WP-Safety

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Security & Risk Analysis

wordpress.org/plugins/rabbit-loader

All-in-one AI speed optimization plugin for WordPress & WooCommerce websites. Get faster loading pages and near-perfect PageSpeed scores — in just …

3K active installs v2.24.5 PHP 5.6+ WP 5.0+ Updated Jan 29, 2026
cachingcdncore-web-vitalspagespeedperformance
99
A · Safe
CVEs total2
Unpatched0
Last CVEOct 1, 2024
Plugin page Download
Safety Verdict

Is RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: Oct 1, 2024Updated 3mo ago
Risk Assessment

The rabbit-loader plugin v2.24.5 exhibits a concerning security posture, primarily due to a significant number of unprotected AJAX handlers. The static analysis reveals 5 AJAX handlers, all of which lack proper authentication checks, creating a substantial attack surface. While the plugin avoids dangerous functions and uses prepared statements for SQL queries, the lack of authorization on key entry points is a critical weakness. Furthermore, only 37% of output is properly escaped, which, combined with unprotected AJAX endpoints, strongly suggests a risk of Cross-Site Scripting (XSS) vulnerabilities.

The vulnerability history shows 2 known medium-severity CVEs, both related to XSS and missing authorization. The fact that there are no currently unpatched vulnerabilities is a positive sign, suggesting the developers address reported issues. However, the recurring pattern of missing authorization and XSS vulnerabilities, coupled with the current code analysis findings, indicates a persistent oversight in secure coding practices. While the plugin shows some strengths like avoiding raw SQL and dangerous functions, the unprotected entry points and output escaping issues present a clear and present danger to WordPress sites using this plugin.

Key Concerns

  • Unprotected AJAX handlers
  • Low output escaping percentage
  • Missing authorization on AJAX
  • Medium severity vulnerabilities historically
Vulnerabilities
2 published

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2024-8800medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more <= 2.21.0 - Reflected Cross-Site Scripting

Oct 1, 2024 Patched in 2.21.1 (1d)
CVE-2024-21751medium · 5.4Missing Authorization

RabbitLoader <= 2.19.13 - Missing Authorization via multiple AJAX actions

Jan 8, 2024 Patched in 2.19.14 (15d)
Version History

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Release Timeline

v2.24.5Current
v2.24.4
v2.24.3
v2.24.2
v2.24.1
v2.24.0
v2.23.0
v2.22.5
v2.22.4
v2.22.3
v2.22.2
v2.22.1
v2.22.0
v2.21.1
v2.21.01 CVE
CVE-2024-8800
v2.20.21 CVE
CVE-2024-8800
v2.20.11 CVE
CVE-2024-8800
v2.20.01 CVE
CVE-2024-8800
v2.19.201 CVE
CVE-2024-8800
v2.19.191 CVE
CVE-2024-8800
Code Analysis
Analyzed Mar 16, 2026

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
65
38 escaped
Nonce Checks
1
Capability Checks
4
File Operations
37
External Requests
13
Bundled Libraries
0

Output Escaping

37% escaped103 total outputs
Attack Surface
5 unprotected

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Attack Surface

Entry Points5
Unprotected5

AJAX Handlers 5

authwp_ajax_rabbitloader_ajax_purgeinc\admin.php:59
noprivwp_ajax_rabbitloader_ajax_purgeinc\admin.php:60
authwp_ajax_rabbitloader_mode_changeinc\admin.php:62
authwp_ajax_rabbitloader_ajax_croninc\admin.php:90
authwp_ajax_rabbitloader_warmup_urlsinc\admin.php:94
WordPress Hooks 44
actionadmin_noticesinc\admin.php:17
actionadmin_initinc\admin.php:18
actionnetwork_admin_noticesinc\admin.php:19
actionadmin_menuinc\admin.php:20
actionadmin_enqueue_scriptsinc\admin.php:21
actionrl_site_connectedinc\admin.php:107
actionplugins_loadedinc\admin.php:110
actionwp_print_scriptsinc\admin.php:113
actionadmin_headinc\admin.php:137
actionadmin_headinc\admin.php:145
actionadmin_enqueue_scriptsinc\ad_ad.php:10
actioninitinc\public.php:22
actionshutdowninc\public.php:23
filterwp_redirectinc\public.php:24
filterredirect_canonicalinc\public.php:25
filterpre_handle_404inc\public.php:26
filterpaginate_linksinc\public.php:27
filternonce_lifeinc\public.php:28
actionkirki_output_inline_stylesinc\public.php:34
actionadmin_bar_menuinc\public.php:45
actionwp_enqueue_scriptsinc\public.php:46
filterscript_loader_taginc\pub_cdn.php:32
filterscript_loader_srcinc\pub_cdn.php:33
filterstyle_loader_srcinc\pub_cdn.php:34
filterwp_get_attachment_urlinc\pub_cdn.php:35
filterwp_calculate_image_srcsetinc\pub_cdn.php:36
actionwp_headinc\rl_can_url.php:15
actiontemplate_redirectinc\util_wp.php:14
actionsave_postrabbit-loader.php:20
actionwp_insert_postrabbit-loader.php:27
actiondraft_to_publishrabbit-loader.php:30
actionpending_to_publishrabbit-loader.php:35
actiontransition_post_statusrabbit-loader.php:40
actiontransition_comment_statusrabbit-loader.php:47
actioncomment_postrabbit-loader.php:50
actionswitch_themerabbit-loader.php:57
actionwoocommerce_updated_product_stockrabbit-loader.php:61
actionwoocommerce_updated_product_pricerabbit-loader.php:64
actionwoocommerce_rest_insert_productrabbit-loader.php:67
actionwoocommerce_rest_insert_product_objectrabbit-loader.php:70
actionwoocommerce_product_object_updated_propsrabbit-loader.php:73
actionadmin_enqueue_scriptsrabbit-loader.php:85
actionadmin_initrabbit-loader.php:93
filterplugin_action_links_rabbit-loader/rabbit-loader.phprabbit-loader.php:121
Maintenance & Trust

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJan 29, 2026
PHP min version5.6
Downloads236K

Community Trust

Rating92/100
Number of ratings66
Active installs3K
Alternatives

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Alternatives

W3 Total Cache

W3 Total Cache

w3-total-cache

B
75

Search Engine (SEO) & Performance Optimization (WPO) via caching. Integrated caching: CDN, Page, Minify, Object, Fragment, Database support.

900K 29 CVEs
Admin Speedo

Admin Speedo

admin-speedo

A
85

AdminSpeedo is a simple method of boosting your WordPress admin dashboard and freeing your site code from unnecessary and not needed items.

10 No CVEs
DigitalDive Edge Cache for Cloudflare

DigitalDive Edge Cache for Cloudflare

digitaldive-edge-cache-cloudflare

A
100

Conservative Cloudflare full-page edge caching for WordPress with safe defaults.

0 No CVEs
LiteSpeed Cache

LiteSpeed Cache

litespeed-cache

A
86

All-in-one unbeatable acceleration & PageSpeed improvement: caching, image/CSS/JS optimization...

7.0M 18 CVEs
WP Fastest Cache – WordPress Cache Plugin

WP Fastest Cache – WordPress Cache Plugin

wp-fastest-cache

B
76

The simplest and fastest WP Cache system

1.0M 35 CVEs
Developer Profile

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce Developer Profile

RabbitLoader

1 plugin · 3K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
8 days
View full developer profile
Detection Fingerprints

How We Detect RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rabbit-loader/admin/css/index.css
Script Paths
/wp-content/plugins/rabbit-loader/admin/js/index.js
Version Parameters
rabbit-loader/admin/js/index.js?ver=rabbit-loader/admin/css/index.css?ver=

HTML / DOM Fingerprints

CSS Classes
rabbitloader-container
HTML Comments
<!-- RabbitLoader -->
Data Attributes
data-rl-id
JS Globals
RLAdmin
FAQ

Frequently Asked Questions about RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce