Does WP Meteor Website Speed Optimization Addon have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Meteor Website Speed Optimization Addon have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Meteor Website Speed Optimization Addon compatible with WordPress 6.9.4?

According to WordPress.org data, WP Meteor Website Speed Optimization Addon 3.4.17 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WP Meteor Website Speed Optimization Addon compatible with PHP 5.6+?

WP Meteor Website Speed Optimization Addon requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Meteor Website Speed Optimization Addon updated?

WP Meteor Website Speed Optimization Addon was last updated on Feb 21, 2026. Frequent updates are generally a positive security signal.

What is WP Meteor Website Speed Optimization Addon's security score?

WP Meteor Website Speed Optimization Addon has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Meteor Website Speed Optimization Addon Security & Risk Analysis

wordpress.org/plugins/wp-meteor

2x-5x improvement in your Page Speed score. A completely new way of optimizing your page speed.

20K active installs v3.4.17 PHP 5.6+ WP 4.5+ Updated Feb 21, 2026

cachingoptimizationpagespeedperformance

A · Safe

CVEs total3

Unpatched0

Last CVEJul 23, 2024

Plugin page Download

Safety Verdict

Is WP Meteor Website Speed Optimization Addon Safe to Use in 2026?

Generally Safe

Score 98/100

WP Meteor Website Speed Optimization Addon has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jul 23, 2024Updated 1mo ago

Risk Assessment

The wp-meteor plugin v3.4.17 presents a mixed security posture. While the code analysis shows no critical or high severity taint flows and a good practice of using prepared statements for SQL queries, significant concerns arise from the exposed REST API route and the absence of capability checks. This single unprotected entry point can be exploited by unauthorized actors. Furthermore, the vulnerability history reveals a pattern of past medium severity vulnerabilities, including exposure of sensitive information, missing authorization, and CSRF. Although there are no currently unpatched CVEs, the history suggests a recurring need for security patches and indicates potential weaknesses in the plugin's authorization and data handling mechanisms. The plugin's limited attack surface is a positive, but the presence of even one unprotected REST API route, coupled with the past vulnerability types, necessitates careful consideration of its security implications.

Key Concerns

Unprotected REST API route
Missing capability checks
Only 40% of outputs properly escaped
History of medium severity vulnerabilities
History of Missing Authorization vulnerabilities
History of Exposure of Sensitive Information vulnerabilities
History of CSRF vulnerabilities

Vulnerabilities

WP Meteor Website Speed Optimization Addon Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2024-6553medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

WP Meteor Website Speed Optimization Addon <= 3.4.3 - Unauthenticated Full Path Disclosure

Jul 23, 2024 Patched in 3.4.4 (1d)

WF-2b335807-f4d1-43b3-9e1b-2215eb00a3f8-wp-meteormedium · 4.3Missing Authorization

WP Meteor Page Speed Optimization Topping <= 3.1.4 -Missing Authorization to Notice Dismissal

Mar 3, 2023 Patched in 3.1.5 (326d)

CVE-2023-26543medium · 4.3Cross-Site Request Forgery (CSRF)

WP Meteor Page Speed Optimization Topping <= 3.1.4 - Cross-Site Request Forgery via processAjaxNoticeDismiss

Feb 28, 2023 Patched in 3.1.5 (415d)

Code Analysis

Analyzed Mar 16, 2026

WP Meteor Website Speed Optimization Addon Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

40% escaped10 total outputs

Attack Surface

1 unprotected

WP Meteor Website Speed Optimization Addon Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

POST/wp-json/wpmeteor/v1/detect/rest\Marketing.php:14

WordPress Hooks 8

filterwpmeteor_excludeblocker\Exclusions\Compatibility.php:29

filterwpmeteor_excludeblocker\Exclusions\Compatibility.php:89

filterwpmeteor_excludeblocker\Exclusions\Exclude.php:46

actionwpfrontend\Base.php:64

actionrest_api_initrest\Marketing.php:13

actionadmin_initwp-meteor.php:35

actionadmin_noticeswp-meteor.php:41

actionplugins_loadedwp-meteor.php:71

Maintenance & Trust

WP Meteor Website Speed Optimization Addon Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 21, 2026

PHP min version5.6

Downloads991K

Community Trust

Rating94/100

Number of ratings77

Active installs20K

Alternatives

WP Meteor Website Speed Optimization Addon Alternatives

LiteSpeed Cache

litespeed-cache

All-in-one unbeatable acceleration & PageSpeed improvement: caching, image/CSS/JS optimization...

7.0M 18 CVEs

W3 Total Cache

w3-total-cache

Search Engine (SEO) & Performance Optimization (WPO) via caching. Integrated caching: CDN, Page, Minify, Object, Fragment, Database support.

900K 28 CVEs

Super Page Cache

wp-cloudflare-page-cache

Boost PageSpeed, SEO, and Core Web Vitals with full page caching, JS/CSS optimization, media optimization, and Cloudflare CDN.

50K 2 CVEs

RabbitLoader – AI Speed Optimization, Caching & CDN for WordPress & WooCommerce

rabbit-loader

All-in-one AI speed optimization plugin for WordPress & WooCommerce websites. Get faster loading pages and near-perfect PageSpeed scores — in just …

3K 2 CVEs

Speed Kit

baqend

Speed Kit makes your WordPress website load instantly with one simple click.

2K 1 unpatched

Developer Profile

WP Meteor Website Speed Optimization Addon Developer Profile

Aleksandr Guidrevitch

1 plugin · 20K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

247 days

View full developer profile

Detection Fingerprints

How We Detect WP Meteor Website Speed Optimization Addon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-meteor/assets/css/admin/settings.css/wp-content/plugins/wp-meteor/assets/js/admin/settings.js

Script Paths

/wp-content/plugins/wp-meteor/vendor/wpdesk/wp-notice/assets/js/wpdesk-notices.js/wp-content/plugins/wp-meteor/vendor/wpdesk/wp-notice/assets/js/wpdesk-dismissible-notices.js/wp-content/plugins/wp-meteor/vendor/wpdesk/wp-notice/assets/js/wpdesk-init-notices.js

Version Parameters

wp-meteor/assets/css/admin/settings.css?ver=wp-meteor/assets/js/admin/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-meteor-settings

Data Attributes

data-wpmeteor-settings

JS Globals

_wpmeteor

REST Endpoints

/wp-json/wpmeteor/v1/detect/

FAQ