Does Rest API Cache have any unpatched vulnerabilities?

No. All known vulnerabilities in Rest API Cache have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Rest API Cache compatible with WordPress 4.9.29?

According to WordPress.org data, Rest API Cache 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Rest API Cache updated?

Rest API Cache was last updated on Jun 20, 2019. Frequent updates are generally a positive security signal.

What is Rest API Cache's security score?

Rest API Cache has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Rest API Cache Security & Risk Analysis

wordpress.org/plugins/rest-api-cache

Boost your application speed by caching the WordPress REST API.

10 active installs v1.0.0 PHP + WP 4.3+ Updated Jun 20, 2019

rest-api-cacherest-apiwoocommerce-apiwp-rest-api-cachewp-rest-api

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Rest API Cache Safe to Use in 2026?

Generally Safe

Score 85/100

Rest API Cache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The 'rest-api-cache' v1.0.0 plugin presents a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and avoids dangerous functions, file operations, and external HTTP requests. The absence of any recorded vulnerabilities in its history is also a strong indicator of past stability. However, significant concerns arise from its attack surface. The plugin exposes two AJAX handlers, both of which lack authentication checks. This is a critical security weakness, as it allows any user, authenticated or not, to potentially trigger these handlers, leading to unintended actions or information disclosure.

While taint analysis shows no unsanitized paths, the lack of capability checks on the exposed AJAX endpoints means that even if the code itself is secure in terms of sanitization, the entry points are unprotected. The low percentage of properly escaped output (35%) also suggests a risk of Cross-Site Scripting (XSS) vulnerabilities, although this is mitigated somewhat by the absence of specific taint flows pointing to critical or high severity issues. The vulnerability history is clean, which is a positive sign, but it does not negate the current identified risks within the code's structure and access controls.

Key Concerns

2 AJAX handlers without auth checks
Low percentage of properly escaped output
0 capability checks on entry points

Vulnerabilities

None known

Rest API Cache Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Rest API Cache Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

35% escaped20 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

vsz_rest_api_cache_clear_cache_callback (admin\class-rest-api-cache-admin.php:130)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Rest API Cache Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_adv_clear_cacheincludes\class-rest-api-cache.php:164

noprivwp_ajax_adv_clear_cacheincludes\class-rest-api-cache.php:165

WordPress Hooks 10

actionplugins_loadedincludes\class-rest-api-cache.php:142

actionadmin_enqueue_scriptsincludes\class-rest-api-cache.php:157

actionadmin_enqueue_scriptsincludes\class-rest-api-cache.php:158

actionadmin_menuincludes\class-rest-api-cache.php:161

actionwp_before_admin_bar_renderincludes\class-rest-api-cache.php:168

actionadmin_footerincludes\class-rest-api-cache.php:172

actionwp_enqueue_scriptsincludes\class-rest-api-cache.php:189

actionwp_enqueue_scriptsincludes\class-rest-api-cache.php:190

filterrest_pre_dispatchincludes\class-rest-api-cache.php:193

filtervsz_rest_cache_skipincludes\class-rest-api-cache.php:195

Maintenance & Trust

Rest API Cache Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedJun 20, 2019

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Rest API Cache Alternatives

WP REST Cache

wp-rest-cache

Enable caching of the WordPress REST API and auto-flush caches upon wp-admin editing.

10K 1 CVE

REST API Log

wp-rest-api-log

WordPress plugin to log REST API requests and responses

5K No CVEs

REST API Toolbox

rest-api-toolbox

Allows tweaking of several REST API settings

2K No CVEs

WP API Menus

wp-api-menus

Extends WordPress WP REST API with new routes pointing to WordPress menus.

2K No CVEs

WP API SwaggerUI

wp-api-swaggerui

WordPress REST API with Swagger UI.

2K No CVEs

Developer Profile

Rest API Cache Developer Profile

Vsourz Digital

8 plugins · 78K total installs

trust score

Avg Security Score

80/100

Avg Patch Time

845 days

View full developer profile

Detection Fingerprints

How We Detect Rest API Cache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rest-api-cache/css/rest-api-cache-admin.css/wp-content/plugins/rest-api-cache/css/bootstrap.min.css/wp-content/plugins/rest-api-cache/css/fSelect.css/wp-content/plugins/rest-api-cache/js/rest-api-cache-admin.js/wp-content/plugins/rest-api-cache/js/bootstrap.min.js/wp-content/plugins/rest-api-cache/js/fSelect.js

Script Paths

/wp-content/plugins/rest-api-cache/js/rest-api-cache-admin.js

Version Parameters

rest-api-cache-admin.css?ver=bootstrap.min.css?ver=fSelect.css?ver=rest-api-cache-admin.js?ver=bootstrap.min.js?ver=fSelect.js?ver=

HTML / DOM Fingerprints

HTML Comments

<!--
*
*
* @link              https://www.vsourz.com
* @since             1.0.0
* @package           Rest_Api_Cache
*
* Plugin Name:       Rest API Cache
* Plugin URI:        https://wordpress.org/plugins/rest-api-cache/
* Description:       Boost your application speed by caching the WordPress REST API.
* Version:           1.0.0
* Author:            Vsourz Digital
* Author URI:        https://www.vsourz.com
* License:           GPL-2.0+
* License URI:       http://www.gnu.org/licenses/gpl-2.0.txt
* Text Domain:       rest-api-cache
* Domain Path:       /languages
-->

<!--
*
* The admin-specific functionality of the plugin.
*
* @link       http://www.vsourz.com
* @since      1.0.0
*
* @package    Rest_Api_Cache
* @subpackage Rest_Api_Cache/admin
-->

<!--
*
* The admin-specific functionality of the plugin.
*
* Defines the plugin name, version, and two examples hooks for how to
* enqueue the admin-specific stylesheet and JavaScript.
*
* @package    Rest_Api_Cache
* @subpackage Rest_Api_Cache/admin
* @author     Vsourz Digital <mehul@vsourz.com>
-->

+5 more

Data Attributes

data-toggle="dropdown"data-hover="dropdown"data-close-others="true"

JS Globals

var adv_rest_api_cache_objectadv_rest_api_cache_object

FAQ

Rest API Cache Security & Risk Analysis

Is Rest API Cache Safe to Use in 2026?

Generally Safe

Key Concerns

Rest API Cache Security Vulnerabilities

Rest API Cache Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Rest API Cache Attack Surface

AJAX Handlers 2

Rest API Cache Maintenance & Trust

Maintenance Signals

Community Trust

Rest API Cache Alternatives

WP REST Cache

REST API Log

REST API Toolbox

WP API Menus

WP API SwaggerUI

Rest API Cache Developer Profile

How We Detect Rest API Cache

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Rest API Cache