp-json/pressidium-performance/v1/settingsincludes\API\Settings_API.php:512
POST/wp-json/pressidium-performance/v1/feedbackincludes\Feedback\Feedback.php:163
WordPress Hooks 4
filtercron_schedulesincludes\Background_Processing\WP_Background_Process.php:131
actionadmin_noticespressidium-performance.php:135
actionadmin_noticespressidium-performance.php:141
actionplugins_loadedpressidium-performance.php:220
Maintenance & Trust

Pressidium Performance Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 16, 2026
PHP min version8.1
Downloads467

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

Pressidium Performance Alternatives

Image Optimizer – Optimize Images and Convert to WebP or AVIF

Image Optimizer – Optimize Images and Convert to WebP or AVIF

image-optimization

A
99

Automatically resize, optimize, and convert images to WebP and AVIF. Compress images in bulk or on upload to boost your WordPress site performance.

1.0M 1 CVE
Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

imagify

A
100

Optimize images in 1-click: compress images, convert to WebP & AVIF, resize, and boost your site with the easiest WordPress image optimization plugin!

1.0M No CVEs
Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

wp-smushit

A
93

Optimize and compress images with lossless and lossy compression, lazy load, WebP & AVIF conversion, and global image CDN.

1.0M 6 CVEs
Converter for Media – Optimize images | Convert WebP & AVIF

Converter for Media – Optimize images | Convert WebP & AVIF

webp-converter-for-media

A
93

Speed up your website by using our WebP & AVIF Converter. Optimize images and serve WebP and AVIF images instead of standard formats!

500K 4 CVEs
ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

shortpixel-image-optimiser

A
95

Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.

300K 7 CVEs
Developer Profile

Pressidium Performance Developer Profile

pressidium

2 plugins · 10K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Pressidium Performance

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pressidium-performance/assets/css/backend.css/wp-content/plugins/pressidium-performance/assets/css/frontend.css/wp-content/plugins/pressidium-performance/assets/js/backend.js/wp-content/plugins/pressidium-performance/assets/js/frontend.js
Script Paths
/wp-content/plugins/pressidium-performance/assets/js/backend.js/wp-content/plugins/pressidium-performance/assets/js/frontend.js
Version Parameters
pressidium-performance/assets/css/backend.css?ver=pressidium-performance/assets/css/frontend.css?ver=pressidium-performance/assets/js/backend.js?ver=pressidium-performance/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
pressidium-performance-settings-admin-page
HTML Comments
<!-- Pressidium Performance ------ Pressidium Performance --><!-- Pressidium Performance Settings Page -->
Data Attributes
data-pressidium-performance-id
JS Globals
pressidium_performance_settingspressidium_performance_globalspressidium_performance_admin_vars
REST Endpoints
/wp-json/pressidium-performance/v1/settings
Shortcode Output
[pressidium_performance_widget]
FAQ

Frequently Asked Questions about Pressidium Performance