Does WP Fragment Cache have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Fragment Cache have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Fragment Cache compatible with WordPress 3.9.40?

According to WordPress.org data, WP Fragment Cache 1.0.4 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is WP Fragment Cache updated?

WP Fragment Cache was last updated on Jun 18, 2014. Frequent updates are generally a positive security signal.

What is WP Fragment Cache's security score?

WP Fragment Cache has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Fragment Cache Security & Risk Analysis

wordpress.org/plugins/wp-fragment-cache

Improve website performance by caching individual page fragments (widgets, menus output and long loops).

10 active installs v1.0.4 PHP + WP 3.7.0+ Updated Jun 18, 2014

cachecache-blockcachingoutput-cachingperformance

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Fragment Cache Safe to Use in 2026?

Generally Safe

Score 85/100

WP Fragment Cache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The wp-fragment-cache plugin v1.0.4 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and a clean vulnerability history suggests a history of secure development or diligent patching. The static analysis reveals a minimal attack surface with zero AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the code demonstrates good practices by avoiding dangerous functions and external HTTP requests. However, there are areas for improvement. The SQL queries have a significant portion (67%) not using prepared statements, which poses a risk of SQL injection if the inputs are not adequately sanitized elsewhere. Similarly, the output escaping is not consistently applied, with 37% of outputs potentially leading to cross-site scripting (XSS) vulnerabilities. The presence of file operations without clear context on their sanitization also warrants caution. While the plugin's attack surface is commendably small, the identified risks in SQL querying and output escaping are notable weaknesses that could be exploited.

Key Concerns

SQL queries not using prepared statements
Output escaping not properly applied

Vulnerabilities

None known

WP Fragment Cache Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WP Fragment Cache Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

33% prepared3 total queries

Output Escaping

63% escaped8 total outputs

Attack Surface

WP Fragment Cache Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionadmin_menuadmin\class-wp-fragment-cache-admin.php:55

filterpre_update_option_wp_fragment_cache_is_enabledadmin\class-wp-fragment-cache-admin.php:63

actionadmin_initadmin\class-wp-fragment-cache-admin.php:121

actionadmin_noticesadmin\class-wp-fragment-cache-admin.php:123

actionadmin_noticesadmin\class-wp-fragment-cache-admin.php:146

actionwpmu_new_blogpublic\class-wp-fragment-cache.php:117

actionadmin_noticespublic\class-wp-fragment-cache.php:284

actionplugins_loadedwp-fragment-cache.php:39

actionplugins_loadedwp-fragment-cache.php:47

Maintenance & Trust

WP Fragment Cache Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJun 18, 2014

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

WP Fragment Cache Alternatives

WP Cache Block

wp-cache-block

Adds ability to globally cache certain segments of code.

10 No CVEs

WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance

wp-optimize

Get caching and more with this powerful cache plugin. Cache, optimize images, clean your database and minify for maximum performance.

1.0M 3 CVEs

WP Super Cache

wp-super-cache

A very fast caching engine for WordPress that produces static html files.

1.0M 12 CVEs

Breeze Cache

breeze

Breeze is a caching plugin developed by Cloudways. Breeze uses advance caching systems to improve site loading times exponentially.

400K 8 CVEs

Redis Object Cache

redis-cache

100

A persistent object cache backend powered by Redis®¹. Supports Predis, PhpRedis, Relay, replication, sentinels, clustering and WP-CLI.

300K No CVEs

Developer Profile

WP Fragment Cache Developer Profile

mariuspass

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Fragment Cache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ