[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGc7clFxQzmabnJa3uXPIqepGXhWBb9PEB0H95I939gc":3,"$fIRnrTB1Wyric0KBMnzQi2iOAAYQm0i_U6F-9ykeGKFw":353,"$fM0xWGcbD-So9KjQIOTrUZtyKkScBXdsyn2WEV-7xMcA":357},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":37,"analysis":135,"fingerprints":332},"super-preloader-for-cloudflare","Super Preloader for Cloudflare","1.0.7","WP Fix Fast","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpfixfast\u002F","\u003Cp>Super Preloader for Cloudflare helps you warm your site’s edge cache across multiple Cloudflare nodes using proxies and a Worker URL. Perfect for globally distributed cache coverage.\u003C\u002Fp>\n\u003Ch3>Getting Started\u003C\u002Fh3>\n\u003Cp>This plugin helps warm up Cloudflare edge caches by preloading your public URLs using a Worker script and optional rotating proxies. It helps reduce time-to-first-byte (TTFB) and improve real user performance metrics by ensuring content is already cached near your visitors.\u003C\u002Fp>\n\u003Cp>Normally, Cloudflare only populates its edge cache in a specific location when a visitor from that region requests the page. This means content may be slow for first-time visitors in other geographic regions. By sending preload requests from various IP locations, the plugin helps increase Cloudflare cache hit rates across multiple edges.\u003C\u002Fp>\n\u003Cp>It works best when used together with a caching plugin like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-cloudflare-page-cache\u002F\" rel=\"ugc\">Super Page Cache\u003C\u002Fa>, since Cloudflare does not cache HTML responses by default—only static assets like images, CSS, and JS. This can lead to better scores in Core Web Vitals—especially the Largest Contentful Paint (LCP)—which is a key factor in SEO and user experience.\u003C\u002Fp>\n\u003Cp>To get started, follow the detailed instructions in our \u003Cstrong>How to Use\u003C\u002Fstrong> section below.\u003Cbr \u002F>\nRecommended steps:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Create and deploy your Cloudflare Worker URL  \u003C\u002Fli>\n\u003Cli>Get your Webshare proxies download link  \u003C\u002Fli>\n\u003Cli>Create your sitemap using Yoast SEO, RankMath SEO, or a similar plugin  \u003C\u002Fli>\n\u003Cli>Start preloading\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How to Use\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfixfast.com\u002Fblog\u002Fpreload-cloudflare-cache\u002F#what-is-cloudflare-edge\" rel=\"nofollow ugc\">What is Cloudflare Edge?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfixfast.com\u002Fblog\u002Fpreload-cloudflare-cache\u002F#why-you-should-set-up-super-page-cache-first\" rel=\"nofollow ugc\">Why you should set up Super Page Cache first\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfixfast.com\u002Fblog\u002Fpreload-cloudflare-cache\u002F#why-a-cloudflare-worker-is-needed-to-preload-cache\" rel=\"nofollow ugc\">Why a Cloudflare Worker is needed to preload cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfixfast.com\u002Fblog\u002Fpreload-cloudflare-cache\u002F#how-to-create-and-deploy-a-cloudflare-worker\" rel=\"nofollow ugc\">How to create and deploy a Cloudflare Worker\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfixfast.com\u002Fblog\u002Fpreload-cloudflare-cache\u002F#how-to-register-and-use-webshare-proxies\" rel=\"nofollow ugc\">How to register and use Webshare Proxies\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpfixfast.com\u002Fblog\u002Fpreload-cloudflare-cache\u002F#usage-notes-and-key-considerations\" rel=\"nofollow ugc\">Usage Notes and Key Considerations\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Preload your sitemap URLs into multiple Cloudflare edge locations using proxies and a custom Cloudflare Worker.",50,1417,100,3,"2026-04-16T07:47:00.000Z","6.9.4","6.0","7.4",[20,21,22,23,24],"cache","cloudflare","preload","proxy","wpfixfast","https:\u002F\u002Fwpfixfast.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.7.zip",0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":24,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},2,30,94,"2026-05-20T08:03:44.074Z",[38,59,80,98,116],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":16,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"varnish-http-purge","Proxy Cache Purge","5.9.0","Danila Vershinin","https:\u002F\u002Fprofiles.wordpress.org\u002Fdvershinin\u002F","\u003Cp>\u003Cstrong>This plugin \u003Cem>does not\u003C\u002Fem> install nor configure a cache proxy. It acts as an interface with such services.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>One common method of caching content for websites is via the use of reverse proxy caching. Common examples of this are \u003Ca href=\"https:\u002F\u002Fwww.varnish-cache.org\u002F\" rel=\"nofollow ugc\">Varnish\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.nginx.org\u002F\" rel=\"nofollow ugc\">NGINX\u003C\u002Fa>. These systems allow a website to update content and have the visitor’s experience cached without the need for complex plugins storing the files locally and using up a user’s disk space.\u003C\u002Fp>\n\u003Cp>A reverse proxy cache is installed in front of a server and reviews requests. If the page being requested is already cached, it delivers the cached content. Otherwise it generates the page and the cache on demand.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Proxy Cache Purge plugin sends a request to delete (aka flush) the cached data of a page or post every time it’s modified.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>When content on a site is updated by WordPress, the plugin reaches out to the proxy cache service with the URL of the page, requesting the cache be deleted.\u003C\u002Fp>\n\u003Cp>Not all pages are deleted from the cache on every change. For example, when a post, page, or custom post type is edited, or a new comment is added, \u003Cem>only\u003C\u002Fem> the following pages will purge:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The front page\u003C\u002Fli>\n\u003Cli>The post\u002Fpage edited\u003C\u002Fli>\n\u003Cli>Any categories, tags, and\u002For custom taxonomies associated with the page\u003C\u002Fli>\n\u003Cli>Related feeds\u003C\u002Fli>\n\u003Cli>Associated JSON API pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, your \u003Cem>entire\u003C\u002Fem> cache will be deleted on the following actions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Changing themes\u003C\u002Fli>\n\u003Cli>Pressing the \u003Cstrong>Empty Cache\u003C\u002Fstrong> button on the toolbar\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugins can hook into the purge actions as well, to filter their own events to trigger a purge.\u003C\u002Fp>\n\u003Cp>On a multisite network using subfolders, only \u003Cstrong>network admins\u003C\u002Fstrong> can purge the main site.\u003C\u002Fp>\n\u003Ch4>Development Mode\u003C\u002Fh4>\n\u003Cp>If you’re working on a site and need to turn off caching in one of two ways:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add \u003Ccode>define( 'VHP_DEVMODE', true );\u003C\u002Fcode> to your \u003Ccode>wp-config.php\u003C\u002Fcode> file\u003C\u002Fli>\n\u003Cli>Go to Proxy Cache -> Settings and enable Debug Mode for 24 hours at a time\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>That will break cache on page loads. It is \u003Cem>not\u003C\u002Fem> recommended for production!\u003C\u002Fp>\n\u003Ch4>Cache Tags (BETA)\u003C\u002Fh4>\n\u003Cp>As of version 5.4.0, Proxy Cache Purge includes an \u003Cstrong>optional Cache Tags \u002F Surrogate Keys purge mode\u003C\u002Fstrong>. This feature is marked as \u003Cstrong>BETA\u003C\u002Fstrong> and is disabled by default.\u003C\u002Fp>\n\u003Cp>When enabled, the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds cache-tag headers to WordPress responses (for example, tagging pages by post ID, post type, taxonomy terms, author, and archives).\u003C\u002Fli>\n\u003Cli>Uses tag-based purges instead of individual URL purges when content is updated, which can reduce purge traffic and improve consistency on complex sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A proxy cache that supports Cache Tags \u002F Surrogate Keys and advertises this via standard \u003Ccode>Surrogate-Capability\u003C\u002Fcode> headers (for example, \u003Ccode>Surrogate-Capability: vhp=\"Surrogate\u002F1.0 tags\u002F1\"\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>How to enable:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Proxy Cache \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Purge Method\u003C\u002Fstrong> and check \u003Cstrong>“Use Cache Tags (Surrogate Keys)”\u003C\u002Fstrong>. The checkbox is only enabled when your cache tells WordPress it supports tags (or when you explicitly enable it via a define).\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Alternatively, you can force-enable or force-disable detection via \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cp>define( ‘VHP_VARNISH_TAGS’, true );  \u002F\u002F Force treat cache as tag-capable\u003Cbr \u002F>\ndefine( ‘VHP_VARNISH_TAGS’, false ); \u002F\u002F Force treat cache as not tag-capable\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Because this feature depends on your cache configuration, it is recommended that you test it carefully in staging before enabling it on production.\u003C\u002Fp>\n\u003Ch4>Background Purging with WP-Cron\u003C\u002Fh4>\n\u003Cp>On busy sites, sending many PURGE requests directly from admin requests can slow things down. When you define \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> as \u003Ccode>true\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> (because you are running a real system cron that calls \u003Ccode>wp-cron.php\u003C\u002Fcode>), Proxy Cache Purge automatically switches to an asynchronous mode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purge requests (both URL-based and tag-based, when Cache Tags are enabled) are collected into a small per-site queue.\u003C\u002Fli>\n\u003Cli>The queue is processed by WP-Cron in the background, keeping your admin and content-editing actions responsive even when many URLs or tags must be invalidated.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Object-cache purges (the “Purge Database Cache” option) remain synchronous and are not affected by this behaviour. The Proxy Cache settings page and Site Health integration expose basic queue status so you can verify that background purging is healthy; if the queue appears large or very old, check that your system cron is correctly invoking WordPress cron.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important: Cron Frequency and Cache Freshness\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When using background purging, the frequency of your system cron determines how quickly cache invalidations are processed. The longer the interval between cron runs, the longer visitors may see stale content after updates.\u003C\u002Fp>\n\u003Cp>For minimal stale content, run your system cron every minute:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* * * * * \u002Fusr\u002Fbin\u002Fphp \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-cron.php\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you can tolerate slightly longer delays, every 2-5 minutes is also acceptable. However, running cron less frequently (e.g., every 15 minutes) means cache purges may be delayed by that amount after content changes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Scheduled posts are handled specially. When a scheduled post is published via WP-Cron, the cache is purged synchronously within the same cron run, ensuring immediate cache invalidation without waiting for the next cron execution.\u003C\u002Fp>\n\u003Cp>For detailed instructions on setting up a proper Linux-based WordPress cron, see: \u003Ca href=\"https:\u002F\u002Fwww.getpagespeed.com\u002Fweb-apps\u002Fwordpress\u002Fwordpress-cron-optimization\" rel=\"nofollow ugc\">WordPress Cron Optimization\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disabling Background Purging\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> defined but do not want background purging (for example, on low-traffic sites where immediate purges are preferred), you can force-disable cron-based purging by adding this to your \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'VHP_DISABLE_CRON_PURGING', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>With this constant set, all cache purges will execute immediately during the request, regardless of the \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> setting.\u003C\u002Fp>\n\u003Ch3>WP-CLI\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Purge\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Purge commands let you empty the cache.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish purge\u003C\u002Fcode> – Flush the entire site cache (equivalent to clicking “Empty Cache” in admin)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --all\u003C\u002Fcode> – Explicitly flush the entire site cache\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge \u003Curl>\u003C\u002Fcode> – Flush cache for a specific URL and all content below it (wildcard)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge \u003Curl> --url-only\u003C\u002Fcode> – Flush cache for only the exact URL specified (no wildcard)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=\u003Ctag>\u003C\u002Fcode> – Flush cache by tag (requires Cache Tags mode to be enabled)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish purge\u003C\u002Fcode> – Purge entire site\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --all\u003C\u002Fcode> – Same as above, more explicit\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fhello-world\u002F\u003C\u002Fcode> – Purge this URL and everything below it\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fhello-world\u002F --url-only\u003C\u002Fcode> – Purge only this exact URL\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fwp-content\u002Fthemes\u002F --wildcard\u003C\u002Fcode> – Purge all theme files\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=p-123\u003C\u002Fcode> – Purge all pages tagged with post ID 123\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=pt-post\u003C\u002Fcode> – Purge all cached pages of post type “post”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Debug\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Debugging can help you figure out why your cache isn’t working as well as it could. The default is for your home page, but you can pass any URL on your domain.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish debug [\u003Curl>]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Available parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[--include-headers]\u003C\u002Fcode> —  Include headers in debug check output\u003C\u002Fli>\n\u003Cli>\u003Ccode>[--include-grep]\u003C\u002Fcode> — Grep active theme and plugin directories for common issues\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>DevMode\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Development mode allows you to disable the cache, temporarily.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish devmode [\u003Cactivate|deactivate|toggle>]\u003C\u002Fcode> – Change development mode state\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Async purge queue (cron-mode)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you define \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> as \u003Ccode>true\u003C\u002Fcode> and run a real system cron for WordPress, Proxy Cache Purge can move heavy purge work into a small background queue that is processed by WP‑Cron.\u003C\u002Fp>\n\u003Cp>You can inspect and manage that queue via WP‑CLI:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish queue status\u003C\u002Fcode> – show whether cron-mode is active, if a full purge is queued, counts of queued URLs\u002Ftags, and the last queue run time.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish queue process\u003C\u002Fcode> – process any items currently in the queue (useful to run after deploys or cache‑sensitive operations).\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish queue clear\u003C\u002Fcode> – clear the queue without sending any PURGE requests.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These commands do not replace your normal WordPress cron (you still need a cron entry that calls \u003Ccode>wp cron event run --due-now\u003C\u002Fcode> or hits \u003Ccode>wp-cron.php\u003C\u002Fcode>), but they give you a simple operational handle when using cron‑mode.\u003C\u002Fp>\n\u003Ch4>Understanding Purge Behavior\u003C\u002Fh4>\n\u003Cp>There are different types of cache purges, and they behave differently:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Manual Purges (Admin Bar)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>“Purge Cache (All Pages)”\u003C\u002Fstrong> – Sends a single regex purge request to invalidate the entire cache. Always executes immediately.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“Purge Cache (this page)”\u003C\u002Fstrong> – Purges only the exact URL you’re viewing. Always executes immediately.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Manual purges are always immediate, even when background cron-mode is enabled. This is intentional: when you click a button, you expect immediate results.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic Purges (Post Save\u002FUpdate)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you save or update a post, the plugin automatically purges:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The post’s URL\u003C\u002Fli>\n\u003Cli>The homepage\u003C\u002Fli>\n\u003Cli>Category archive pages\u003C\u002Fli>\n\u003Cli>Tag archive pages\u003C\u002Fli>\n\u003Cli>Author archive page\u003C\u002Fli>\n\u003Cli>Date-based archives\u003C\u002Fli>\n\u003Cli>RSS feeds\u003C\u002Fli>\n\u003Cli>Related REST API endpoints\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This can be 20-50+ URLs depending on your site structure. When cron-mode is enabled, these automatic purges are queued and processed in the background to avoid slowing down the post editor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Difference\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>  Action\u003Cbr \u002F>\n  URLs Purged\u003Cbr \u002F>\n  Uses Cron Queue?\u003C\u002Fp>\n\u003Cp>  “Purge Cache (All Pages)”\u003Cbr \u002F>\n  1 (regex)\u003Cbr \u002F>\n  No – always immediate\u003C\u002Fp>\n\u003Cp>  “Purge Cache (this page)”\u003Cbr \u002F>\n  1\u003Cbr \u002F>\n  No – always immediate\u003C\u002Fp>\n\u003Cp>  Post save\u002Fupdate\u003Cbr \u002F>\n  20-50+\u003Cbr \u002F>\n  Yes (if cron-mode enabled)\u003C\u002Fp>\n\u003Cp>If you need to immediately purge all URLs related to a specific post (not just the post URL), save the post – the automatic purge will handle all related URLs.\u003C\u002Fp>\n","Automatically empty proxy cached content when your site is modified.",40000,2241997,88,26,"2026-04-02T16:12:00.000Z","5.0","5.6",[20,54,23,55,56],"nginx","purge","varnish","https:\u002F\u002Fgithub.com\u002Fdvershinin\u002Fvarnish-http-purge","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvarnish-http-purge.5.9.0.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":73,"download_link":78,"security_score":79,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"cache-warmer","Cache Warmer","1.3.8","TMM Technology","https:\u002F\u002Fprofiles.wordpress.org\u002Ftmmtechnology\u002F","\u003Cp>Visits website pages to warm (create) the cache if you have any caching solutions configured.\u003C\u002Fp>\n\u003Ch3>Settings\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Configure cache warming entry points and the depth of the warming;\u003C\u002Fli>\n\u003Cli>Add all public site posts as entry points;\u003C\u002Fli>\n\u003Cli>Add entry point sites sitemaps as entry points;\u003C\u002Fli>\n\u003Cli>Select which types of assets to load, with 4 checkboxes: scripts, styles, images, fonts;\u003C\u002Fli>\n\u003Cli>Set custom URL params (?foo=bar);\u003C\u002Fli>\n\u003Cli>Set custom user agent;\u003C\u002Fli>\n\u003Cli>Set custom request headers;\u003C\u002Fli>\n\u003Cli>Set custom cookies;\u003C\u002Fli>\n\u003Cli>Set connection timeout;\u003C\u002Fli>\n\u003Cli>Set speed limit (pages to visit per minute);\u003C\u002Fli>\n\u003Cli>Autorun Interval: to run the warming each N minutes;\u003C\u002Fli>\n\u003Cli>Exclude pages (by substring or regex);\u003C\u002Fli>\n\u003Cli>Rewrite URLs to HTTPS;\u003C\u002Fli>\n\u003Cli>Visit pages second time without custom URL params (if they are set);\u003C\u002Fli>\n\u003Cli>Warm-up posts (on their publication and edit (Can be seen in Logs -> Triggered)):\n\u003Cul>\n\u003Cli>Set custom posts warming interval.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Use object cache for tree storage, when it’s available.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Additional\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds a graph to your dashboard with page load time before and after the warming (2 lines) per day.\u003C\u002Fli>\n\u003Cli>Cleans up Action Scheduler log after itself (older than 30 days for failed actions, and older than 2 days for completed actions).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect to paid service for warming from external global servers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Run from code\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Start: \u003Ccode>\\Cache_Warmer\\AJAX::start_warm_up( false );\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Stop: \u003Ccode>\\Cache_Warmer\\AJAX::stop_warm_up( false );\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Run from WP CLI\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Start: \u003Ccode>wp cache-warmer start\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Stop: \u003Ccode>wp cache-warmer stop\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Required PHP extensions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>json\u003C\u002Fli>\n\u003Cli>simplexml (optional)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Bug reports \u002F Questions \u002F Suggestions\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"mailto:wp@tmm.ventures\" rel=\"nofollow ugc\">wp@tmm.ventures\u003C\u002Fa>\u003C\u002Fp>\n","Visits website pages to warm (create) the cache if you have any caching solutions configured.",1000,19408,96,19,"2024-11-17T21:34:00.000Z","6.7.0","",[20,21,75,76,77],"object-cache","redis","warming","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcache-warmer.1.3.8.zip",92,{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":67,"downloaded":88,"rating":35,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":73,"tags":93,"homepage":95,"download_link":96,"security_score":97,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"nginx-champuru","Nginx Cache Controller","3.3.4","Takayuki Miyauchi","https:\u002F\u002Fprofiles.wordpress.org\u002Fmiyauchi\u002F","\u003Cp>This plugin provides some functions of controlling Nginx proxy server cache.\u003C\u002Fp>\n\u003Ch4>Security\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Making comment authors’ information ajaxed to prevent the information from caching.\u003C\u002Fli>\n\u003Cli>Send no-cache header on password protected posts to prevent the posts from caching.\u003C\u002Fli>\n\u003Cli>When a scheduled post is published, it will delete the cache through Ajax.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Controlling cache\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Sending X-ACCEL-EXPIRES, you can specify the available period of the cache.\u003C\u002Fli>\n\u003Cli>When you save your post and someone post comments, the cache is deleted automatically.\u003C\u002Fli>\n\u003Cli>Add a menu on the admin bar to delete the cache.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Memo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Gets comment poster’s IP address by HTTP_X_FORWARDED_FOR header.\u003C\u002Fli>\n\u003Cli>Fixes the issue that the permanent link setting includes index.php.\u003C\u002Fli>\n\u003Cli>When the cache’s expiration period is more than 86400 sec, change the value of wp_verify_nonce() same as the period.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WP-CLI Support\u003C\u002Fh4>\n\u003Cp>Flush all proxy caches.\u003Cbr \u002F>\n    wp nginx flush\u003C\u002Fp>\n\u003Cp>Show list of all proxy caches.\u003Cbr \u002F>\n    wp nginx list –format=csv\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp nginx list --format=json\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>See help.\u003Cbr \u002F>\n    wp help nginx\u003C\u002Fp>\n\u003Ch4>Languages\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>English(en) – \u003Ca href=\"http:\u002F\u002Ftekapo.com\u002F\" rel=\"nofollow ugc\">JOTAKI Taisuke\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Japanese(Ja) – \u003Ca href=\"http:\u002F\u002Ftekapo.com\u002F\" rel=\"nofollow ugc\">JOTAKI Taisuke\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Vietnamese(vi) – \u003Ca href=\"http:\u002F\u002Fbizover.net\u002F\" rel=\"nofollow ugc\">Trong\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributor\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fninjax.cc\u002F\" rel=\"nofollow ugc\">Ninjax Team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmiyauchi\u002F\" rel=\"nofollow ugc\">miyauchi\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwokamoto\u002F\" rel=\"nofollow ugc\">wokamoto\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fgatespace\u002F\" rel=\"nofollow ugc\">gatespace\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plug-in is not guaranteed though the user of WordPress can freely use this plug-in free of charge regardless of the purpose.\u003Cbr \u002F>\nThe author must acknowledge the thing that the operation guarantee and the support in this plug-in use are not done at all beforehand.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fgithub.com\u002Fmiya0001\u002Fnginx-champuru\u003C\u002Fli>\n\u003C\u002Ful>\n","Provides some functions of controlling Nginx proxy server cache.",283472,15,"2022-11-22T03:50:00.000Z","6.1.10","3.4",[20,54,94],"reverse-proxy","https:\u002F\u002Fgithub.com\u002Fmegumiteam\u002Fnginx-cache-controller","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnginx-champuru.3.3.4.zip",85,{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":67,"downloaded":106,"rating":13,"num_ratings":107,"last_updated":108,"tested_up_to":16,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":73,"download_link":115,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"servebolt-optimizer","Servebolt Optimizer","3.6.3","Servebolt","https:\u002F\u002Fprofiles.wordpress.org\u002Fservebolt\u002F","\u003Cp>The Servebolt Optimizer plugin adds functionality to implement Servebolt’s best practices for WordPress. This includes database optimizations, errorlog review, automatic cache purging, automatic image optimization and resizing, performance recommendations, and support for down stream HTML caching.\u003C\u002Fp>\n\u003Cp>Specifically, Servebolt Optimizer does two things for your site:\u003C\u002Fp>\n\u003Col>\n\u003Cli>It connects your \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fe3ke3\" rel=\"nofollow ugc\">WordPress hosted\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002F724lz\" rel=\"nofollow ugc\">WooCommerce hosted\u003C\u002Fa> Servebolt site to your \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fpf3hu\" rel=\"nofollow ugc\">Servebolt Admin Panel\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Its features implement Servebolt’s best practices for performance. These best practizes include database optimizations, error log review, automatic cache purging, automatic image optimization\u002Fresizing, performance recommendations and support for down stream HTML caching.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This project is maintained on \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fsog\" rel=\"nofollow ugc\">Github\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Configures HTML caching to speed up your site (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Integrates with \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002F4c9dw\" rel=\"nofollow ugc\">Accelerated Domains\u003C\u002Fa> (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Rewrite headers to allow down stream HTML caching (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>View Apache\u002FPHP error log (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003Cli>Database optimization – Convert tables to InnoDB\u003C\u002Fli>\n\u003Cli>Database optimization – Add performance improving indexes\u003C\u002Fli>\n\u003Cli>Automatic cache purge for Cloudflare and Accelerated Domains\u003C\u002Fli>\n\u003Cli>Recommendations on additional performance improvements\u003C\u002Fli>\n\u003Cli>Multi-site support\u003C\u002Fli>\n\u003Cli>WP CLI support\u003C\u002Fli>\n\u003Cli>Cloudflare Image Resize-support (beta feature)\u003C\u002Fli>\n\u003Cli>WP Rocket compatability (\u003Cstrong>Servebolt clients only\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Read more about the plugin and all its features in our \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fservebolt-optimize-documentation\" rel=\"nofollow ugc\">Help Center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Accelerated Domains\u003C\u002Fh3>\n\u003Cp>The integration with our revolutionairy add-on performance and security enhancing service \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002F4c9dw\" rel=\"nofollow ugc\">Accelerated Domains\u003C\u002Fa> is made possible by Servebolt Optimizer. Installing the Servebolt Optimizer will provide the required HTTP headers to make use of Accelerated Domains.\u003C\u002Fp>\n\u003Ch3>Automatic purge of Cloudflare cache\u003C\u002Fh3>\n\u003Cp>Servebolt Optimizer supports the most complete solution for Cloudflare cache purging. The HTML Cache is automatically purged when any post type or term has been updated. You can also purge directly from the admin bar. This Cloudflare integration supports both the use of API key and API token authentication when communicating with the Cloudflare API.\u003C\u002Fp>\n\u003Ch3>HTML Caching\u003C\u002Fh3>\n\u003Cp>This plugin rewrites HTTP headers of HTML to allow for HTML Caching, and for the browser to cache HTML. HTML Caching may introduce all sorts of problems for end users, so installation and testing should be performed by a professional.\u003C\u002Fp>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>This plugin can be controlled via the WordPress Dashboard or WP CLI. Additionally there are various filters and PHP constants at your disposal.\u003C\u002Fp>\n\u003Ch3>Filter and constant reference\u003C\u002Fh3>\n\u003Cp>The plugin has various filters and PHP constants that allows third-party developers to alter the behaviour of the plugin. Please read the article \u003Ca href=\"https:\u002F\u002Fservebo.lt\u002Fservebolt-optimizer-filters-and-php-constants\" rel=\"nofollow ugc\">Filters and PHP constants\u003C\u002Fa> in our help center to learn more.\u003C\u002Fp>\n\u003Ch3>Testing\u003C\u002Fh3>\n\u003Cp>We test against the current production version of WordPress and the next beta\u002Fdevelopment version\u003C\u002Fp>\n","This plugin implements Servebolt's WordPress best practices, and connects your site to the Servebolt Admin Panel.",98386,5,"2026-04-01T12:50:00.000Z","4.9.2",[21,111,112,113,114],"html-cache","multisite","optimization","performance","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fservebolt-optimizer.3.6.3.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":13,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":133,"download_link":134,"security_score":97,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"cloudflare-page-cache","Cloudflare Page Cache","1.4","Cloudflare","https:\u002F\u002Fprofiles.wordpress.org\u002Fcloudflare\u002F","\u003Cp>Integrates with the “\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcloudflare\u002Fworker-examples\u002Ftree\u002Fmaster\u002Fexamples\u002Fedge-cache-html\" rel=\"nofollow ugc\">Edge Cache HTML\u003C\u002Fa>” Cloudflare Worker to edge-cache the generated HTML for anonymous users (not logged-in) resulting in huge performance gains, particularly on slower hosting.\u003C\u002Fp>\n","Adds support for caching pages on Cloudflare and automatic purging when content changes.",500,20002,8,"2019-05-22T15:36:00.000Z","5.2.24","3.3.1","5.2.4",[20,21,114,132],"speed","https:\u002F\u002Fgithub.com\u002Fcloudflare\u002Fworker-examples\u002Ftree\u002Fmaster\u002Fexamples\u002Fedge-cache-html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcloudflare-page-cache.zip",{"attackSurface":136,"codeSignals":185,"taintFlows":211,"riskAssessment":323,"analyzedAt":331},{"hooks":137,"ajaxHandlers":163,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":14,"unprotectedCount":14},[138,144,149,154,158],{"type":139,"name":140,"callback":141,"file":142,"line":143},"filter","http_api_curl","anonymous","includes\\class-http-request.php",53,{"type":139,"name":145,"callback":146,"file":147,"line":148},"cron_schedules","add_custom_intervals","super-preloader-for-cloudflare.php",74,{"type":150,"name":151,"callback":152,"file":147,"line":153},"action","admin_menu","register_menu",80,{"type":150,"name":155,"callback":156,"file":147,"line":157},"admin_enqueue_scripts","enqueue_assets",81,{"type":150,"name":159,"callback":160,"priority":161,"file":147,"line":162},"wpff_sp_run_preloader","run",10,99,[164,167,171],{"action":159,"nopriv":165,"callback":166,"hasNonce":165,"hasCapCheck":165,"file":147,"line":48},false,"run_preloader",{"action":168,"nopriv":165,"callback":169,"hasNonce":165,"hasCapCheck":165,"file":147,"line":170},"wpff_sp_get_logs","get_logs",91,{"action":172,"nopriv":165,"callback":173,"hasNonce":165,"hasCapCheck":165,"file":147,"line":79},"wpff_sp_get_status","get_status",[],[],[177,180,182],{"hook":159,"callback":159,"file":178,"line":179},"includes\\class-cron.php",61,{"hook":159,"callback":159,"file":178,"line":181},107,{"hook":159,"callback":159,"file":183,"line":184},"includes\\class-preloader.php",369,{"dangerousFunctions":186,"sqlUsage":187,"outputEscaping":189,"fileOperations":209,"externalRequests":107,"nonceChecks":209,"capabilityChecks":14,"bundledLibraries":210},[],{"prepared":27,"raw":27,"locations":188},[],{"escaped":190,"rawEcho":126,"locations":191},313,[192,196,199,201,203,204,205,207],{"file":193,"line":194,"context":195},"includes\\partials\\settings-form.php",27,"raw output",{"file":197,"line":198,"context":195},"includes\\partials\\setup-guide.php",11,{"file":197,"line":200,"context":195},17,{"file":197,"line":202,"context":195},23,{"file":197,"line":153,"context":195},{"file":197,"line":157,"context":195},{"file":197,"line":206,"context":195},82,{"file":197,"line":208,"context":195},83,6,[],[212,291],{"entryPoint":213,"graph":214,"unsanitizedCount":27,"severity":290},"handle_settings (includes\\class-post-handlers.php:12)",{"nodes":215,"edges":279},[216,222,228,232,234,238,241,245,248,252,255,258,261,265,267,271,273,277],{"id":217,"type":218,"label":219,"file":220,"line":221},"n0","source","$_POST['worker_url']","includes\\class-post-handlers.php",22,{"id":223,"type":224,"label":225,"file":220,"line":226,"wp_function":227},"n1","sink","update_option() [Settings Manipulation]",20,"update_option",{"id":229,"type":218,"label":230,"file":220,"line":231},"n2","$_POST['proxy_list_url']",29,{"id":233,"type":224,"label":225,"file":220,"line":194,"wp_function":227},"n3",{"id":235,"type":218,"label":236,"file":220,"line":237},"n4","$_POST['sitemap_url']",36,{"id":239,"type":224,"label":225,"file":220,"line":240,"wp_function":227},"n5",34,{"id":242,"type":218,"label":243,"file":220,"line":244},"n6","$_POST (x2)",41,{"id":246,"type":224,"label":225,"file":220,"line":247,"wp_function":227},"n7",42,{"id":249,"type":218,"label":250,"file":220,"line":251},"n8","$_POST['cron_start_hour']",54,{"id":253,"type":224,"label":225,"file":220,"line":254,"wp_function":227},"n9",52,{"id":256,"type":218,"label":257,"file":220,"line":179},"n10","$_POST['cron_start_minute']",{"id":259,"type":224,"label":225,"file":220,"line":260,"wp_function":227},"n11",59,{"id":262,"type":218,"label":263,"file":220,"line":264},"n12","$_POST['batch_size']",66,{"id":266,"type":224,"label":225,"file":220,"line":264,"wp_function":227},"n13",{"id":268,"type":218,"label":269,"file":220,"line":270},"n14","$_POST['delay_between_urls']",70,{"id":272,"type":224,"label":225,"file":220,"line":270,"wp_function":227},"n15",{"id":274,"type":218,"label":275,"file":220,"line":276},"n16","$_POST['shared_secret']",76,{"id":278,"type":224,"label":225,"file":220,"line":148,"wp_function":227},"n17",[280,282,283,284,285,286,287,288,289],{"from":217,"to":223,"sanitized":281},true,{"from":229,"to":233,"sanitized":281},{"from":235,"to":239,"sanitized":281},{"from":242,"to":246,"sanitized":281},{"from":249,"to":253,"sanitized":281},{"from":256,"to":259,"sanitized":281},{"from":262,"to":266,"sanitized":281},{"from":268,"to":272,"sanitized":281},{"from":274,"to":278,"sanitized":281},"low",{"entryPoint":292,"graph":293,"unsanitizedCount":27,"severity":290},"\u003Cclass-post-handlers> (includes\\class-post-handlers.php:0)",{"nodes":294,"edges":313},[295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312],{"id":217,"type":218,"label":219,"file":220,"line":221},{"id":223,"type":224,"label":225,"file":220,"line":226,"wp_function":227},{"id":229,"type":218,"label":230,"file":220,"line":231},{"id":233,"type":224,"label":225,"file":220,"line":194,"wp_function":227},{"id":235,"type":218,"label":236,"file":220,"line":237},{"id":239,"type":224,"label":225,"file":220,"line":240,"wp_function":227},{"id":242,"type":218,"label":243,"file":220,"line":244},{"id":246,"type":224,"label":225,"file":220,"line":247,"wp_function":227},{"id":249,"type":218,"label":250,"file":220,"line":251},{"id":253,"type":224,"label":225,"file":220,"line":254,"wp_function":227},{"id":256,"type":218,"label":257,"file":220,"line":179},{"id":259,"type":224,"label":225,"file":220,"line":260,"wp_function":227},{"id":262,"type":218,"label":263,"file":220,"line":264},{"id":266,"type":224,"label":225,"file":220,"line":264,"wp_function":227},{"id":268,"type":218,"label":269,"file":220,"line":270},{"id":272,"type":224,"label":225,"file":220,"line":270,"wp_function":227},{"id":274,"type":218,"label":275,"file":220,"line":276},{"id":278,"type":224,"label":225,"file":220,"line":148,"wp_function":227},[314,315,316,317,318,319,320,321,322],{"from":217,"to":223,"sanitized":281},{"from":229,"to":233,"sanitized":281},{"from":235,"to":239,"sanitized":281},{"from":242,"to":246,"sanitized":281},{"from":249,"to":253,"sanitized":281},{"from":256,"to":259,"sanitized":281},{"from":262,"to":266,"sanitized":281},{"from":268,"to":272,"sanitized":281},{"from":274,"to":278,"sanitized":281},{"summary":324,"deductions":325},"The \"super-preloader-for-cloudflare\" plugin version 1.0.6 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all its SQL queries and properly escaping the vast majority of its output.  The absence of any known vulnerabilities in its history is also a strong indicator of developer diligence. However, a significant concern lies in its attack surface.  With a total of 3 entry points identified, all 3 are unprotected AJAX handlers. This means that any unauthenticated user could potentially interact with these AJAX endpoints, posing a considerable risk if these handlers are not robustly secured through other means or if they expose sensitive functionality.\n\nThe static analysis reveals no dangerous functions, no critical or high-severity taint flows, and no raw SQL queries, which are all positive signs. The plugin also includes nonce checks and capability checks, though the lack of authentication checks on AJAX handlers overshadows this to some extent. The presence of file operations and external HTTP requests, while not inherently insecure, warrants further investigation in conjunction with the unprotected AJAX handlers.\n\nOverall, the plugin is built on a foundation of generally secure coding practices, particularly regarding database interactions and output sanitization. The lack of a vulnerability history is reassuring. Nevertheless, the exposure of all AJAX entry points to unauthenticated users is a critical weakness that significantly elevates the risk profile. This plugin would be considered moderately secure if the AJAX endpoints were properly protected, but as is, it presents a tangible security risk.",[326,328],{"reason":327,"points":89},"Unprotected AJAX handlers",{"reason":329,"points":330},"Large attack surface without auth",7,"2026-03-16T21:41:16.943Z",{"wat":333,"direct":342},{"assetPaths":334,"generatorPatterns":337,"scriptPaths":338,"versionParams":339},[335,336],"\u002Fwp-content\u002Fplugins\u002Fsuper-preloader-for-cloudflare\u002Fcss\u002Fadmin-ui.css","\u002Fwp-content\u002Fplugins\u002Fsuper-preloader-for-cloudflare\u002Fjs\u002Fadmin-ui.js",[],[336],[340,341],"super-preloader-for-cloudflare\u002Fcss\u002Fadmin-ui.css?ver=","super-preloader-for-cloudflare\u002Fjs\u002Fadmin-ui.js?ver=",{"cssClasses":343,"htmlComments":347,"htmlAttributes":348,"restEndpoints":349,"jsGlobals":350,"shortcodeOutput":352},[344,345,346],"wpff-sp-settings-layout","wpff-sp-settings-main","wpff-sp-settings-sidebar",[],[],[],[351],"wpff",[],{"error":281,"url":354,"statusCode":355,"statusMessage":356,"message":356},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsuper-preloader-for-cloudflare\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":126,"versions":358},[359,364,371,378,385,392,399,406],{"version":6,"download_url":26,"svn_tag_url":360,"released_at":28,"has_diff":165,"diff_files_changed":361,"diff_lines":28,"trac_diff_url":362,"vulnerabilities":363,"is_current":281},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.6&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.7",[],{"version":365,"download_url":366,"svn_tag_url":367,"released_at":28,"has_diff":165,"diff_files_changed":368,"diff_lines":28,"trac_diff_url":369,"vulnerabilities":370,"is_current":165},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.5&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.6",[],{"version":372,"download_url":373,"svn_tag_url":374,"released_at":28,"has_diff":165,"diff_files_changed":375,"diff_lines":28,"trac_diff_url":376,"vulnerabilities":377,"is_current":165},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.4&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.5",[],{"version":379,"download_url":380,"svn_tag_url":381,"released_at":28,"has_diff":165,"diff_files_changed":382,"diff_lines":28,"trac_diff_url":383,"vulnerabilities":384,"is_current":165},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.3&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.4",[],{"version":386,"download_url":387,"svn_tag_url":388,"released_at":28,"has_diff":165,"diff_files_changed":389,"diff_lines":28,"trac_diff_url":390,"vulnerabilities":391,"is_current":165},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.2&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.3",[],{"version":393,"download_url":394,"svn_tag_url":395,"released_at":28,"has_diff":165,"diff_files_changed":396,"diff_lines":28,"trac_diff_url":397,"vulnerabilities":398,"is_current":165},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.1&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.2",[],{"version":400,"download_url":401,"svn_tag_url":402,"released_at":28,"has_diff":165,"diff_files_changed":403,"diff_lines":28,"trac_diff_url":404,"vulnerabilities":405,"is_current":165},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.0&new_path=%2Fsuper-preloader-for-cloudflare%2Ftags%2F1.0.1",[],{"version":407,"download_url":408,"svn_tag_url":409,"released_at":28,"has_diff":165,"diff_files_changed":410,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":411,"is_current":165},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-preloader-for-cloudflare.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsuper-preloader-for-cloudflare\u002Ftags\u002F1.0.0\u002F",[],[]]