[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKEvu9bxNou1Exq6tsEpwVUwmmYvcRIHWvq-zzMXnIDo":3,"$fkY_C1h8h_i_-vs5aJlgWyfsCptyaWEJ82gwP35DMBes":566,"$f5xLFPCD8_vDw1v2XU3Ko-be_IdJ-4PR7HFlukOZY584":571},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":134,"fingerprints":546},"wp-avoid-slow","The Off Switch (formerly WP Avoid Slow)","1.9.8","Abhishek Deshpande","https:\u002F\u002Fprofiles.wordpress.org\u002Fdeshabhishek007\u002F","\u003Cp>WordPress prioritises backwards compatibility.\u003Cbr \u002F>\nThat’s a feature. It also means every install ships with things you didn’t ask for.\u003C\u002Fp>\n\u003Cp>An emoji CDN script. An oEmbed script. A Windows Live Writer manifest (discontinued 2017).\u003Cbr \u002F>\nDashicons loaded for logged-out visitors. Heartbeat polling every 15 seconds.\u003Cbr \u002F>\nA version tag that tells the world exactly which WordPress you’re running.\u003C\u002Fp>\n\u003Cp>None of these are bugs. They’re just not needed on most sites.\u003C\u002Fp>\n\u003Cp>Disable what you don’t need. Keep what you do.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Off Switch lets you disable each one, individually.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>The Off Switches\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Emoji script\u003C\u002Fstrong> – ~15 KB + 1 HTTP request. Browsers handle emoji natively.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Embed script\u003C\u002Fstrong> – ~4 KB + oEmbed discovery links in \u003Ccode>\u003Chead>\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSD link\u003C\u002Fstrong> – Really Simple Discovery. Only needed for legacy XML-RPC clients.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WLW manifest\u003C\u002Fstrong> – Windows Live Writer has been discontinued since 2017.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP version tag\u003C\u002Fstrong> – Stops advertising your WordPress version to the world.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortlink\u003C\u002Fstrong> – Removes \u003Ccode>\u003Clink rel=\"shortlink\">\u003C\u002Fcode> from \u003Ccode>\u003Chead>\u003C\u002Fcode> and HTTP headers. Search engines ignore it.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Asset query strings\u003C\u002Fstrong> – Strips \u003Ccode>?ver=\u003C\u002Fcode> from scripts, styles, and WP 6.5+ Script Modules so CDNs and proxies cache correctly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XML-RPC\u003C\u002Fstrong> – Closes a common brute-force attack vector.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Heartbeat API\u003C\u002Fstrong> – Reduces admin polling from every 15 s to every 60 s.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dashicons (frontend)\u003C\u002Fstrong> – ~35 KB (CSS + font) saved for every logged-out visitor.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Discovery Link\u003C\u002Fstrong> – Removes \u003Ccode>\u003Clink rel=\"https:\u002F\u002Fapi.w.org\u002F\">\u003C\u002Fcode> from \u003Ccode>\u003Chead>\u003C\u002Fcode>. Safe to remove on standard sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>RSS Feed Links\u003C\u002Fstrong> – Removes feed autodiscovery \u003Ccode>\u003Clink>\u003C\u002Fcode> tags from \u003Ccode>\u003Chead>\u003C\u002Fcode>. Modern browsers no longer act on them. Leave enabled if you publish an RSS feed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Speculation Rules (WP 6.8+)\u003C\u002Fstrong> – Disables the WP 6.8+ Speculation Rules API that prefetches links before users click. Can inflate analytics, increase server bandwidth, and trigger consent flows on unfetched pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable All Feeds\u003C\u002Fstrong> – Redirects all RSS and Atom feed URLs to the homepage. For sites with no RSS subscribers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment Auto-Links\u003C\u002Fstrong> – Stops WordPress from converting plain-text URLs in comments into clickable links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Editor Autosave\u003C\u002Fstrong> – Deregisters the autosave script that POSTs editor content to the server every 60 seconds. For teams that prefer explicit saves.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DNS Prefetch\u003C\u002Fstrong> – Removes all \u003Ccode>\u003Clink rel=\"dns-prefetch\">\u003C\u002Fcode> hints from \u003Ccode>\u003Chead>\u003C\u002Fcode>. Redundant when Emojis and Embeds are already disabled.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recent Comments Inline CSS\u003C\u002Fstrong> – WordPress outputs a small inline \u003Ccode>\u003Cstyle>\u003C\u002Fcode> block in \u003Ccode>\u003Chead>\u003C\u002Fcode> whenever the Recent Comments widget is active. Remove it if your theme already styles the widget.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Script & Style Control\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>jQuery Migrate\u003C\u002Fstrong> – ~30 KB. Modern themes don’t need it.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Library CSS\u003C\u002Fstrong> – ~7 KB loaded on every page, even with no Gutenberg blocks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Global Styles (theme.json CSS)\u003C\u002Fstrong> – 10-50 KB inline CSS from block themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SVG Duotone Filters\u003C\u002Fstrong> – Hidden SVG blob injected on every page, even with no duotone images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Script\u002FStyle type attributes\u003C\u002Fstrong> – \u003Ccode>type=\"text\u002Fjavascript\"\u003C\u002Fcode> and \u003Ccode>type=\"text\u002Fcss\"\u003C\u002Fcode> are redundant in HTML5.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Defer non-critical JavaScript\u003C\u002Fstrong> – Adds \u003Ccode>defer\u003C\u002Fcode> so scripts don’t block HTML parsing. jQuery is never deferred.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Move scripts to footer\u003C\u002Fstrong> – Relocates enqueued scripts from \u003Ccode>\u003Chead>\u003C\u002Fcode> to just before \u003Ccode>\u003C\u002Fbody>\u003C\u002Fcode>. jQuery is never moved.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Behaviour Tweaks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Self-pingbacks\u003C\u002Fstrong> – WordPress pings your own posts when you link between them – a wasted HTTP request that creates an unwanted comment on the target post.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Capital P filter\u003C\u002Fstrong> – WordPress corrects “WordPress” to “WordPress” on every rendered string. Remove if you don’t need the autocorrect.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit post revisions\u003C\u002Fstrong> – WordPress stores unlimited revisions per post. Caps revisions at 3 to prevent silent database growth on active editorial sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attachment pages\u003C\u002Fstrong> – WordPress creates a full template page for every uploaded file. These waste crawl budget on most sites. Sends a 301 redirect to the parent post instead.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comments\u003C\u002Fstrong> – Closes all comments and pingbacks site-wide, hides existing comments on the frontend, and removes comment-related UI from wp-admin (Comments menu, admin bar node, dashboard widget). Enable only if your site does not use comments.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Search\u003C\u002Fstrong> – Redirects all WordPress search queries (\u003Ccode>\u002F?s=\u003C\u002Fcode>) to the homepage with a 301, preventing bots from triggering repeated database queries. Also removes search forms rendered via \u003Ccode>get_search_form()\u003C\u002Fcode>. Hardcoded forms in theme templates are not affected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>oEmbed Provider\u003C\u002Fstrong> – WordPress registers a REST endpoint at \u003Ccode>\u002Fwp-json\u002Foembed\u002F1.0\u002Fembed\u003C\u002Fcode> so other sites can embed your content via the oEmbed protocol. Remove it if you don’t want your content embeddable externally. Does not affect your ability to embed others’ content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Database & Query\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Expired Transients\u003C\u002Fstrong> – Schedules a daily cleanup of expired transient rows in wp_options. Useful on low-traffic sites where WP-Cron can go days without firing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Abandoned Auto-Drafts\u003C\u002Fstrong> – WordPress creates an auto-draft every time the post editor opens. Abandoned sessions leave these rows permanently. Runs a daily sweep to delete auto-drafts older than 30 days.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Skip Row Count on Singles\u003C\u002Fstrong> – On every single post or page, MySQL runs SQL_CALC_FOUND_ROWS to count total matching rows – a full index scan only needed for paginated archives. Removes that sub-query on all singular views.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Adjacent Post Links\u003C\u002Fstrong> – WordPress queries the previous and next post on every single post page to output \u003Ccode>\u003Clink rel=\"prev\u002Fnext\">\u003C\u002Fcode> in \u003Ccode>\u003Chead>\u003C\u002Fcode>. Two extra DB queries per page load. Google dropped support for these SEO hints in 2019.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reduce Trash Retention\u003C\u002Fstrong> – WordPress keeps trashed items for 30 days before permanent deletion. Reducing to 7 days keeps wp_posts leaner on active editorial sites without affecting normal recovery workflows.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Image Performance\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Google Fonts display:swap\u003C\u002Fstrong> – Without \u003Ccode>font-display:swap\u003C\u002Fcode>, the browser hides text while your Google Font downloads (FOIT). Adds \u003Ccode>display=swap\u003C\u002Fcode> to every Google Fonts URL so visitors see text immediately.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add missing image dimensions\u003C\u002Fstrong> – Images without \u003Ccode>width\u003C\u002Fcode> and \u003Ccode>height\u003C\u002Fcode> attributes cause layout shifts (CLS). Reads dimensions from attachment metadata and injects them automatically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LCP image priority\u003C\u002Fstrong> – Adds \u003Ccode>fetchpriority=\"high\"\u003C\u002Fcode> to the first content image so the browser loads it before lower-priority resources. Adds \u003Ccode>fetchpriority=\"low\"\u003C\u002Fcode> and \u003Ccode>decoding=\"async\"\u003C\u002Fcode> to all others.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lazy load images\u003C\u002Fstrong> – Adds \u003Ccode>loading=\"lazy\"\u003C\u002Fcode> to images below the fold. The first image is never lazy-loaded – it is the LCP candidate and must load immediately.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable PDF thumbnails\u003C\u002Fstrong> – WordPress generates thumbnail previews for every uploaded PDF when ImageMagick is available. Rarely used on the frontend; adds significant upload processing time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable scaled images\u003C\u002Fstrong> – WordPress 5.3+ creates a downsized -scaled copy of any image whose longest side exceeds 2560 px on upload. On most sites this extra file is never served. Disabling it stores the original as-uploaded. Applies to new uploads only.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable extra image sizes\u003C\u002Fstrong> – WordPress 5.3 added 1536×1536 and 2048×2048 intermediate sizes to every image upload. These oversized copies are rarely requested and waste disk space. Theme and plugin image sizes are not affected. Applies to new uploads only.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security & Admin Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block User Enumeration\u003C\u002Fstrong> – WordPress redirects \u003Ccode>?author=1\u003C\u002Fcode> to \u003Ccode>\u002Fauthor\u002Fusername\u002F\u003C\u002Fcode>, exposing registered usernames. Intercepts those requests and redirects to the homepage before the username is revealed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Author Archives\u003C\u002Fstrong> – Redirects all \u003Ccode>\u002Fauthor\u002Fusername\u002F\u003C\u002Fcode> pages to the homepage. For sites with no author profile pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable File Editor\u003C\u002Fstrong> – Defines \u003Ccode>DISALLOW_FILE_EDIT\u003C\u002Fcode> to remove the plugin and theme code editor from wp-admin. Eliminates a code-injection surface a compromised admin account could exploit.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Application Passwords\u003C\u002Fstrong> – Removes the Application Passwords UI and stops all tokens from being accepted. For sites that don’t use REST API or XML-RPC integrations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Suppress Admin Email Check\u003C\u002Fstrong> – Disables the periodic full-screen prompt asking admins to confirm their email address. One less interruption, no functional change.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove X-Pingback Header\u003C\u002Fstrong> – Strips \u003Ccode>X-Pingback:\u003C\u002Fcode> from every HTTP response, stopping the site from advertising its XML-RPC endpoint URL to scanners.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Admin Bar\u003C\u002Fstrong> – Removes the WordPress logo dropdown, the duplicate “Visit Site” link, and the admin bar search for a less cluttered editing environment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Update Nag for Non-Admins\u003C\u002Fstrong> – Hides the core update notice from editors and contributors who cannot action it. Administrators still see it normally.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restrict REST API to Logged-In Users\u003C\u002Fstrong> – The REST API is publicly accessible by default, allowing unauthenticated enumeration of posts, users, and other data. Restricting access to authenticated users reduces the attack surface. Will break public REST consumers such as headless frontends.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Redirect Unauthenticated Admin Access\u003C\u002Fstrong> – By default, visiting \u002Fwp-admin\u002F without being logged in redirects to the login page, confirming a WordPress admin area exists. This redirects unauthenticated requests to the homepage instead, reducing information disclosure to scanners. AJAX, Cron, WP-CLI, and admin-post.php requests are never affected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Author Sitemap\u003C\u002Fstrong> – WordPress 5.5 added a built-in XML sitemap that includes a users file listing the author archive URL for every user with published posts — up to 2,000 usernames, publicly accessible. Removes the users entry from the sitemap index entirely (WP 5.5+, default ON).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove X-Redirect-By Header\u003C\u002Fstrong> – WordPress 5.1+ adds an X-Redirect-By: WordPress header on every redirect, openly advertising that the site runs WordPress. Removes it from all redirects (default ON).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide PHP Version Header\u003C\u002Fstrong> – PHP sends an X-Powered-By: PHP\u002Fx.x.x header on every response, exposing your exact PHP version to every visitor and scanner. Removes it from all responses (default ON).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Generic PHP Error Messages\u003C\u002Fstrong> – WordPress fatal error messages can include internal file paths and line numbers. Replaces them with a generic response that reveals nothing about server structure (default ON).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Admin Bar on Frontend\u003C\u002Fstrong> – Removes the WordPress admin toolbar from the public-facing site for all logged-in users. Reduces frontend CSS\u002FJS overhead for logged-in sessions (default OFF).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Dashboard Welcome Panel\u003C\u002Fstrong> – Removes the “Welcome to WordPress” panel from the dashboard home screen for all users (default OFF).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Default Dashboard Widgets\u003C\u002Fstrong> – Removes four default dashboard widgets including WordPress Events and News, which makes an outbound HTTP request to api.wordpress.org on every dashboard load (default OFF).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Admin Footer Text\u003C\u002Fstrong> – Removes the “Thank you for creating with WordPress” text and WordPress version number from the wp-admin footer (default OFF).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable REST Users Endpoint\u003C\u002Fstrong> – WordPress’s REST API exposes \u003Ccode>\u002Fwp-json\u002Fwp\u002Fv2\u002Fusers\u003C\u002Fcode> publicly, returning usernames and slugs for all users with published posts. Removes this endpoint for unauthenticated requests only — Gutenberg and plugins that need it while logged in are unaffected (default ON).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Email Change Notifications\u003C\u002Fstrong> – WordPress sends emails to users when their email address or password changes. On agency-managed sites these are noise. Suppresses both notification types (default OFF).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Auto-Update Emails\u003C\u002Fstrong> – WordPress emails after every automatic core, plugin (WP 5.5+), and theme (WP 5.5+) update. On sites where auto-updates are routine these arrive constantly (default OFF).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Block Editor\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Remote Block Patterns\u003C\u002Fstrong> – WordPress fetches patterns from api.wordpress.org on every editor load. An outbound HTTP request that adds latency even if editors never use the Pattern inserter. Local patterns from themes and plugins are unaffected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Core Block Patterns\u003C\u002Fstrong> – Removes WordPress’s built-in block patterns (headers, galleries, CTAs) from the Pattern inserter. For sites using custom patterns or none at all.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block Directory\u003C\u002Fstrong> – The editor includes a live search of wordpress.org that lets users install new blocks without leaving the editor. Remove it to keep block installation under your control.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Font Library (WP 6.5+)\u003C\u002Fstrong> – WordPress 6.5 added a Font Library panel for uploading custom fonts and browsing Google Fonts in the Site Editor. Remove it if fonts are managed through your theme or code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widget Block Editor (WP 5.8+)\u003C\u002Fstrong> – WordPress 5.8 replaced the classic Widgets screen with a block-based editor. Restores the classic screen for classic themes, sidebar widgets, and page builders.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WooCommerce\u003C\u002Fh4>\n\u003Cp>\u003Cem>These toggles are only shown when WooCommerce is active.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cart Fragments\u003C\u002Fstrong> – wc-cart-fragments.js fires an AJAX request to keep mini-cart counts accurate when the Cart Widget is rendered (~3 KB + 1 request). Disable on stores where the Cart Widget is not used, or where real-time cart accuracy across tabs is not needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Generator Tag\u003C\u002Fstrong> – Removes \u003Ccode>\u003Cmeta name=\"generator\" content=\"WooCommerce x.x.x\">\u003C\u002Fcode> from \u003Ccode>\u003Chead>\u003C\u002Fcode>. Same reason as the WordPress version tag: stops advertising which version of WooCommerce you’re running.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WC Scripts on Non-WC Pages\u003C\u002Fstrong> – WooCommerce loads ~114 KB of CSS and JS on every page (woocommerce-general, woocommerce-layout, woocommerce-smallscreen, woocommerce.js, wc-add-to-cart.js, and woocommerce-blocktheme on block themes). Dequeues them all on non-shop, non-cart, non-checkout, and non-account pages. Up to ~30 KB gzipped saved per non-WooCommerce page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password Strength Meter\u003C\u002Fstrong> – WooCommerce already restricts wc-password-strength-meter to checkout and My Account pages where a password is required. This toggle is a secondary safety net for themes or plugins that enqueue the script more broadly, removing zxcvbn (~80 KB gzipped) wherever it loads unnecessarily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Status Dashboard Widget\u003C\u002Fstrong> – Removes the WooCommerce Status meta box from the WordPress admin dashboard. For stores managed from the WooCommerce screens directly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WC Block Patterns\u003C\u002Fstrong> – WooCommerce registers its own block patterns in the editor inserter. Remove them if your store does not use WooCommerce-provided patterns for page design – declutters the inserter and removes a small init overhead.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WC Legacy Widgets\u003C\u002Fstrong> – WooCommerce registers 12 legacy widgets on every page load even on block-based themes. Unregistering them removes the initialisation overhead and hides them from Appearance -> Widgets.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WC Version Header\u003C\u002Fstrong> – Removes the X-WooCommerce-Version HTTP response header that some WooCommerce extensions inject, closing the same version-leakage vector as the generator tag toggle.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stripe Gateway Scripts\u003C\u002Fstrong> – Prevents the WooCommerce Stripe Gateway from loading Stripe.js on product and cart pages when the Payment Request Button (Apple Pay \u002F Google Pay) is disabled in the Stripe settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Related Products\u003C\u002Fstrong> – On every product page WooCommerce queries products sharing the same categories or tags. On large catalogues this is a slow JOIN query. Removes both the query and the “Related products” section. Up-sells and cross-sells are not affected.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Login Page\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hide Login Error Details\u003C\u002Fstrong> – WordPress returns different errors for “unknown username” vs “incorrect password”, letting attackers confirm which usernames exist. Replaces all messages with a single generic response. Enabled by default.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Email Login\u003C\u002Fstrong> – WordPress 4.5+ allows login with an email address. On sites where emails are publicly visible this widens the brute-force surface. Enforces username-only login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Register Link\u003C\u002Fstrong> – Removes the “Register” link from the login page without disabling registration itself. Useful for invite-only setups with a direct registration URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Language Switcher\u003C\u002Fstrong> – WordPress 5.9+ adds a locale switcher to the login form. Removes it on single-language sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Password Reset\u003C\u002Fstrong> – Disables the lost-password flow entirely and removes the “Lost your password?” link from the login form. For sites where passwords are managed externally or by admins only (default OFF).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>A nod to YSlow\u003C\u002Fh4>\n\u003Cp>In 2007 Yahoo! released YSlow – a browser tool that graded pages against a checklist of performance rules: fewer HTTP requests, smaller payloads, nothing the browser didn’t ask for. Steve Souders and  …\u003C\u002Fp>\n","Disable unused WordPress features and remove bloat. 85 toggles for performance, security hardening, and WooCommerce — pure PHP, no .",100,6780,6,"2026-03-25T17:55:00.000Z","6.9.4","5.0","7.4",[19,20,21,22,23],"bloat","core-web-vitals","optimize","performance","speed","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-avoid-slow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.8.zip",0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":11,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"deshabhishek007",1,30,94,"2026-05-19T22:52:46.251Z",[38,61,82,101,119],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":15,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":26,"last_vuln_date":60,"fetched_at":28},"wp-fastest-cache","WP Fastest Cache – WordPress Cache Plugin","1.4.7","Emre Vona","https:\u002F\u002Fprofiles.wordpress.org\u002Femrevona\u002F","\u003Ch4>Official Website\u003C\u002Fh4>\n\u003Cp>You can find more information on our website (\u003Ca href=\"https:\u002F\u002Fwww.wpfastestcache.com\u002F\" rel=\"nofollow ugc\">wpfastestcache.com\u003C\u002Fa>)\u003C\u002Fp>\n\u003Cp>Welcome to the page of the WP Fastest Cache plugin, a WordPress cache plugin developed to speed up WordPress sites.\u003C\u002Fp>\n\u003Cp>In today’s world where every second counts, optimizing your website’s performance is very important. Meet WP Fastest Cache, your caching plugin that you can use to speed up WordPress websites. \u003C\u002Fp>\n\u003Cp>Optimize the performance of your website with WP Fastest Cache. Improve Google PageSpeed, Core Web Vitals, GTmetrix and Pingdom score with our wp cache plugin.\u003C\u002Fp>\n\u003Cp>In addition, page speed is a ranking factor in Google’s search algorithm. Therefore, using cache plugins helps improve your SEO ranking. Our WordPress optimization plugin not only accelerates your site but also boosts SEO rankings.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Mod_Rewrite which is the fastest method is used in this plugin\u003C\u002Fli>\n\u003Cli>All cache files are deleted when a post or page is published\u003C\u002Fli>\n\u003Cli>Admin can delete all cached files from the options page\u003C\u002Fli>\n\u003Cli>Admin can delete minified css and js files from the options page\u003C\u002Fli>\n\u003Cli>Block cache for specific page or post with Short Code\u003C\u002Fli>\n\u003Cli>Cache Timeout – All cached files are deleted at the determinated time\u003C\u002Fli>\n\u003Cli>Cache Timeout for specific pages\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable cache option for mobile devices\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable cache option for logged-in users\u003C\u002Fli>\n\u003Cli>SSL support\u003C\u002Fli>\n\u003Cli>CDN support – Effortlessly enhance website speed and performance with seamless CDN integration, supporting Bunny CDN, Cloudflare, and various other leading CDN providers. CDN integration modifies the URLs of static resources, enabling these assets to be served from your CDN service provider\u003C\u002Fli>\n\u003Cli>Cloudflare support – Cloudflare integration triggers the clearing of the cache on Cloudflare through API when a cache purge is initiated. As a result, WP Fastest Cache and Cloudflare operate seamlessly in tandem\u003C\u002Fli>\n\u003Cli>Preload Cache – Create the cache of all the site automatically\u003C\u002Fli>\n\u003Cli>Exclude pages and user-agents\u003C\u002Fli>\n\u003Cli>WP-CLI cache clearing\u003C\u002Fli>\n\u003Cli>Proxy Cache – Varnish Cache Integration to clear proxy cached content automatically when the cache created by WP Fastest Cache is cleared\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Performance Optimization\u003C\u002Fh4>\n\u003Cp>WP Fastest Cache is not only a wp cache plugin but also a speed optimization wordpress cache plugin. There are many features such as Minify Html, Minify Css, Enable Gzip Compression, Leverage Browser Caching, Add Expires Headers, Combine CSS, Combine JS, Disable Emoji.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Page Caching – Page caching feature generates and store static HTML files from your dynamic WordPress blog to reduce initial server response time, and improving page load time. Page cache and caching play a critical role in improving website speed and overall web performance. By storing frequently accessed data, effective caching reduces server workload and significantly improves cache performance, allowing pages to be delivered faster to users. This optimization directly lowers load time and enhances page speed, resulting in a smoother user experience and better SEO.\u003C\u002Fli>\n\u003Cli>Minify Html – Using an HTML minifier is an effective way to reduce HTML size and optimize HTML by removing unnecessary spaces, comments, and line breaks. A smaller HTML file helps reduce page size, which directly improves page speed and leads to a faster website experience for users. By focusing on web performance optimization, optimized HTML allows browsers to load and render pages more efficiently, helping to improve website speed, lower bandwidth usage, and deliver better overall performance across all devices\u003C\u002Fli>\n\u003Cli>Minify Css – CSS minify techniques play a crucial role in modern web development by reducing unnecessary characters through a reliable css minifier. With effective css compression, developers can compress CSS files and apply proper css minification to optimize CSS for production environments. This approach helps reduce CSS file size, which directly contributes to improve website speed and overall css performance optimization. As part of a broader page speed optimization strategy, these practices significantly enhance website performance optimization and lead to better website loading performance, especially on mobile and low-bandwidth connections\u003C\u002Fli>\n\u003Cli>Enable Gzip Compression – Reduce the size of files sent from your server to increase the speed to which they are transferred to the browser\u003C\u002Fli>\n\u003Cli>Leverage browser caching – Browser cache plays a critical role in how efficiently a web browser cache stores static resources like images, stylesheets, and scripts, directly impacting page load speed. By allowing returning visitors to load files from their local browser cache instead of downloading them again, websites can significantly reduce server requests and improve website speed. Properly configured browser caching not only creates a faster and smoother user experience but also helps lower bandwidth usage and enhance overall site performance\u003C\u002Fli>\n\u003Cli>Combine CSS – Reduce number of HTTP round-trips by combining multiple CSS resources into one\u003C\u002Fli>\n\u003Cli>Combine JS – Combining JavaScript files is a core technique in javascript optimization and js optimization, especially when the goal is to reduce requests and improve page load speed. By combine js assets or combine javascript files into a single bundle, developers can streamline how scripts are delivered to the browser. Whether you call it js combine or javascript combine, the idea is the same: fewer HTTP requests mean faster performance. Similarly, approaches that merge js or merge javascript—also known as js merge or javascript merge—help eliminate overhead caused by loading multiple separate files. When done correctly, combining and merging scripts leads to cleaner delivery, better caching, and noticeably faster websites\u003C\u002Fli>\n\u003Cli>Disable Emoji – You can remove the emoji inline css and wp-emoji-release.min.js\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Premium Performance Optimization\u003C\u002Fh4>\n\u003Cp>The free version is enough to speed up your site but in the premium version there are extra features such as Mobile Cache, Widget Cache, Minify HTML Plus, Minify CSS Plus, Minify JS, Combine JS Plus, Defer Javascript, Optimize Images, Convert WebP, Database Cleanup, Google Fonts Async, Lazy Load and Delay JS for super fast load times.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Mobile Cache\u003C\u002Fli>\n\u003Cli>Widget Cache\u003C\u002Fli>\n\u003Cli>Minify HTML Plus\u003C\u002Fli>\n\u003Cli>Minify CSS Plus\u003C\u002Fli>\n\u003Cli>Minify Javascript – Minify JS is a core step in web performance optimization because js minify techniques remove unnecessary characters, comments, and whitespace, making files smaller and faster to load. Through proper javascript minification, developers can compress JavaScript assets and significantly reduce transfer size, which directly supports effective js optimization and overall javascript optimization strategies. When combined with caching and code splitting, minified scripts help improve website speed, lower bandwidth usage, and enhance user experience. As a result, page speed optimization becomes easier to achieve, leading to faster render times and better search engine rankings.\u003C\u002Fli>\n\u003Cli>Combine JS Plus\u003C\u002Fli>\n\u003Cli>Defer Javascript – Eliminate render-blocking JavaScript resources. Consider delivering critical JS inline and deferring all non-critical JS\u003C\u002Fli>\n\u003Cli>Optimize Images – Optimized images load faster and consume less cellular data. Looking for an easy image compressor? Our tool lets you compress images instantly, including Compress JPEG and Compress PNG options. Enjoy fast image compression to reduce image size without losing quality. Perfect for quick image optimization with a smart image optimizer designed for all your needs.\u003C\u002Fli>\n\u003Cli>Convert WebP – Serve images in next-gen formats. Image formats like JPEG 2000, JPEG XR, and WebP often provide better compression than PNG or JPEG, which means faster downloads and less data consumption. A fast and reliable WebP converter helps you convert to WebP in seconds. Whether you need a WebP convert tool, a JPG to WEBP Converter, PNG to WEBP Converter, or a simple image to WebP option, you can easily optimize your images. Quickly handle JPG to WEBP, PNG to WEBP, jpg convert to webp, and png convert to webp tasks to reduce file size and improve web performance.\u003C\u002Fli>\n\u003Cli>Database Cleanup – To keep your system running smoothly, it’s important to clean database structures regularly and ensure you clean DB records that are no longer needed. A database cleaner is essential for effective database cleaning and long-term database optimization. By removing unused entries and organizing data efficiently, you can significantly improve database performance and speed up database operations. Modern db cleaner tools automate the entire db cleaning process, helping developers maintain fast, reliable, and scalable systems. The Database Cleanup feature clears out all of the garbage datas such as post revisions, trashed posts & pages, comments from trash & spam, trackbacks and pingbacks, transient options, orphaned post meta, comment meta, user meta, term meta, and term relationship etc.\u003C\u002Fli>\n\u003Cli>Google Fonts Async\u003C\u002Fli>\n\u003Cli>Lazy Load – Lazy loading technique improve page speed and overall website loading time by loading content only when it is needed. Using lazy load images, lazy loading images, lazy load videos, and lazy load iframe helps reduce initial load size, enhances web performance, and delivers a smoother user experience. When implemented correctly, these methods make it easier to optimize website performance, lower bandwidth usage, and ensure faster, more efficient page delivery for both users and search engines.\u003C\u002Fli>\n\u003Cli>Delay JS – The Delay JavaScript feature helps reduce the ‘Reduce unused JavaScript’ warning in the Google PageSpeed Insights tool\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Information\u003C\u002Fh4>\n\u003Cp>It is very inconvenient to use multiple caching plugins at the same time. That’s why you need to disable plugins such as LiteSpeed Cache, WP-Optimize, W3 Total Cache, WP Super Cache, SiteGround Optimizer, Breeze while using WP Fastest Cache.\u003C\u002Fp>\n\u003Cp>WP Fastest Cache is compatible with most popular plugins such as Contact Form 7, Yoast SEO, Elementor Website Builder, Classic Editor, Akismet Spam Protection, WooCommerce, Contact Form by WPForms, Really Simple SSL, All-in-One WP Migration, Yoast Duplicate Post, Wordfence Security – Firewall & Malware Scan, WordPress Importer, UpdraftPlus WordPress Backup Plugin, MonsterInsights, All in One SEO, WP Mail SMTP by WPForms.\u003C\u002Fp>\n\u003Ch4>Supported Languages\u003C\u002Fh4>\n\u003Cp>Although there are over 7000 languages spoken in the world today, we feel very lucky to support 30 languages for now.\u003C\u002Fp>\n\u003Cp>However, localizing or adapting a plugin to another language or culture is time consuming and a demanding task. That’s where the amazing Translation Contributors team of WordPress comes into play. These selfless people spent their precious time without expecting anything in return so that other people can use the add-ons more easily. We sincerely thank all of them.\u003C\u002Fp>\n\u003Cp>Chinese Simplified (China), Chinese Traditional (Taiwan), Czech, Dutch (Belgium), Dutch (Netherlands), English (South Africa), English (UK), Finnish, French (France), Galician, German (Germany), Hungarian, Indonesian, Italian, Japanese, Korean (Korea), Persian, Russian, Slovak (Slovakia), Slovenian, Spanish (Argentina), Spanish (Chile), Spanish (Colombia), Spanish (Ecuador), Spanish (Mexico), Spanish (Spain), Spanish (Venezuela), Swedish, Turkish, Ukrainian\u003C\u002Fp>\n","The simplest and fastest WP Cache system",1000000,64008681,98,4210,"2026-04-07T18:56:00.000Z","5.7","",[54,20,21,55,22],"cache","pagespeed","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-fastest-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-fastest-cache.1.4.7.zip",76,35,"2025-11-26 21:34:28",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":35,"num_ratings":71,"last_updated":72,"tested_up_to":15,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":77,"download_link":78,"security_score":79,"vuln_count":80,"unpatched_count":26,"last_vuln_date":81,"fetched_at":28},"autoptimize","Autoptimize","3.1.15.1","Optimizing Matters","https:\u002F\u002Fprofiles.wordpress.org\u002Foptimizingmatters\u002F","\u003Cp>Autoptimize makes optimizing your site really easy. It can aggregate, minify and cache scripts and styles, injects CSS in the page head by default but can also inline critical CSS and defer the aggregated full CSS, moves and defers scripts to the footer and minifies HTML. You can optimize and lazy-load images (with support for WebP and AVIF formats), optimize Google Fonts, async non-aggregated JavaScript, remove WordPress core emoji cruft and more. As such it can improve your site’s performance even when already on HTTP\u002F2! There is extensive API available to enable you to tailor Autoptimize to each and every site’s specific needs.\u003Cbr \u002F>\nIf you think performance indeed is important, you should at least consider one of the many free page caching plugins (e.g. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fspeed-booster-pack\u002F\" rel=\"ugc\">Speed Booster pack\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcache-enabler\" rel=\"ugc\">KeyCDN’s Cache Enabler\u003C\u002Fa>) to complement Autoptimize or even \u003Ca href=\"https:\u002F\u002Fmisc.optimizingmatters.com\u002Fpartners\u002F?from=partnertab&partner=aopro\" rel=\"nofollow ugc\">consider Autoptimize Pro\u003C\u002Fa> which not only has page caching but also image optimization, CDN, critical CSS and more!\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Autoptimize Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fmisc.optimizingmatters.com\u002Fpartners\u002F?from=partnertab&partner=aopro\" rel=\"nofollow ugc\">Autoptimize Pro is a premium Power-Up\u003C\u002Fa>, adding image optimization, CDN, page caching, automatic critical CSS rules and extra “booster” options, all in one handy subscription to \u003Ca href=\"https:\u002F\u002Fmisc.optimizingmatters.com\u002Fpartners\u002F?from=partnertab&partner=aopro\" rel=\"nofollow ugc\">make your site even faster!\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Premium Support\u003C\u002Fstrong>\u003Cbr \u002F>\n  We provide great \u003Ca href=\"https:\u002F\u002Fmisc.optimizingmatters.com\u002Fpartners\u002F?from=partnertab&partner=autoptimizepro\" rel=\"nofollow ugc\">Premium Support and Web Performance Optimization services\u003C\u002Fa> with Accelera, check out our offering on \u003Ca href=\"https:\u002F\u002Fmisc.optimizingmatters.com\u002Fpartners\u002F?from=partnertab&partner=autoptimizepro\" rel=\"nofollow ugc\">https:\u002F\u002Faccelerawp.com\u002F\u003C\u002Fa>!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>(Speed-surfing image under creative commons \u003Ca href=\"https:\u002F\u002Fwww.flickr.com\u002Fphotos\u002Ftwistiti\u002F818552808\u002F\" rel=\"nofollow ugc\">by LL Twistiti\u003C\u002Fa>)\u003C\u002Fp>\n","Autoptimize speeds up your website by optimizing JS, CSS, images (incl. lazy-load), HTML and Google Fonts, asyncing JS, removing emoji cruft and more.",900000,43632206,1425,"2026-04-04T07:44:00.000Z","5.3","7.1",[20,76,21,55,22],"images","https:\u002F\u002Fautoptimize.com\u002Fpro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautoptimize.3.1.15.1.zip",77,12,"2026-03-20 00:00:00",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":15,"requires_at_least":95,"requires_php":52,"tags":96,"homepage":97,"download_link":98,"security_score":48,"vuln_count":99,"unpatched_count":26,"last_vuln_date":100,"fetched_at":28},"add-expires-headers","AEH Speed Optimization: Browser Cache, Optimized Minify, Lazy Loading & Image Optimization","3.1.0","Passionate Brains","https:\u002F\u002Fprofiles.wordpress.org\u002Fpassionatebrains\u002F","\u003Cp>AEH Speed Optimization boosts site speed with caching, minification, lazy loading, and image optimization to improve performance and SEO.\u003C\u002Fp>\n\u003Ch4>Advantages\u003C\u002Fh4>\n\u003Cp>1) Serves static assets with an efficient cache policy helps to leverage browser caching.\u003C\u002Fp>\n\u003Cp>2) Reduces page loading time of website.\u003C\u002Fp>\n\u003Cp>3) Improves user experience as page loads very quickly than before.\u003C\u002Fp>\n\u003Cp>4) Decreases total data-size of page.\u003C\u002Fp>\n\u003Cp>5) Larger band of predefined file types are covered so it will increase bandwidth of files which can have expiry headers.\u003C\u002Fp>\n\u003Cp>6) You can have different expire time for cache base on type of resources.\u003C\u002Fp>\n\u003Cp>7) Merge multiple CSS files into one helps reducing http requests and improving page load speed.\u003C\u002Fp>\n\u003Cp>8) Async loading of processed CSS files.\u003C\u002Fp>\n\u003Cp>9) Minify CSS files which reduce data transfer requirement hence increase page load speed.\u003C\u002Fp>\n\u003Cp>10) Inline small footer CSS files which helps to improve page speed.\u003C\u002Fp>\n\u003Cp>11) Escape admin users from minification to avoid page builders related issues.\u003C\u002Fp>\n\u003Cp>12) Lazy loading support for images, iframes, and videos.\u003C\u002Fp>\n\u003Cp>13) Widgets and shortcodes can also be lazy loaded.\u003C\u002Fp>\n\u003Cp>14) Lazy loading fully supports responsive images for better performance across devices.\u003C\u002Fp>\n\u003Cp>15) Custom placeholder images can be used during lazy loading.\u003C\u002Fp>\n\u003Cp>16) Exclude critical elements from lazy loading to ensure essential visuals load immediately.\u003C\u002Fp>\n\u003Ch4>Pro Features\u003C\u002Fh4>\n\u003Cp>1) Ability to add expires headers to External Resources\u003C\u002Fp>\n\u003Cp>2) Adding new file types for adding expires headers\u003C\u002Fp>\n\u003Cp>3) Refresh cache periodically\u003C\u002Fp>\n\u003Cp>4) Unset Entity Tags\u003C\u002Fp>\n\u003Cp>5) HTTP(Gzip) compression\u003C\u002Fp>\n\u003Cp>6) Prevent Specific files from caching\u003C\u002Fp>\n\u003Cp>7) Removing version info from files\u003C\u002Fp>\n\u003Cp>8) Inline google fonts helps to load page faster and reduce external http requests.\u003C\u002Fp>\n\u003Cp>9) Merge multiple JS files into one helps reducing http requests and improving page load speed.\u003C\u002Fp>\n\u003Cp>10) Minify JS files which reduce data transfer requirement hence increase page load speed.\u003C\u002Fp>\n\u003Cp>11) Plugin offers Defer scripts option to speed up rendering process.\u003C\u002Fp>\n\u003Cp>12) HTML minification helps to reduce overall data size of page.\u003C\u002Fp>\n\u003Cp>13) Automatically convert images to optimized formats like WebP or AVIF for faster delivery without manual effort.\u003C\u002Fp>\n\u003Cp>14) Smartly resize and serve images based on screen size and device type to minimize bandwidth and boost speed.\u003C\u002Fp>\n\u003Cp>15) Support next-gen formats like WebP and AVIF for superior compression, smaller files, and sharper visuals.\u003C\u002Fp>\n\u003Cp>16) Track image optimization stats, savings, and performance improvements directly from your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>17) Automatically deliver the perfect image size for every device, ensuring crisp visuals and smooth performance.\u003C\u002Fp>\n\u003Cp>18) Optimize images without visible loss in clarity—maintaining pixel perfection while reducing file size.\u003C\u002Fp>\n\u003Cp>19) Works out-of-the-box with WordPress and major themes or plugins, no setup hassles or coding required.\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>For Plugin documentation, please refer our \u003Ca href=\"https:\u002F\u002Fwww.addexpiresheaders.com\u002Fdocumentation\" rel=\"follow nofollow ugc\">plugin website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>1) Make sure that the “mod_expires” module is enabled on your website hosting server.\u003C\u002Fp>\n\u003Cp>2) It is necessary to have read\u002Fwrite permission of .htaccess file to plugin. If not then update file permissions accordingly.\u003C\u002Fp>\n\u003Cp>3) check status page of plugin for more info.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>To use this plugin do the following:\u003C\u002Fp>\n\u003Cp>1) Firstly activate Plugin.\u003C\u002Fp>\n\u003Cp>2) Go to plugin settings page.\u003C\u002Fp>\n\u003Cp>3) Check Files types you want to have expires headers and also add respective expires days for mime type using input box and make sure you enable respective mime type, for which group of files you want to add expires headers.\u003C\u002Fp>\n\u003Cp>4) Once you hit “submit” button all options you selected in settings page saved database of website and accordingly .htaccess file will updated and add expires headers for respective selected files.\u003C\u002Fp>\n\u003Cp>5) For Minification check respective settings at Minification Tab of plugin settings page.\u003C\u002Fp>\n\u003Cp>6) For Lazy Loading check respective settings at Lazy Loading Tab of plugin settings page.\u003C\u002Fp>\n","AEH Speed Optimization boosts site speed with caching, minification, lazy loading, and image optimization to improve performance and SEO.",2000,206317,64,20,"2025-12-04T12:05:00.000Z","3.5",[54,20,21,55,22],"http:\u002F\u002Fwww.addexpiresheaders.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-expires-headers.3.1.0.zip",2,"2026-01-09 10:51:54",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":26,"num_ratings":26,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":52,"download_link":117,"security_score":118,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"admin-speedo","Admin Speedo","2.4.1","Rajin Sharwar","https:\u002F\u002Fprofiles.wordpress.org\u002Frajinsharwar\u002F","\u003Cp>AdminSpeedo is a simple method of boosting your WordPress admin dashboard and freeing your site code from unnecessary and not needed items.\u003Cbr \u002F>\nThis plugin drastically improve loading time for your WordPress admin dashboard within seconds. It adds most of the recommended optimization functions for your WordPress admin, and reduces bloat of your dashboard. This plugin will also help to reduce bloating of most of the popular plugins like Woocommerce, Elementor and Jetpack. Easily manage the settings of the plugin from the ‘Admin Speedo’ admin menu.\u003C\u002Fp>\n\u003Ch3>Functions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Moves JQuery to Footer for fast loading.\u003C\u002Fli>\n\u003Cli>Reduces number of queried fields.\u003C\u002Fli>\n\u003Cli>Removes Admin Widgets from Admin Dashboard.\u003C\u002Fli>\n\u003Cli>Minifies the HTML, CSS and JS for the WordPress admin Dashboard.\u003C\u002Fli>\n\u003Cli>Schedules daily optimization of Database.\u003C\u002Fli>\n\u003Cli>Turns Template Editor off.\u003C\u002Fli>\n\u003Cli>Limits the rate of WordPress Heartbeat API.\u003C\u002Fli>\n\u003Cli>Turns off Jetpack promotions.\u003C\u002Fli>\n\u003Cli>Disables external HTTP API calls in WordPress Backend.\u003C\u002Fli>\n\u003Cli>Disables unwanted promotion admin notices from external plugins and themes.\u003C\u002Fli>\n\u003Cli>Clears off transients automatically in every two days.\u003C\u002Fli>\n\u003Cli>Removes Link rel=shortlink from HTTP.\u003C\u002Fli>\n\u003Cli>Removes WordPress version.\u003C\u002Fli>\n\u003Cli>Removes RSD Link.\u003C\u002Fli>\n\u003Cli>Removes WLW Link.\u003C\u002Fli>\n\u003Cli>Defers parsing of JS.\u003C\u002Fli>\n\u003Cli>Removes WordPress Emojis.\u003C\u002Fli>\n\u003Cli>Removes Query Strings from Static resources.\u003C\u002Fli>\n\u003Cli>Disables XML-RPC API.\u003C\u002Fli>\n\u003Cli>Removes Admin footer Text.\u003C\u002Fli>\n\u003Cli>Removes S.W.org DNS prefetch.\u003C\u002Fli>\n\u003Cli>Turns off WordPress Password strenth meter.\u003C\u002Fli>\n\u003Cli>Removes Marketing Hub of Woocommerce.\u003C\u002Fli>\n\u003Cli>Removes Woocommerce promotional admin notice.\u003C\u002Fli>\n\u003Cli>Turns off Woocommerce MetaBox.\u003C\u002Fli>\n\u003Cli>Turns off setup dashboard for Woocommerce.\u003C\u002Fli>\n\u003Cli>Turns off marketplace suggestions for Woocommerce.\u003C\u002Fli>\n\u003Cli>Turns off Widgets for Woocommerce.\u003C\u002Fli>\n\u003Cli>Turns off Elementor Widgets dashboards.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>If you website utilizes any of the above function, you may choose to turn off of these optmizations from the settings page of the plugin. If you are unsure, about how you should do that, you can contact me via the support forum.\u003C\u002Fh4>\n","AdminSpeedo is a simple method of boosting your WordPress admin dashboard and freeing your site code from unnecessary and not needed items.",10,1854,"2022-12-11T09:27:00.000Z","6.1.10","3.9","5.6",[116,20,21,55,22],"caching","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-speedo.2.4.1.zip",85,{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":109,"downloaded":127,"rating":26,"num_ratings":26,"last_updated":128,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":129,"homepage":132,"download_link":133,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"optimator","Optimator – Simplify and streamline WordPress by removing unnecessary data and functionalities","1.0.0","Engramium","https:\u002F\u002Fprofiles.wordpress.org\u002Fengramium\u002F","\u003Cp>Fast-loading websites improves the user experience, increases the website views, and can even help with WordPress SEO. Introducing Optimator, the most useful WordPress speed optimization plugin to boost WordPress performance and speed up your website.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLp1IjxLUmbk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>✨ FEATURES ✨\u003C\u002Fh4>\n\u003Cp>** Quick-toggle options **\u003Cbr \u002F>\n* Disable emojis\u003Cbr \u002F>\n* Disable embeds\u003Cbr \u002F>\n* Disable dashicons\u003Cbr \u002F>\n* Disable XML-RPC\u003Cbr \u002F>\n* Remove jQuery migrate\u003Cbr \u002F>\n* Hide WP Version\u003Cbr \u002F>\n* Remove wlwmanifest link\u003Cbr \u002F>\n* Remove RSD link\u003Cbr \u002F>\n* Remove shortlink\u003Cbr \u002F>\n* Disable RSS feeds\u003Cbr \u002F>\n* Remove RSS feed links\u003Cbr \u002F>\n* Disable self pingbacks\u003Cbr \u002F>\n* Disable REST API\u003Cbr \u002F>\n* Remove REST API links\u003Cbr \u002F>\n* Disable Google Maps\u003Cbr \u002F>\n* Disable password strength meter\u003Cbr \u002F>\n* Disable Comments\u003Cbr \u002F>\n* Disable Comments URL\u003Cbr \u002F>\n* Add blank favicon\u003Cbr \u002F>\n* Disable Global Styles\u003Cbr \u002F>\n* Disable HeartBeat\u003Cbr \u002F>\n* Set heartbeat frequency\u003Cbr \u002F>\n* Limit Post Revisions\u003Cbr \u002F>\n* Autosave Interval\u003Cbr \u002F>\n* Disable Thumbnail Size\u003Cbr \u002F>\n* Disable Medium Size\u003Cbr \u002F>\n* Disable Large Size\u003Cbr \u002F>\n* Disable Medium Large\u003Cbr \u002F>\n* Disable 1536×1536\u003Cbr \u002F>\n* Disable 2048×2048\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>To use the plugin there aren’t any extra requirements. But it’s always recommended to use the latest version of WordPress.\u003C\u002Fp>\n","Simplify and streamline WordPress by removing unnecessary data and functionalities.",3420,"2026-01-10T14:04:00.000Z",[21,22,23,130,131],"tweaks","unbloat","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Foptimator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foptimator.1.0.0.zip",{"attackSurface":135,"codeSignals":499,"taintFlows":536,"riskAssessment":537,"analyzedAt":545},{"hooks":136,"ajaxHandlers":495,"restRoutes":496,"shortcodes":497,"cronEvents":498,"entryPointCount":26,"unprotectedCount":26},[137,143,147,151,155,159,163,166,171,173,176,181,184,188,192,196,199,203,207,210,213,217,221,224,228,231,234,237,240,243,247,251,253,258,261,264,267,270,273,277,280,284,287,290,293,296,300,304,308,311,315,318,322,326,329,333,336,340,342,345,349,354,357,361,364,365,368,370,374,379,383,386,388,390,392,396,398,400,402,405,409,412,415,420,423,427,430,432,434,436,438,442,445,447,450,452,454,459,462,464,467,470,473,475,478,481,483,486,488,490],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","admin_menu","add_menu_page","admin\\class-wp-avoid-slow-admin-page.php",24,{"type":138,"name":144,"callback":145,"file":141,"line":146},"admin_init","register_settings",25,{"type":138,"name":148,"callback":149,"file":141,"line":150},"admin_notices","maybe_show_notice",26,{"type":138,"name":152,"callback":153,"file":141,"line":154},"admin_enqueue_scripts","enqueue_assets",27,{"type":138,"name":156,"callback":157,"file":141,"line":158},"admin_post_wp_avoid_slow_reset","handle_reset",28,{"type":138,"name":160,"callback":161,"priority":33,"file":162,"line":58},"template_redirect","block_user_enumeration","includes\\modules\\class-wp-avoid-slow-admin-hardening.php",{"type":138,"name":160,"callback":164,"priority":33,"file":162,"line":165},"disable_author_archives",80,{"type":167,"name":168,"callback":169,"file":162,"line":170},"filter","wp_is_application_passwords_available","__return_false",90,{"type":167,"name":172,"callback":169,"file":162,"line":35},"admin_email_check_interval",{"type":167,"name":174,"callback":175,"file":162,"line":48},"wp_headers","remove_pingback_header",{"type":138,"name":177,"callback":178,"priority":179,"file":162,"line":180},"admin_bar_menu","clean_admin_bar",999,102,{"type":138,"name":144,"callback":182,"file":162,"line":183},"hide_update_nag",106,{"type":167,"name":185,"callback":186,"file":162,"line":187},"rest_authentication_errors","restrict_rest_api",110,{"type":138,"name":189,"callback":190,"file":162,"line":191},"wp_loaded","redirect_unauthenticated_admin",114,{"type":167,"name":193,"callback":194,"priority":109,"file":162,"line":195},"wp_sitemaps_add_provider","hide_author_sitemap",118,{"type":167,"name":197,"callback":169,"file":162,"line":198},"x_redirect_by",122,{"type":138,"name":200,"callback":201,"file":162,"line":202},"send_headers","hide_php_version_header",126,{"type":167,"name":204,"callback":205,"file":162,"line":206},"wp_php_error_message","generic_php_errors",130,{"type":167,"name":208,"callback":169,"file":162,"line":209},"show_admin_bar",134,{"type":138,"name":144,"callback":211,"file":162,"line":212},"remove_dashboard_welcome_panel",138,{"type":138,"name":214,"callback":215,"file":162,"line":216},"wp_dashboard_setup","remove_dashboard_widgets",142,{"type":167,"name":218,"callback":219,"file":162,"line":220},"admin_footer_text","__return_empty_string",146,{"type":167,"name":222,"callback":219,"file":162,"line":223},"update_footer",147,{"type":167,"name":225,"callback":226,"file":162,"line":227},"rest_endpoints","disable_rest_users_endpoint",151,{"type":167,"name":229,"callback":169,"file":162,"line":230},"send_email_change_email",155,{"type":167,"name":232,"callback":169,"file":162,"line":233},"send_password_change_email",156,{"type":167,"name":235,"callback":169,"file":162,"line":236},"auto_core_update_send_email",160,{"type":167,"name":238,"callback":169,"file":162,"line":239},"auto_plugin_update_send_email",161,{"type":167,"name":241,"callback":169,"file":162,"line":242},"auto_theme_update_send_email",162,{"type":138,"name":244,"callback":245,"file":246,"line":92},"init","disable_emojis","includes\\modules\\class-wp-avoid-slow-bloat-remover.php",{"type":138,"name":244,"callback":248,"priority":249,"file":246,"line":250},"disable_embeds",9,68,{"type":138,"name":244,"callback":252,"file":246,"line":79},"remove_head_bloat",{"type":167,"name":254,"callback":255,"priority":256,"file":246,"line":257},"script_loader_src","remove_query_strings",15,81,{"type":167,"name":259,"callback":255,"priority":256,"file":246,"line":260},"style_loader_src",82,{"type":167,"name":262,"callback":255,"priority":256,"file":246,"line":263},"script_module_loader_src",84,{"type":167,"name":265,"callback":169,"file":246,"line":266},"xmlrpc_enabled",88,{"type":167,"name":174,"callback":268,"file":246,"line":269},"remove_x_pingback",89,{"type":138,"name":152,"callback":271,"file":246,"line":272},"throttle_heartbeat",93,{"type":138,"name":274,"callback":275,"priority":11,"file":246,"line":276},"wp_enqueue_scripts","remove_dashicons_frontend",97,{"type":138,"name":244,"callback":278,"file":246,"line":279},"remove_more_head_bloat",104,{"type":167,"name":281,"callback":282,"file":246,"line":283},"wp_speculation_rules_configuration","__return_null",108,{"type":138,"name":160,"callback":285,"priority":33,"file":246,"line":286},"disable_feeds_completely",112,{"type":138,"name":244,"callback":288,"file":246,"line":289},"disable_comment_autolinks",116,{"type":138,"name":152,"callback":291,"file":246,"line":292},"disable_autosave",120,{"type":138,"name":244,"callback":294,"file":246,"line":295},"remove_dns_prefetch",124,{"type":167,"name":297,"callback":298,"file":246,"line":299},"show_recent_comments_widget_style","remove_recent_comments_style",128,{"type":167,"name":301,"callback":302,"file":246,"line":303},"tiny_mce_plugins","disable_emojis_tinymce",148,{"type":167,"name":305,"callback":306,"priority":109,"file":246,"line":307},"wp_resource_hints","remove_emoji_dns_prefetch",149,{"type":167,"name":309,"callback":169,"file":246,"line":310},"embed_oembed_discover",191,{"type":167,"name":312,"callback":313,"file":246,"line":314},"rewrite_rules_array","disable_embed_rewrite",199,{"type":138,"name":274,"callback":316,"priority":11,"file":246,"line":317},"dequeue_embed_script",202,{"type":167,"name":319,"callback":169,"file":320,"line":321},"should_load_remote_block_patterns","includes\\modules\\class-wp-avoid-slow-block-editor.php",51,{"type":138,"name":244,"callback":323,"priority":324,"file":320,"line":325},"disable_block_patterns",5,57,{"type":138,"name":244,"callback":327,"file":320,"line":328},"disable_block_directory",61,{"type":167,"name":330,"callback":331,"file":320,"line":332},"block_editor_settings_all","disable_font_library",65,{"type":167,"name":334,"callback":169,"file":320,"line":335},"use_widgets_block_editor",70,{"type":138,"name":337,"callback":338,"file":339,"line":35},"pre_get_posts","no_found_rows_single","includes\\modules\\class-wp-avoid-slow-database.php",{"type":138,"name":244,"callback":341,"file":339,"line":48},"remove_adjacent_posts_links",{"type":167,"name":343,"callback":344,"file":339,"line":180},"empty_trash_days","reduce_trash_period",{"type":167,"name":259,"callback":346,"priority":109,"file":347,"line":348},"google_fonts_display_swap","includes\\modules\\class-wp-avoid-slow-image.php",66,{"type":167,"name":350,"callback":351,"priority":352,"file":347,"line":353},"the_content","add_image_dimensions",900,71,{"type":167,"name":355,"callback":351,"priority":352,"file":347,"line":356},"post_thumbnail_html",72,{"type":138,"name":358,"callback":359,"file":347,"line":360},"wp","reset_image_counter",78,{"type":167,"name":350,"callback":362,"priority":179,"file":347,"line":363},"process_content_images",79,{"type":167,"name":355,"callback":362,"priority":179,"file":347,"line":165},{"type":167,"name":366,"callback":367,"file":347,"line":263},"fallback_intermediate_image_sizes","disable_pdf_thumbnails",{"type":167,"name":369,"callback":169,"file":347,"line":266},"big_image_size_threshold",{"type":167,"name":371,"callback":372,"file":347,"line":373},"intermediate_image_sizes_advanced","disable_extra_image_sizes",92,{"type":167,"name":375,"callback":376,"file":377,"line":378},"login_errors","hide_login_errors","includes\\modules\\class-wp-avoid-slow-login.php",54,{"type":167,"name":380,"callback":381,"priority":34,"file":377,"line":382},"authenticate","disable_login_by_email",58,{"type":167,"name":384,"callback":219,"file":377,"line":385},"register",62,{"type":167,"name":387,"callback":169,"file":377,"line":348},"login_display_language_dropdown",{"type":167,"name":389,"callback":169,"file":377,"line":335},"allow_password_reset",{"type":167,"name":391,"callback":219,"file":377,"line":353},"lostpassword_url",{"type":138,"name":393,"callback":394,"file":395,"line":250},"wp_default_scripts","remove_jquery_migrate","includes\\modules\\class-wp-avoid-slow-script-style.php",{"type":138,"name":274,"callback":397,"priority":11,"file":395,"line":356},"remove_block_library_css",{"type":138,"name":274,"callback":399,"priority":33,"file":395,"line":79},"remove_global_styles",{"type":138,"name":244,"callback":401,"file":395,"line":257},"remove_svg_duotone",{"type":167,"name":403,"callback":404,"file":395,"line":118},"script_loader_tag","remove_type_attr_script",{"type":167,"name":406,"callback":407,"file":395,"line":408},"style_loader_tag","remove_type_attr_style",86,{"type":167,"name":403,"callback":410,"priority":93,"file":395,"line":411},"add_defer_attribute",91,{"type":138,"name":274,"callback":413,"priority":179,"file":395,"line":414},"move_scripts_to_footer",95,{"type":138,"name":416,"callback":417,"file":418,"line":419},"pre_ping","disable_self_pings","includes\\modules\\class-wp-avoid-slow-tweaks.php",55,{"type":138,"name":244,"callback":421,"file":418,"line":422},"disable_capital_p_dangit",59,{"type":167,"name":424,"callback":425,"priority":109,"file":418,"line":426},"wp_revisions_to_keep","limit_revisions",63,{"type":138,"name":160,"callback":428,"file":418,"line":429},"disable_attachment_pages",67,{"type":138,"name":160,"callback":431,"file":418,"line":353},"disable_search",{"type":167,"name":433,"callback":219,"file":418,"line":356},"get_search_form",{"type":167,"name":435,"callback":169,"priority":93,"file":418,"line":263},"comments_open",{"type":167,"name":437,"callback":169,"priority":93,"file":418,"line":118},"pings_open",{"type":167,"name":439,"callback":440,"priority":93,"file":418,"line":441},"comments_array","__return_empty_array",87,{"type":167,"name":443,"callback":444,"priority":93,"file":418,"line":266},"get_comments_number","__return_zero",{"type":167,"name":446,"callback":169,"file":418,"line":170},"feed_links_show_comments_feed",{"type":138,"name":139,"callback":448,"priority":449,"file":418,"line":272},"disable_comments_menu",9999,{"type":138,"name":177,"callback":451,"priority":179,"file":418,"line":35},"disable_comments_admin_bar",{"type":138,"name":214,"callback":453,"file":418,"line":414},"disable_comments_dashboard_widget",{"type":138,"name":274,"callback":455,"priority":456,"file":457,"line":458},"disable_wc_cart_fragments",99,"includes\\modules\\class-wp-avoid-slow-woocommerce.php",56,{"type":138,"name":244,"callback":460,"file":457,"line":461},"remove_wc_generator",60,{"type":138,"name":274,"callback":463,"priority":456,"file":457,"line":92},"disable_wc_scripts_on_non_wc_pages",{"type":138,"name":465,"callback":466,"priority":456,"file":457,"line":332},"enqueue_block_assets","disable_wc_blocktheme_on_non_wc_pages",{"type":138,"name":274,"callback":468,"priority":456,"file":457,"line":469},"disable_wc_password_strength",69,{"type":138,"name":214,"callback":471,"priority":93,"file":457,"line":472},"disable_wc_dashboard_widget",73,{"type":138,"name":244,"callback":474,"priority":93,"file":457,"line":79},"remove_wc_block_patterns",{"type":167,"name":476,"callback":477,"file":457,"line":360},"woocommerce_admin_features","filter_wc_admin_features",{"type":138,"name":479,"callback":480,"priority":456,"file":457,"line":260},"widgets_init","disable_wc_widgets",{"type":167,"name":174,"callback":482,"file":457,"line":408},"remove_wc_version_header",{"type":167,"name":484,"callback":485,"file":457,"line":170},"wc_stripe_load_scripts_on_product_page_when_prbs_disabled","disable_wc_stripe_scripts",{"type":167,"name":487,"callback":485,"file":457,"line":411},"wc_stripe_load_scripts_on_cart_page_when_prbs_disabled",{"type":167,"name":489,"callback":440,"file":457,"line":414},"woocommerce_related_products",{"type":138,"name":491,"callback":492,"priority":93,"file":493,"line":494},"plugins_loaded","wp_avoid_slow_boot","wp-avoid-slow.php",170,[],[],[],[],{"dangerousFunctions":500,"sqlUsage":501,"outputEscaping":506,"fileOperations":26,"externalRequests":26,"nonceChecks":33,"capabilityChecks":534,"bundledLibraries":535},[],{"prepared":26,"raw":33,"locations":502},[503],{"file":504,"line":146,"context":505},"uninstall.php","$wpdb->get_col() with variable interpolation",{"escaped":507,"rawEcho":80,"locations":508},21,[509,512,514,516,518,520,522,524,526,528,530,532],{"file":141,"line":510,"context":511},956,"raw output",{"file":141,"line":513,"context":511},965,{"file":141,"line":515,"context":511},974,{"file":141,"line":517,"context":511},983,{"file":141,"line":519,"context":511},992,{"file":141,"line":521,"context":511},1001,{"file":141,"line":523,"context":511},1010,{"file":141,"line":525,"context":511},1020,{"file":141,"line":527,"context":511},1026,{"file":141,"line":529,"context":511},1035,{"file":141,"line":531,"context":511},1215,{"file":141,"line":533,"context":511},1223,3,[],[],{"summary":538,"deductions":539},"The \"wp-avoid-slow\" v1.9.7 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any known vulnerabilities (CVEs) in its history and the clean taint analysis results are highly positive indicators.  The plugin also demonstrates good practices by implementing nonce and capability checks.  However, a significant concern arises from the single SQL query found, which is not using prepared statements. This represents a potential for SQL injection vulnerabilities if the data involved in this query originates from user input without proper sanitization.  While the output escaping is at a reasonable level, the presence of unescaped outputs, even if a minority, still poses a minor risk of cross-site scripting (XSS) vulnerabilities.",[540,543],{"reason":541,"points":542},"Raw SQL query without prepared statements",7,{"reason":544,"points":534},"Unescaped output identified","2026-03-16T20:56:59.369Z",{"wat":547,"direct":556},{"assetPaths":548,"generatorPatterns":551,"scriptPaths":552,"versionParams":553},[549,550],"\u002Fwp-content\u002Fplugins\u002Fwp-avoid-slow\u002Fassets\u002Fcss\u002Fbackend.css","\u002Fwp-content\u002Fplugins\u002Fwp-avoid-slow\u002Fassets\u002Fjs\u002Fbackend.js",[],[550],[554,555],"wp-avoid-slow\u002Fassets\u002Fcss\u002Fbackend.css?ver=","wp-avoid-slow\u002Fassets\u002Fjs\u002Fbackend.js?ver=",{"cssClasses":557,"htmlComments":558,"htmlAttributes":560,"restEndpoints":561,"jsGlobals":563,"shortcodeOutput":565},[],[559],"\u003C!-- This is a placeholder for the admin bar -->",[],[562],"\u002Fwp-json\u002Fwp-avoid-slow\u002Fv1\u002Foptions",[564],"WP_Avoid_Slow_Admin",[],{"error":567,"url":568,"statusCode":569,"statusMessage":570,"message":570},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-avoid-slow\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":572,"versions":573},22,[574,580,587,594,601,608,615,622,629,636,643,650,657,664,671,678,685,692,698,705,712,719],{"version":6,"download_url":25,"svn_tag_url":575,"released_at":27,"has_diff":576,"diff_files_changed":577,"diff_lines":27,"trac_diff_url":578,"vulnerabilities":579,"is_current":567},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.8\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.7&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.8",[],{"version":581,"download_url":582,"svn_tag_url":583,"released_at":27,"has_diff":576,"diff_files_changed":584,"diff_lines":27,"trac_diff_url":585,"vulnerabilities":586,"is_current":576},"1.9.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.6&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.7",[],{"version":588,"download_url":589,"svn_tag_url":590,"released_at":27,"has_diff":576,"diff_files_changed":591,"diff_lines":27,"trac_diff_url":592,"vulnerabilities":593,"is_current":576},"1.9.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.5&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.6",[],{"version":595,"download_url":596,"svn_tag_url":597,"released_at":27,"has_diff":576,"diff_files_changed":598,"diff_lines":27,"trac_diff_url":599,"vulnerabilities":600,"is_current":576},"1.9.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.4&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.5",[],{"version":602,"download_url":603,"svn_tag_url":604,"released_at":27,"has_diff":576,"diff_files_changed":605,"diff_lines":27,"trac_diff_url":606,"vulnerabilities":607,"is_current":576},"1.9.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.3&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.4",[],{"version":609,"download_url":610,"svn_tag_url":611,"released_at":27,"has_diff":576,"diff_files_changed":612,"diff_lines":27,"trac_diff_url":613,"vulnerabilities":614,"is_current":576},"1.9.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.1&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.3",[],{"version":616,"download_url":617,"svn_tag_url":618,"released_at":27,"has_diff":576,"diff_files_changed":619,"diff_lines":27,"trac_diff_url":620,"vulnerabilities":621,"is_current":576},"1.9.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.9.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.1",[],{"version":623,"download_url":624,"svn_tag_url":625,"released_at":27,"has_diff":576,"diff_files_changed":626,"diff_lines":27,"trac_diff_url":627,"vulnerabilities":628,"is_current":576},"1.9.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.9.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.9.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.8.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.9.0",[],{"version":630,"download_url":631,"svn_tag_url":632,"released_at":27,"has_diff":576,"diff_files_changed":633,"diff_lines":27,"trac_diff_url":634,"vulnerabilities":635,"is_current":576},"1.8.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.8.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.8.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.7.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.8.0",[],{"version":637,"download_url":638,"svn_tag_url":639,"released_at":27,"has_diff":576,"diff_files_changed":640,"diff_lines":27,"trac_diff_url":641,"vulnerabilities":642,"is_current":576},"1.7.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.7.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.7.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.6.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.7.0",[],{"version":644,"download_url":645,"svn_tag_url":646,"released_at":27,"has_diff":576,"diff_files_changed":647,"diff_lines":27,"trac_diff_url":648,"vulnerabilities":649,"is_current":576},"1.6.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.6.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.6.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.5.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.6.0",[],{"version":651,"download_url":652,"svn_tag_url":653,"released_at":27,"has_diff":576,"diff_files_changed":654,"diff_lines":27,"trac_diff_url":655,"vulnerabilities":656,"is_current":576},"1.5.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.5.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.5.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.3.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.5.0",[],{"version":658,"download_url":659,"svn_tag_url":660,"released_at":27,"has_diff":576,"diff_files_changed":661,"diff_lines":27,"trac_diff_url":662,"vulnerabilities":663,"is_current":576},"1.3.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.2.1&new_path=%2Fwp-avoid-slow%2Ftags%2F1.3.0",[],{"version":665,"download_url":666,"svn_tag_url":667,"released_at":27,"has_diff":576,"diff_files_changed":668,"diff_lines":27,"trac_diff_url":669,"vulnerabilities":670,"is_current":576},"1.2.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.2.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.2.1",[],{"version":672,"download_url":673,"svn_tag_url":674,"released_at":27,"has_diff":576,"diff_files_changed":675,"diff_lines":27,"trac_diff_url":676,"vulnerabilities":677,"is_current":576},"1.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.1.1&new_path=%2Fwp-avoid-slow%2Ftags%2F1.2.0",[],{"version":679,"download_url":680,"svn_tag_url":681,"released_at":27,"has_diff":576,"diff_files_changed":682,"diff_lines":27,"trac_diff_url":683,"vulnerabilities":684,"is_current":576},"1.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.1.1",[],{"version":686,"download_url":687,"svn_tag_url":688,"released_at":27,"has_diff":576,"diff_files_changed":689,"diff_lines":27,"trac_diff_url":690,"vulnerabilities":691,"is_current":576},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F1.0.0&new_path=%2Fwp-avoid-slow%2Ftags%2F1.0",[],{"version":122,"download_url":693,"svn_tag_url":694,"released_at":27,"has_diff":576,"diff_files_changed":695,"diff_lines":27,"trac_diff_url":696,"vulnerabilities":697,"is_current":576},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F1.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F0.4&new_path=%2Fwp-avoid-slow%2Ftags%2F1.0.0",[],{"version":699,"download_url":700,"svn_tag_url":701,"released_at":27,"has_diff":576,"diff_files_changed":702,"diff_lines":27,"trac_diff_url":703,"vulnerabilities":704,"is_current":576},"0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F0.3&new_path=%2Fwp-avoid-slow%2Ftags%2F0.4",[],{"version":706,"download_url":707,"svn_tag_url":708,"released_at":27,"has_diff":576,"diff_files_changed":709,"diff_lines":27,"trac_diff_url":710,"vulnerabilities":711,"is_current":576},"0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F0.2&new_path=%2Fwp-avoid-slow%2Ftags%2F0.3",[],{"version":713,"download_url":714,"svn_tag_url":715,"released_at":27,"has_diff":576,"diff_files_changed":716,"diff_lines":27,"trac_diff_url":717,"vulnerabilities":718,"is_current":576},"0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-avoid-slow%2Ftags%2F0.1&new_path=%2Fwp-avoid-slow%2Ftags%2F0.2",[],{"version":720,"download_url":721,"svn_tag_url":722,"released_at":27,"has_diff":576,"diff_files_changed":723,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":724,"is_current":576},"0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-avoid-slow.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-avoid-slow\u002Ftags\u002F0.1\u002F",[],[]]