Does Static Cache Wrangler have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Static Cache Wrangler compatible with WordPress 6.9.4?

According to WordPress.org data, Static Cache Wrangler 2.1.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Static Cache Wrangler compatible with PHP 7.4+?

Static Cache Wrangler requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Static Cache Wrangler updated?

Static Cache Wrangler was last updated on Mar 19, 2026. Frequent updates are generally a positive security signal.

What is Static Cache Wrangler's security score?

Static Cache Wrangler has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Static Cache Wrangler Security & Risk Analysis

wordpress.org/plugins/static-cache-wrangler

Export your WordPress site as a static HTML website — fast, secure, and offline-ready with WP-CLI support.

10 active installs v2.1.6 PHP 7.4+ WP 5.0+ Updated Mar 19, 2026

cachehtml-exportstatic-sitestatic-site-exportstatic-site-generator

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Static Cache Wrangler Safe to Use in 2026?

Generally Safe

Score 100/100

Static Cache Wrangler has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "static-cache-wrangler" plugin v2.1.6 demonstrates a generally good security posture with several strengths. The code analysis reveals a low attack surface, with only one entry point identified. Critically, this single entry point is an AJAX handler that lacks authentication checks, presenting a significant security concern. While dangerous functions are absent and SQL queries are handled securely with prepared statements, the lack of authorization on an AJAX endpoint leaves it vulnerable to unauthorized actions by unauthenticated users. The plugin also shows excellent output escaping and a good number of capability checks, indicating developer attention to preventing common vulnerabilities.

Key Concerns

AJAX handler without auth checks

Vulnerabilities

None known

Static Cache Wrangler Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Static Cache Wrangler Release Timeline

v2.1.6Current

v2.1.5

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.7

v2.0.6

Code Analysis

Analyzed Apr 16, 2026

Static Cache Wrangler Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

134 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

99% escaped136 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

handle_toggle (admin/class-stcw-admin.php:123)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Static Cache Wrangler Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_stcw_process_pendingincludes/class-stcw-core.php:45

WordPress Hooks 13

actionadmin_bar_menuadmin/class-stcw-admin-bar.php:19

actionwp_enqueue_scriptsadmin/class-stcw-admin-bar.php:20

actionadmin_enqueue_scriptsadmin/class-stcw-admin-bar.php:21

actionadmin_menuadmin/class-stcw-admin.php:22

actionadmin_post_stcw_toggleadmin/class-stcw-admin.php:23

actionadmin_post_stcw_clearadmin/class-stcw-admin.php:24

actionadmin_post_stcw_downloadadmin/class-stcw-admin.php:25

actionadmin_enqueue_scriptsadmin/class-stcw-admin.php:26

actionwpincludes/class-stcw-core.php:41

actionstcw_process_assetsincludes/class-stcw-core.php:42

actionadmin_footerincludes/class-stcw-core.php:48

actionwp_footerincludes/class-stcw-core.php:49

actionplugins_loadedstatic-site.php:191

Scheduled Events 3

stcw_process_assets

Maintenance & Trust

Static Cache Wrangler Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 19, 2026

PHP min version7.4

Downloads602

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Static Cache Wrangler Alternatives

Export WordPress Pages to Static HTML & PDF — Static Site Export

export-wp-page-to-static-html

Export WordPress pages, posts, and custom post types to clean static HTML or PDF files in one click. Create fast, secure static versions of your WordP …

5K 5 CVEs

Statixly

statixly

100

Generate a static HTML version of your WordPress website and download it as a ZIP archive.

0 No CVEs

Simply Static – The Static Site Generator

simply-static

Convert WordPress to static HTML. Boost performance 3-5x. Eliminate security vulnerabilities. Deploy anywhere.

30K 2 CVEs

WPGatsby

wp-gatsby

WPGatsby is a free open-source WordPress plugin that optimizes your WordPress site to work as a data source for Gatsby. This plugin must be used in c …

3K No CVEs

QuantCDN

quant

100

QuantCDN static site generator and edge integration. Push a static export of your Wordpress site with ease.

70 No CVEs

Developer Profile

Static Cache Wrangler Developer Profile

derickschaefer

6 plugins · 40 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Static Cache Wrangler

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/static-cache-wrangler/admin/js/stcw-admin-bar-handler.js

Script Paths