Does Rapid Canonical URLs have any unpatched vulnerabilities?

No. All known vulnerabilities in Rapid Canonical URLs have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Rapid Canonical URLs compatible with WordPress 6.9.4?

According to WordPress.org data, Rapid Canonical URLs 1.0.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Rapid Canonical URLs compatible with PHP 5.6.20+?

Rapid Canonical URLs requires PHP 5.6.20 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Rapid Canonical URLs updated?

Rapid Canonical URLs was last updated on Nov 15, 2025. Frequent updates are generally a positive security signal.

What is Rapid Canonical URLs's security score?

Rapid Canonical URLs has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Rapid Canonical URLs Security & Risk Analysis

wordpress.org/plugins/rapid-canonical-urls

Reduce 301 redirects and HTTP requests by using HTML5’s history API to show visitors the correct, canonical URL.

100 active installs v1.0.3 PHP 5.6.20+ WP 4.4.0+ Updated Nov 15, 2025

canonical-urlshistory-apihtml5

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Rapid Canonical URLs Safe to Use in 2026?

Generally Safe

Score 100/100

Rapid Canonical URLs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'rapid-canonical-urls' plugin version 1.0.3 demonstrates a strong security posture based on the provided static analysis. It has no identifiable attack surface points, such as AJAX handlers, REST API routes, or shortcodes, meaning there are no direct entry points for external interaction. Furthermore, the code analysis reveals no dangerous function usage, no direct SQL queries (all are prepared statements), no file operations, and no external HTTP requests. This indicates a well-written and secure codebase in terms of preventing common web vulnerabilities.

The primary concern arising from the static analysis is the complete lack of output escaping for the single output identified. This means any data displayed by the plugin, even if it originates from trusted sources, is not being properly sanitized for output, presenting a potential cross-site scripting (XSS) vulnerability. While the vulnerability history is clean, showing no known CVEs, this single finding of unescaped output is a significant weakness that requires immediate attention. The absence of capability checks and nonce checks, while less concerning given the lack of attack surface, would be critical if any entry points were present.

In conclusion, 'rapid-canonical-urls' v1.0.3 is largely secure due to its limited attack surface and adherence to best practices like prepared SQL statements. However, the failure to escape output is a critical security flaw that could be exploited. The clean vulnerability history is positive but does not negate the immediate risk posed by the unescaped output.

Key Concerns

Output is not properly escaped

Vulnerabilities

None known

Rapid Canonical URLs Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Rapid Canonical URLs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

Rapid Canonical URLs Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

filterredirect_canonicalinc\namespace.php:8

filterredirect_canonicalinc\namespace.php:9

actionwp_headinc\namespace.php:62

actionplugins_loadedrapid-canonical-urls.php:13

Maintenance & Trust

Rapid Canonical URLs Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 15, 2025

PHP min version5.6.20

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Rapid Canonical URLs Alternatives

Easy Video Player

easy-video-player

Easy Video Player is a WordPress video player that allows you to add videos to your WordPress site.

20K 2 CVEs

FV Flowplayer Video Player

fv-wordpress-flowplayer

WordPress's most reliable, easy to use and feature-rich video player. Supports responsive design, HTML5, playlists, ads, stats, Vimeo and YouTube.

20K 23 CVEs

HTML5 Video Player – Embed and Play Videos in Custom Player

html5-video-player

HTML5 Video Player Plugin lets you embed responsive videos in WordPress. It’s easy to use, fast, and supports MP4, WebM, OGG, FLV, Youtube and Vimeo.

20K 8 CVEs

AudioIgniter Music Player

audioigniter

100

AudioIgniter lets you create music playlists and embed them in your WordPress posts, pages or custom post types and serve your audio content in style!

10K No CVEs

Videojs HTML5 Player

videojs-html5-player

Embed video file beautifully in WordPress using Video.js HTML5 Player. Embed HTML5 compatible responsive video in your post/page with Video.js.

8K 2 CVEs

Developer Profile

Rapid Canonical URLs Developer Profile

Peter Wilson

5 plugins · 180 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Rapid Canonical URLs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

JS Globals

window.history

FAQ