Does WEDOS Global (CDN Cache & Security) have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WEDOS Global (CDN Cache & Security) compatible with WordPress 6.9.4?

According to WordPress.org data, WEDOS Global (CDN Cache & Security) 2.0.14 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WEDOS Global (CDN Cache & Security) compatible with PHP 8.3+?

WEDOS Global (CDN Cache & Security) requires PHP 8.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WEDOS Global (CDN Cache & Security) updated?

WEDOS Global (CDN Cache & Security) was last updated on Apr 16, 2026. Frequent updates are generally a positive security signal.

What is WEDOS Global (CDN Cache & Security)'s security score?

WEDOS Global (CDN Cache & Security) has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WEDOS Global (CDN Cache & Security) Security & Risk Analysis

wordpress.org/plugins/wgpwpp

Activate and use the WEDOS Global service. WEDOS Global brings global security for your WordPress website, ensures low latency and minimal loading tim …

900 active installs v2.0.14 PHP 8.3+ WP 6.9+ Updated Apr 16, 2026

cdnddos-protectionfirewallsecuritywaf

A · Safe

CVEs total1

Unpatched0

Last CVESep 26, 2025

Plugin page Download

Safety Verdict

Is WEDOS Global (CDN Cache & Security) Safe to Use in 2026?

Generally Safe

Score 99/100

WEDOS Global (CDN Cache & Security) has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Sep 26, 2025Updated 1mo ago

Risk Assessment

The plugin "wgpwpp" v1.2.2 exhibits a concerning security posture due to a significant number of unprotected entry points and a history of vulnerabilities, particularly related to missing authorization. While the use of prepared statements for SQL queries is a positive practice, it is overshadowed by the fact that all identified AJAX handlers and REST API routes lack proper authentication or permission checks. This creates a wide attack surface that could be easily exploited by unauthenticated users. The presence of the `unserialize` function is another critical red flag, especially in the absence of strict input validation, as it can lead to remote code execution vulnerabilities.

The vulnerability history, with a known unpatched medium severity CVE, further amplifies the risks. The pattern of "Missing Authorization" as a common vulnerability type strongly suggests a recurring oversight in how the plugin handles user permissions, making it a predictable target for attackers. While the plugin demonstrates some good practices like prepared statements, the overwhelming number of unprotected entry points and the historical vulnerability trend point towards a plugin that requires immediate attention and remediation to mitigate severe security risks.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API routes
Dangerous function: unserialize
Low percentage of properly escaped output
Unpatched medium severity CVE
Missing authorization vulnerability history
Flows with unsanitized paths

Vulnerabilities

1 published

WEDOS Global (CDN Cache & Security) Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-60130medium · 5.3Missing Authorization

WEDOS Global <= 1.2.2 - Missing Authorization

Sep 26, 2025 Patched in 2.0.0 (202d)

Version History

WEDOS Global (CDN Cache & Security) Release Timeline

v2.0.14Current

v2.0.13

v2.0.12

v2.0.10

v2.0.8

v2.0.7

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.2.21 CVE

v1.2.11 CVE

v1.2.01 CVE

v1.1.61 CVE

v1.1.51 CVE

v1.1.41 CVE

v1.1.31 CVE

v1.1.21 CVE

Code Analysis

Analyzed Mar 16, 2026

WEDOS Global (CDN Cache & Security) Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

309

41 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$data = unserialize($serialized);admin\class-wgpwpp-notice.php:221

Output Escaping

12% escaped350 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

<class-wgpwpp-log> (includes\class-wgpwpp-log.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

13 unprotected

WEDOS Global (CDN Cache & Security) Attack Surface

Entry Points13

Unprotected13

AJAX Handlers 12

authwp_ajax_wgpwpp_auth_redirectadmin\class-wgpwpp-authorization.php:132

authwp_ajax_wgpwpp_purge_wp_cacheadmin\class-wgpwpp-cache-setting.php:62

authwp_ajax_wgpwpp_purge_cdn_cacheadmin\class-wgpwpp-cache-setting.php:64

authwp_ajax_wgpwpp_dashboard_load_opensearch_dataadmin\class-wgpwpp-dashboard-layout.php:50

authwp_ajax_wgpwpp_dashboard_toggle_wp_cacheadmin\class-wgpwpp-dashboard-layout.php:51

authwp_ajax_wgpwpp_dashboard_toggle_cdn_cacheadmin\class-wgpwpp-dashboard-layout.php:52

authwp_ajax_wgpwpp_dashboard_dismiss_ratingadmin\class-wgpwpp-dashboard-layout.php:53

authwp_ajax_wgpwpp_layout_stepadmin\class-wgpwpp-service-layout.php:55

authwp_ajax_wgpwpp_layout_verification_codeadmin\class-wgpwpp-service-layout.php:56

authwp_ajax_wgpwpp_layout_service_infoadmin\class-wgpwpp-service-layout.php:57

authwp_ajax_wgpwpp_layout_service_createadmin\class-wgpwpp-service-layout.php:58

authwp_ajax_wgpwpp_layout_service_retry_stateadmin\class-wgpwpp-service-layout.php:59

REST API Routes 1

GET/wp-json/wgpwpp/v1/activationincludes\class-wgpwpp-activator.php:54

WordPress Hooks 39

actionupgrader_process_completeadmin\class-wgpwpp-admin.php:268

actionplugins_loadedadmin\class-wgpwpp-admin.php:270

actionin_admin_headeradmin\class-wgpwpp-admin.php:272

actionadmin_enqueue_scriptsadmin\class-wgpwpp-admin.php:275

actionadmin_enqueue_scriptsadmin\class-wgpwpp-admin.php:276

actionadmin_menuadmin\class-wgpwpp-admin.php:279

actionadmin_footer_textadmin\class-wgpwpp-admin.php:285

actioninitadmin\class-wgpwpp-admin.php:287

actionadmin_initadmin\class-wgpwpp-authorization.php:135

actionadmin_initadmin\class-wgpwpp-cache-setting.php:58

actionadmin_enqueue_scriptsadmin\class-wgpwpp-cache-setting.php:60

actionadmin_enqueue_scriptsadmin\class-wgpwpp-dashboard-layout.php:46

actionadmin_enqueue_scriptsadmin\class-wgpwpp-dashboard-layout.php:47

actionadmin_initadmin\class-wgpwpp-reports-setting.php:97

actionadmin_enqueue_scriptsadmin\class-wgpwpp-reports-setting.php:100

actionadmin_enqueue_scriptsadmin\class-wgpwpp-reports-setting.php:101

actionrest_api_initadmin\class-wgpwpp-verification.php:61

actionrest_api_initincludes\class-wgpwpp-activator.php:53

actionplugin_loadedincludes\class-wgpwpp-loader.php:151

actionrest_api_initincludes\class-wgpwpp-notify.php:45

actionplugin_loadedincludes\class-wgpwpp-wp-cache.php:261

actionshutdownincludes\class-wgpwpp-wp-cache.php:262

filtersite_status_testsincludes\class-wgpwpp-wp-cache.php:263

filtersite_status_page_cache_supported_cache_headersincludes\class-wgpwpp-wp-cache.php:264

actionwgpwpp_wp_cache_delete_expiredincludes\class-wgpwpp-wp-cache.php:272

filterwoocommerce_product_titleincludes\class-wgpwpp-wp-cache.php:672

actiontransition_post_statusincludes\class-wgpwpp-wp-cache.php:676

filterthe_postsincludes\class-wgpwpp-wp-cache.php:682

actiondo_feed_rdfincludes\class-wgpwpp-wp-cache.php:685

actiondo_feed_rssincludes\class-wgpwpp-wp-cache.php:686

actiondo_feed_rss2includes\class-wgpwpp-wp-cache.php:687

actiondo_feed_atomincludes\class-wgpwpp-wp-cache.php:688

actionclean_post_cacheincludes\class-wgpwpp-wp-cache.php:691

actioninitincludes\class-wgpwpp-wp-cache.php:694

actionshutdownincludes\class-wgpwpp-wp-cache.php:697

actionupdate_option_rss_use_excerptincludes\class-wgpwpp-wp-cache.php:699

actionupdate_option_posts_per_rssincludes\class-wgpwpp-wp-cache.php:700

actionrest_api_initincludes\class-wgpwpp-wpinfo.php:44

actionplugins_loadedincludes\class-wgpwpp.php:171

Scheduled Events 1

wgpwpp_cache_delete_expired

Maintenance & Trust

WEDOS Global (CDN Cache & Security) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 16, 2026

PHP min version8.3

Downloads13K

Community Trust

Rating76/100

Number of ratings4

Active installs900

Alternatives

WEDOS Global (CDN Cache & Security) Alternatives

Login Security, FireWall, Malware removal by CleanTalk

security-malware-firewall

Brute force, Login security & Two Factor Auth (2FA). Limit login. Malware & Vulnerabilities scan. FireWall. Enterprise ready security plugin.

30K 5 CVEs

Security Ninja – WordPress Security & Firewall

security-ninja

WordPress security plugin with free basic firewall/WAF, vulnerability and core scanning, and 50+ core integrity checks.

7K 1 CVE

Advanced IP Blocker

advanced-ip-blocker

100

A complete WordPress security firewall: blocks IPs, bots & countries. Includes an intelligent WAF, Threat Scoring, Geo-Challenge, and 2FA.

1K No CVEs

BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security

bitfire

Real-time firewall that stops bots, malware, and hackers with real AI, file protection, and traffic analytics without slowing down your site

300 1 CVE

Anti-Hacker – Security Plugin

anti-hacker

Anti-Hacker protects your Wordpress against hackers attacks, hiding sensitive information that would be used to exploit your site, detecting and fixin …

100 No CVEs

Developer Profile

WEDOS Global (CDN Cache & Security) Developer Profile

wedos.com

2 plugins · 2K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

202 days

View full developer profile

Detection Fingerprints

How We Detect WEDOS Global (CDN Cache & Security)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wgpwpp/admin/css/fontawesome-free-6.5.2-web/css/fontawesome.min.css/wp-content/plugins/wgpwpp/admin/css/font-awesome-4.7.0/css/font-awesome.min.css/wp-content/plugins/wgpwpp/admin/css/fontawesome-free-6.5.2-web/css/solid.min.css/wp-content/plugins/wgpwpp/admin/css/wgpwpp-admin.css/wp-content/plugins/wgpwpp/admin/partials/wp-wgp/dist/mini.css/wp-content/plugins/wgpwpp/admin/css/wgpwpp-service.css/wp-content/plugins/wgpwpp/admin/js/wgpwpp-admin.js

Script Paths

/wp-content/plugins/wgpwpp/admin/js/wgpwpp-admin.js

Version Parameters

wgpwpp/admin/css/fontawesome-free-6.5.2-web/css/fontawesome.min.css?ver=wgpwpp/admin/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=wgpwpp/admin/css/fontawesome-free-6.5.2-web/css/solid.min.css?ver=wgpwpp/admin/css/wgpwpp-admin.css?ver=wgpwpp/admin/partials/wp-wgp/dist/mini.css?ver=wgpwpp/admin/css/wgpwpp-service.css?ver=wgpwpp/admin/js/wgpwpp-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wgpwpp-admin-menuwgpwpp-layout-flexwgpwpp-contentwgpwpp-footerwgpwpp-footer-contentwgpwpp-content-centerwgpwpp-headerwgpwpp-header-content+16 more

Data Attributes

data-wgpwpp-iddata-wgpwpp-action

JS Globals

wgpwpp_ajax_object

REST Endpoints

/wp-json/wgpwpp/v1/report/wp-json/wgpwpp/v1/cache

FAQ

WEDOS Global (CDN Cache & Security) Security & Risk Analysis

Is WEDOS Global (CDN Cache & Security) Safe to Use in 2026?

Generally Safe

Key Concerns

WEDOS Global (CDN Cache & Security) Security Vulnerabilities

CVEs by Year

Severity Breakdown

WEDOS Global (CDN Cache & Security) Release Timeline

WEDOS Global (CDN Cache & Security) Code Analysis

Dangerous Functions Found

Output Escaping

Data Flow Analysis

WEDOS Global (CDN Cache & Security) Attack Surface

AJAX Handlers 12

REST API Routes 1

Scheduled Events 1

WEDOS Global (CDN Cache & Security) Maintenance & Trust

Maintenance Signals

Community Trust

WEDOS Global (CDN Cache & Security) Alternatives

Login Security, FireWall, Malware removal by CleanTalk

Security Ninja – WordPress Security & Firewall

Advanced IP Blocker

BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security

Anti-Hacker – Security Plugin

WEDOS Global (CDN Cache & Security) Developer Profile

How We Detect WEDOS Global (CDN Cache & Security)

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about WEDOS Global (CDN Cache & Security)