[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$felsj0ToUL74xIKyqhYUUlgnuOsxh_aKF7cJPOVkzbl8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":44,"crawl_stats":35,"alternatives":48,"analysis":157,"fingerprints":315},"wpperformancetester","WPPerformanceTester","2.0.0","kohashi","https:\u002F\u002Fprofiles.wordpress.org\u002Fkohashi\u002F","\u003Cp>WPPerformanceTester was written as a tool to benchmark WordPress in the \u003Ca href=\"http:\u002F\u002Freviewsignal.com\u002Fblog\u002F2015\u002F07\u002F28\u002Fwordpress-hosting-performance-benchmarks-2015\u002F\" rel=\"nofollow ugc\">WordPress Hosting Performance Benchmarks (2015)\u003C\u002Fa> by \u003Ca href=\"http:\u002F\u002Freviewsignal.com\" rel=\"nofollow ugc\">Review Signal\u003C\u002Fa>. Current benchmarks are on \u003Ca href=\"https:\u002F\u002Fwphostingbenchmarks.com\" rel=\"nofollow ugc\">WPHostingBenchmarks.com\u003C\u002Fa>. It was designed to test the server’s performance by stressing PHP, MySql and running $wpdb queries.\u003C\u002Fp>\n\u003Cp>WPPerformanceTester performs the following tests\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Math – 100,000 math function tests\u003C\u002Fli>\n\u003Cli>String Manipulation – 100,000 string manipulation tests\u003C\u002Fli>\n\u003Cli>Loops – 1,000,000 loop iterations\u003C\u002Fli>\n\u003Cli>Conditionals – 1,000,000 conditional logic checks\u003C\u002Fli>\n\u003Cli>MySql (connect, select, version, aes_encrypt) – basic mysql functions and 5,000,000 AES_ENCRYPT() iterations\u003C\u002Fli>\n\u003Cli>\\$wpdb – 250 insert, select, update and delete operations through \\$wpdb\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It also allows you to see how your server’s performance stacks up against our industry benchmark. Our industry benchmark is the average of all submitted test results.\u003C\u002Fp>\n\u003Ch3>Notes on Performance\u003C\u002Fh3>\n\u003Cp>Performance can be measured in a lot of ways. WPPerformanceTester was simply one component of a much larger performance benchmark. It tests a single server (or node) that it is running on. So if you’re considering looking at the results from a clustered or distributed setup, it may give you limited insight into how well your whole system performs. WPPerformanceTester is about the raw speed a system has to execute code and perform database operations.\u003C\u002Fp>\n\u003Cp>Real website performance isn’t always correlated with raw speed. A seemingly slow website could have a very fast WPPerformanceTester result. There are lots of layers (namely caching) in making a WordPress website fast. A good caching layer will almost always outperform computing power. But when the caching layers are equal, raw speed can make a difference.\u003C\u002Fp>\n\u003Cp>WPPerformanceTester is simply one tool to add to your toolkit in measuring performance. You should have a variety of others to test other facets of performance.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cp>If the script times out (max_execution_time limit) it will not show any results. You can solve this by increasing the max_execution_time in the php.ini. Some plugins may also cause WPPerformanceTester to run exceptionally slow and make it more likely to hit this limit. One such plugin is VersionPress. You can temporarily disable plugins that might be interfering with it as an alternative way to run it.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It’s always best to \u003Cstrong>BACKUP EVERYTHING\u003C\u002Fstrong> before running \u003Cstrong>ANY\u003C\u002Fstrong> new plugin or making changes to your WordPress install.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n","WPPerformanceTester benchmarks your server's performance through a variety of PHP, MySql and WordPress tests",1000,35400,86,8,"2024-04-26T09:56:00.000Z","6.5.8","3.5","",[20,21,22],"admin","benchmark","performance","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpperformancetester\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpperformancetester.zip",71,1,"2023-12-06 00:00:00","2026-03-15T15:16:48.613Z",[30],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2023-49844","wpperformancetester-cross-site-request-forgery","WPPerformanceTester \u003C= 2.0.0 - Cross-Site Request Forgery","The WPPerformanceTester plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=2.0.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3fb35366-b09c-4667-8fb9-6f80ba6d09f0?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":45,"trust_score":46,"computed_at":47},30,74,"2026-04-03T19:21:24.859Z",[49,73,95,114,134],{"slug":50,"name":51,"version":52,"author":53,"author_profile":54,"description":55,"short_description":56,"active_installs":57,"downloaded":58,"rating":59,"num_ratings":60,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":64,"tags":65,"homepage":69,"download_link":70,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":35,"fetched_at":28},"code-profiler","Code Profiler – WordPress Performance Profiling and Debugging Made Easy","1.9","bruandet","https:\u002F\u002Fprofiles.wordpress.org\u002Fbruandet\u002F","\u003Ch4>A profiler to measure the performance of your WordPress plugins and themes.\u003C\u002Fh4>\n\u003Cp>Code Profiler helps you to measure the performance of your plugins and themes at the PHP level and to quickly find any potential problem in your WordPress installation.\u003C\u002Fp>\n\u003Cp>You can profile the frontend and backend of WordPress, as well a cron events, a custom URL, send a POST payload, custom cookies and HTTP headers to profile a contact form, a checkout process or an AJAX action among many other possibilities.\u003C\u002Fp>\n\u003Cp>It generates an extremely detailed and easy to read analysis in the form of charts and tables that shows not only which plugin or theme, but also which PHP script, class, method and function is slowing down your website. It displays many useful additional information such as database queries, file I\u002FO operations and disk I\u002FO usage as well.\u003C\u002Fp>\n\u003Cp>It makes it very simple to locate any bottleneck problem in your themes or plugins in order to solve it and speed up your website.\u003Cbr \u002F>\nInstall, activate it and you can start profiling your site right away.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3PLDk-ZvQtU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Plugins & themes performance profiling.\u003C\u002Fli>\n\u003Cli>[Pro] Scripts performance profiling.\u003C\u002Fli>\n\u003Cli>[Pro] Methods & functions performance profiling.\u003C\u002Fli>\n\u003Cli>[Pro] Database queries performance.\u003C\u002Fli>\n\u003Cli>[Pro] Remote connections monitoring.\u003C\u002Fli>\n\u003Cli>[Pro] File I\u002FO operations monitoring.\u003C\u002Fli>\n\u003Cli>File I\u002FO statistics.\u003C\u002Fli>\n\u003Cli>Disk I\u002FO monitoring.\u003C\u002Fli>\n\u003Cli>WP-CLI integration.\u003C\u002Fli>\n\u003Cli>Export charts in PNG image format.\u003C\u002Fli>\n\u003Cli>GET\u002FPOST methods, custom cookies and HTTP headers.\u003C\u002Fli>\n\u003Cli>[Pro] Export all tables and charts in CSV file format.\u003C\u002Fli>\n\u003Cli>[Pro] Filtering options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about \u003Ca href=\"https:\u002F\u002Fnintechnet.com\u002Fcodeprofiler\u002F\" rel=\"nofollow ugc\">Code Profiler Pro\u003C\u002Fa>.\u003C\u002Fp>\n","A profiler to measure the performance of your WordPress plugins and themes.",8000,205816,88,32,"2026-02-05T12:02:00.000Z","6.9.4","5.0","7.1",[21,66,67,22,68],"debug","optimize","profiler","https:\u002F\u002Fnintechnet.com\u002Fcodeprofiler\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcode-profiler.1.9.zip",100,0,{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":83,"num_ratings":60,"last_updated":84,"tested_up_to":62,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":91,"download_link":92,"security_score":93,"vuln_count":26,"unpatched_count":72,"last_vuln_date":94,"fetched_at":28},"wpbenchmark","Hosting Benchmark tool","1.6.5","Anton Aleksandrov","https:\u002F\u002Fprofiles.wordpress.org\u002Fantonaleksandrov\u002F","\u003Cp>This plugin empowers you to thoroughly evaluate your WordPress hosting server’s performance with detailed, objective metrics. Simple and free to use – our mission is to help regular WordPress users determine if they’re actually getting the hosting quality they’ve paid for.\u003C\u002Fp>\n\u003Ch3>Comprehensive Testing Suite\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>CPU & Processing Power:\u003C\u002Fstrong> Tests both raw processing speed and WordPress-specific functions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory Usage & Efficiency:\u003C\u002Fstrong> Evaluates how effectively your server handles memory-intensive operations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Filesystem Performance:\u003C\u002Fstrong> Measures file read\u002Fwrite capabilities critical for WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database Operations:\u003C\u002Fstrong> Tests query execution speed and complex joins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Object Cache:\u003C\u002Fstrong> Evaluates persistent cache performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Network Speed:\u003C\u002Fstrong> Measures connection responsiveness\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Advanced Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Scheduled Benchmarking:\u003C\u002Fstrong> Automatically run tests at regular intervals to monitor your hosting performance over time and identify patterns or degradation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Core Function Tests:\u003C\u002Fstrong> Specifically tests WordPress operations like shortcode processing, hook execution, and transient handling\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comparative Analysis:\u003C\u002Fstrong> See how your hosting stacks up against others with similar configurations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Scoring:\u003C\u002Fstrong> Get an objective rating that helps you understand your server’s capabilities\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Easy to Use\u003C\u002Fh3>\n\u003Cp>No technical expertise or additional software required! All tests run directly within WordPress, using your existing PHP installation. Simply install the plugin, click to run benchmarks, and get detailed results you can understand.\u003C\u002Fp>\n\u003Ch3>Make Informed Decisions\u003C\u002Fh3>\n\u003Cp>Whether you’re troubleshooting slow site performance, evaluating a new hosting provider, or simply curious about your current hosting quality, this tool provides the concrete data you need to make smart decisions about your WordPress hosting.\u003Cbr \u002F>\nDon’t settle for underwhelming hosting performance. Use WordPress Hosting Benchmark Tool today to discover exactly what you’re getting from your hosting provider.\u003C\u002Fp>\n","Benchmark your hosting server CPU, memory and disk, compare with others using simple Wordpress plugin.",4000,108996,94,"2026-01-25T04:06:00.000Z","4.0","5.6",[21,88,89,22,90],"hosting","optimization","speed","https:\u002F\u002Fwpbenchmark.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpbenchmark.1.6.5.zip",99,"2024-04-10 00:00:00",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":71,"num_ratings":105,"last_updated":106,"tested_up_to":62,"requires_at_least":107,"requires_php":108,"tags":109,"homepage":111,"download_link":112,"security_score":93,"vuln_count":26,"unpatched_count":72,"last_vuln_date":113,"fetched_at":28},"falcon","Falcon – WordPress Optimizations & Tweaks","2.9.3","Anh Tran","https:\u002F\u002Fprofiles.wordpress.org\u002Frilwis\u002F","\u003Cp>\u003Cstrong>Falcon\u003C\u002Fstrong> is lightweight WordPress plugin that provide a list of optimizations and tweaks that help you improve the performance and user experience for your WordPress sites.\u003C\u002Fp>\n\u003Ch3>FEATURES & MODULES\u003C\u002Fh3>\n\u003Cp>Falcon offers a comprehensive list modules for you to tweak and optimize your WordPress websites. These options are divided into the following categories:\u003C\u002Fp>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Fdisable-components\u002F\" rel=\"nofollow ugc\">Disable components\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>General components:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmetabox.io\u002Fdisable-gutenberg-without-using-plugins\u002F\" rel=\"nofollow ugc\">Disable Gutenberg\u003C\u002Fa> (the block editor)\u003C\u002Fli>\n\u003Cli>Disable heartbeat\u003C\u002Fli>\n\u003Cli>Disable embeds, e.g. prevent others from embedding your site and vise-versa\u003C\u002Fli>\n\u003Cli>Disable comments & remove website field from comment form\u003C\u002Fli>\n\u003Cli>Disable revisions\u003C\u002Fli>\n\u003Cli>Disable self pings\u003C\u002Fli>\n\u003Cli>Disable privacy tools\u003C\u002Fli>\n\u003Cli>Disable cron\u003C\u002Fli>\n\u003Cli>Disable auto updates\u003C\u002Fli>\n\u003Cli>Block external requests\u003C\u002Fli>\n\u003Cli>Disable replacing text with formatted entities like smart quotes, dashes, ellipses, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Media components:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove jQuery Migrate\u003C\u002Fli>\n\u003Cli>Disable emojis\u003C\u002Fli>\n\u003Cli>Disable scaling down big images\u003C\u002Fli>\n\u003Cli>Disable automatic image rotation based on EXIF data\u003C\u002Fli>\n\u003Cli>Disable thumbnail generation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Fheader-cleanup\u002F\" rel=\"nofollow ugc\">Header cleanup\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Remove feed links\u003C\u002Fli>\n\u003Cli>Remove RSD link\u003C\u002Fli>\n\u003Cli>Remove wlwmanifest link\u003C\u002Fli>\n\u003Cli>Remove adjacent posts links\u003C\u002Fli>\n\u003Cli>Remove WordPress version number\u003C\u002Fli>\n\u003Cli>Remove shortlink\u003C\u002Fli>\n\u003Cli>Remove REST API link\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Femail\u002F\" rel=\"nofollow ugc\">Email\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Remove admin email confirmation\u003C\u002Fli>\n\u003Cli>Disable auto update email notification\u003C\u002Fli>\n\u003Cli>Disable admin email notification when a new user is registered\u003C\u002Fli>\n\u003Cli>Disable admin email notification when users reset passwords\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeluxeblogtips.com\u002Fchange-wordpress-default-email\u002F\" rel=\"nofollow ugc\">Change default WordPress from name and email\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>SMTP configuration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Fadmin-cleanup\u002F\" rel=\"nofollow ugc\">Admin cleanup\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Show site icon on login page\u003C\u002Fli>\n\u003Cli>Remove update nags\u003C\u002Fli>\n\u003Cli>Remove footer text\u003C\u002Fli>\n\u003Cli>Remove default dashboard widgets\u003C\u002Fli>\n\u003Cli>Remove WordPress logo in the admin bar\u003C\u002Fli>\n\u003Cli>Remove application passwords\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Fsecurity\u002F\" rel=\"nofollow ugc\">Security\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable REST API for unauthenticated requests\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdeluxeblogtips.com\u002Fdisable-xml-rpc-wordpress\u002F\" rel=\"nofollow ugc\">Disable XML-RPC\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Restrict upload file types\u003C\u002Fli>\n\u003Cli>Disable detailed login errors\u003C\u002Fli>\n\u003Cli>Block AI bots from crawling\u002Fstealing your content, which also affect the performance\u003C\u002Fli>\n\u003Cli>Force login to view the website\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Fcache\u002F\" rel=\"nofollow ugc\">Cache\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cp>Falcon’s cache feature creates static HTML files of your pages, serving them instantly to visitors without processing database queries, or loading WordPress, themes and all plugins on every request.\u003C\u002Fp>\n\u003Ch4>\u003Ca href=\"https:\u002F\u002Fwpfalcon.pro\u002Ffeatures\u002Ftweaks\u002F\" rel=\"nofollow ugc\">Tweaks\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Search only posts\u003C\u002Fli>\n\u003Cli>Enable maintenance mode\u003C\u002Fli>\n\u003Cli>Remove query string for JavaScript and CSS files\u003C\u002Fli>\n\u003Cli>Set scheme-less URLs for JavaScript and CSS files, e.g. remove \u003Ccode>http:\u003C\u002Fcode> and \u003Ccode>https:\u003C\u002Fcode> from URLs\u003C\u002Fli>\n\u003Cli>Remove styles for recent comments widget\u003C\u002Fli>\n\u003Cli>Cleanup nav menu item ID & classes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Asynchronous load CSS\u003C\u002Fstrong> to avoid blocking load of CSS files\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>You might also like\u003C\u002Fh3>\n\u003Cp>If you like this plugin, you might also like our other WordPress products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmetabox.io\" rel=\"nofollow ugc\">Meta Box\u003C\u002Fa> – A powerful WordPress plugin for creating custom post types and custom fields.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpslimseo.com\" rel=\"nofollow ugc\">Slim SEO\u003C\u002Fa> – A fast, lightweight and full-featured SEO plugin for WordPress with minimal configuration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgretathemes.com\" rel=\"nofollow ugc\">GretaThemes\u003C\u002Fa> – Free and premium WordPress themes that clean, simple and just work.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpautolistings.com\" rel=\"nofollow ugc\">Auto Listings\u003C\u002Fa> – A car sale and dealership plugin for WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight WordPress optimization and tweak plugin for a better performance",3000,57775,10,"2026-01-21T12:23:00.000Z","6.5","7.4",[20,67,22,90,110],"tweaks","https:\u002F\u002Fwpfalcon.pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffalcon.2.9.3.zip","2024-12-11 00:00:00",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":11,"downloaded":122,"rating":71,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":18,"tags":127,"homepage":131,"download_link":132,"security_score":133,"vuln_count":72,"unpatched_count":72,"last_vuln_date":35,"fetched_at":28},"mo-cache","MO Cache","2.0","m4i","https:\u002F\u002Fprofiles.wordpress.org\u002Fm4i\u002F","\u003Cp>The MO Cache provides simple and fast caching of the translation MO files using the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FClass_Reference\u002FWP_Object_Cache\" rel=\"nofollow ugc\">WP Object Cache\u003C\u002Fa> mechanism.\u003Cbr \u002F>\nThis plugin is necessary to be used \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FClass_Reference\u002FWP_Object_Cache#Persistent_Cache_Plugins\" rel=\"nofollow ugc\">persistent caching plugin\u003C\u002Fa>, otherwise you can not benefit from this plugin.\u003C\u002Fp>\n\u003Cp>For localized WordPress, which was newly installed, the loading time of translation files accounts for 70% of the entire processing time.\u003Cbr \u002F>\nYou can make this process 3 times faster by just installing this plugin.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fm4i.hatenablog.com\u002Fentry\u002F2011\u002F12\u002F10\u002F000407\" rel=\"nofollow ugc\">Description in Japanese （日本語での紹介記事）\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>No configuration\u003C\u002Fli>\n\u003Cli>Supports multiple languages\u003C\u002Fli>\n\u003Cli>Supports plugin’s translation files caching\u003C\u002Fli>\n\u003Cli>Supports WordPress Network\u002FMultisite installation\u003C\u002Fli>\n\u003Cli>A simple plugin in less than 100 lines\u003C\u002Fli>\n\u003C\u002Ful>\n","Improving the site performance by caching translation files using the WordPress standard cache mechanism.",54494,3,"2017-11-28T17:12:00.000Z","3.4.2","3.2",[21,128,129,130,22],"benchmarking","cache","caching","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fmo-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmo-cache.2.0.zip",85,{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":142,"downloaded":143,"rating":144,"num_ratings":145,"last_updated":146,"tested_up_to":147,"requires_at_least":148,"requires_php":149,"tags":150,"homepage":155,"download_link":156,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":35,"fetched_at":28},"dynamic-front-end-heartbeat-control","Dynamic Front-End Heartbeat Control","1.2.998.1","Codeloghin","https:\u002F\u002Fprofiles.wordpress.org\u002Floghin\u002F","\u003Cp>Your all-in-one solution for intelligently optimizing the WordPress Heartbeat API.\u003C\u002Fp>\n\u003Cp>This plugin stabilizes server load and improves the browsing experience during traffic spikes by dynamically controlling the Heartbeat interval based on real site conditions. Instead of relying on outdated manual tuning or fixed settings, it continuously analyzes factors such as user activity, server environment, and page complexity to determine the most efficient configuration for your website.\u003C\u002Fp>\n\u003Cp>Designed to work seamlessly alongside most performance and caching plugins, it introduces an adaptive approach that helps your WordPress installation operate at its full potential without adding unnecessary server overhead.\u003C\u002Fp>\n\u003Cp>Once activated, the plugin begins optimizing immediately—no configuration required in most cases. It intelligently adjusts the Heartbeat interval in real time, responding to changes in traffic and workload to maintain stability, responsiveness, and optimal performance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>✅ Dynamically optimizes the WordPress Heartbeat API using real-time site conditions\u003Cbr \u002F>\n✅ Smart automation with optional manual control when you need it\u003Cbr \u002F>\n✅ Custom intervals for the Admin Dashboard and Editor environments\u003Cbr \u002F>\n✅ Option to completely disable Heartbeat with a single click\u003Cbr \u002F>\n✅ Advanced real-time decision making with minimal server overhead that completely prioritises user experience and website speed\u003Cbr \u002F>\n✅ One-click database cleanup to remove unnecessary clutter\u003Cbr \u002F>\n✅ Works alongside most caching and performance plugins\u003Cbr \u002F>\n✅ Multisite compatible\u003Cbr \u002F>\n✅ Install, activate, done — performance improvements begin immediately\u003C\u002Fp>\n\u003Cp>For optimal results, it is recommended to use this plugin alongside a caching solution and properly optimized pages (minified CSS and JavaScript, compressed and optimized images, etc.).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Additional Important Information:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Some caching plugins provide manual control over the WordPress Heartbeat API. For best results, allow this plugin to manage the heartbeat intervals automatically. You may continue using other performance features from those plugins, but avoid enabling their manual heartbeat controls.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>GDPR-friendly design:\u003C\u002Fstrong> The plugin may set a lightweight cookie used solely for visitor counting and abuse prevention (rate limiting). No personal data is collected, tracked, or shared with third parties.\u003C\u002Fp>\n\u003Cp>Rigorously tested to maintain reliable performance during high-traffic spikes and under constrained server resources.\u003C\u002Fp>\n","An enhanced solution to optimize the performance of your WordPress website and automatically achieve the best Heartbeat API values.",900,12210,96,12,"2026-03-07T14:30:00.000Z","7.0","5.5","7.2",[151,152,153,22,154],"admin-ajax","heartbeat","heartbeat-api","site-health","https:\u002F\u002Fheartbeat.support","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdynamic-front-end-heartbeat-control.1.2.998.1.zip",{"attackSurface":158,"codeSignals":189,"taintFlows":269,"riskAssessment":304,"analyzedAt":314},{"hooks":159,"ajaxHandlers":185,"restRoutes":186,"shortcodes":187,"cronEvents":188,"entryPointCount":72,"unprotectedCount":72},[160,166,171,176,180],{"type":161,"name":162,"callback":163,"file":164,"line":165},"action","admin_notices","WPPerformanceTester_noticePhpVersionWrong","wp-performance-tester.php",52,{"type":161,"name":167,"callback":168,"file":169,"line":170},"admin_init","registerSettings","WPPerformanceTester_OptionsManager.php",248,{"type":161,"name":172,"callback":173,"file":174,"line":175},"admin_menu","addSettingsSubMenuPage","WPPerformanceTester_Plugin.php",385,{"type":161,"name":177,"callback":178,"file":174,"line":179},"admin_enqueue_scripts","enqueue_scripts_and_style",386,{"type":161,"name":181,"callback":182,"file":183,"line":184},"wp_footer","addScriptWrapper","WPPerformanceTester_ShortCodeScriptLoader.php",40,[],[],[],[],{"dangerousFunctions":190,"sqlUsage":191,"outputEscaping":194,"fileOperations":26,"externalRequests":72,"nonceChecks":26,"capabilityChecks":123,"bundledLibraries":268},[],{"prepared":192,"raw":72,"locations":193},2,[],{"escaped":195,"rawEcho":196,"locations":197},7,41,[198,200,202,204,206,208,210,211,213,214,216,217,218,220,221,223,224,225,226,227,228,229,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266],{"file":164,"line":196,"context":199},"raw output",{"file":169,"line":201,"context":199},286,{"file":169,"line":203,"context":199},288,{"file":169,"line":205,"context":199},299,{"file":169,"line":207,"context":199},311,{"file":169,"line":209,"context":199},331,{"file":169,"line":209,"context":199},{"file":169,"line":212,"context":199},362,{"file":169,"line":212,"context":199},{"file":169,"line":215,"context":199},367,{"file":169,"line":215,"context":199},{"file":169,"line":215,"context":199},{"file":169,"line":219,"context":199},377,{"file":169,"line":219,"context":199},{"file":174,"line":222,"context":199},87,{"file":174,"line":71,"context":199},{"file":174,"line":71,"context":199},{"file":174,"line":71,"context":199},{"file":174,"line":71,"context":199},{"file":174,"line":71,"context":199},{"file":174,"line":71,"context":199},{"file":174,"line":71,"context":199},{"file":174,"line":231,"context":199},160,{"file":174,"line":233,"context":199},164,{"file":174,"line":235,"context":199},168,{"file":174,"line":237,"context":199},172,{"file":174,"line":239,"context":199},176,{"file":174,"line":241,"context":199},180,{"file":174,"line":243,"context":199},184,{"file":174,"line":245,"context":199},190,{"file":174,"line":247,"context":199},205,{"file":174,"line":249,"context":199},206,{"file":174,"line":251,"context":199},222,{"file":174,"line":253,"context":199},226,{"file":174,"line":255,"context":199},230,{"file":174,"line":257,"context":199},234,{"file":174,"line":259,"context":199},238,{"file":174,"line":261,"context":199},254,{"file":174,"line":263,"context":199},255,{"file":174,"line":265,"context":199},256,{"file":174,"line":267,"context":199},291,[],[270,294],{"entryPoint":271,"graph":272,"unsanitizedCount":26,"severity":293},"settingsPage (WPPerformanceTester_OptionsManager.php:264)",{"nodes":273,"edges":289},[274,279,283],{"id":275,"type":276,"label":277,"file":169,"line":278},"n0","source","$_POST[$aOptionKey]",275,{"id":280,"type":281,"label":282,"file":169,"line":278},"n1","transform","→ updateOption()",{"id":284,"type":285,"label":286,"file":169,"line":287,"wp_function":288},"n2","sink","update_option() [Settings Manipulation]",162,"update_option",[290,292],{"from":275,"to":280,"sanitized":291},false,{"from":280,"to":284,"sanitized":291},"low",{"entryPoint":295,"graph":296,"unsanitizedCount":26,"severity":293},"\u003CWPPerformanceTester_OptionsManager> (WPPerformanceTester_OptionsManager.php:0)",{"nodes":297,"edges":301},[298,299,300],{"id":275,"type":276,"label":277,"file":169,"line":278},{"id":280,"type":281,"label":282,"file":169,"line":278},{"id":284,"type":285,"label":286,"file":169,"line":287,"wp_function":288},[302,303],{"from":275,"to":280,"sanitized":291},{"from":280,"to":284,"sanitized":291},{"summary":305,"deductions":306},"The wpperformancetester plugin version 2.0.0 presents a mixed security posture. On the positive side, the static analysis indicates a very small attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. The plugin also demonstrates good practices by using prepared statements for all SQL queries and implementing nonce and capability checks in some areas. However, significant concerns arise from the output escaping, where only 15% of outputs are properly escaped, leaving a substantial portion vulnerable to cross-site scripting (XSS) attacks. Furthermore, the taint analysis revealed two flows with unsanitized paths, which could potentially be exploited for path traversal or similar vulnerabilities, even though they are not currently categorized as critical or high severity.\n\nThe vulnerability history reveals a medium severity Cross-Site Request Forgery (CSRF) vulnerability that remains unpatched, as of the last recorded date. The presence of this history, even if only one medium-severity issue, coupled with the observed output escaping and taint flow issues, suggests a need for greater diligence in secure coding practices. While the plugin's attack surface is minimal, the lack of comprehensive output escaping and the presence of unpatched vulnerabilities are significant weaknesses that could be exploited by attackers.",[307,310,312],{"reason":308,"points":309},"Unpatched medium severity CVE",15,{"reason":311,"points":195},"Low percentage of properly escaped output",{"reason":313,"points":14},"Taint flows with unsanitized paths","2026-03-16T18:56:05.171Z",{"wat":316,"direct":325},{"assetPaths":317,"generatorPatterns":319,"scriptPaths":320,"versionParams":322},[318],"\u002Fwp-content\u002Fplugins\u002Fwpperformancetester\u002Fwppert.css",[],[321],"\u002Fwp-content\u002Fplugins\u002Fwpperformancetester\u002Fwppert.js",[323,324],"wpperformancetester\u002Fwppert.css?ver=","wpperformancetester\u002Fwppert.js?ver=",{"cssClasses":326,"htmlComments":330,"htmlAttributes":331,"restEndpoints":335,"jsGlobals":336,"shortcodeOutput":338},[327,328,329],"wrap","updated","fade",[],[332,333,334],"data-chartjs-color-default","data-chartjs-color-primary","data-chartjs-color-warning",[],[337,5],"industryData",[]]