Does WPTurbo -WordPress性能优化插件 have any unpatched vulnerabilities?

No. All known vulnerabilities in WPTurbo -WordPress性能优化插件 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WPTurbo -WordPress性能优化插件 compatible with WordPress 6.9.4?

According to WordPress.org data, WPTurbo -WordPress性能优化插件 3.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WPTurbo -WordPress性能优化插件 compatible with PHP 7.0+?

WPTurbo -WordPress性能优化插件 requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WPTurbo -WordPress性能优化插件 updated?

WPTurbo -WordPress性能优化插件 was last updated on Dec 29, 2025. Frequent updates are generally a positive security signal.

What is WPTurbo -WordPress性能优化插件's security score?

WPTurbo -WordPress性能优化插件 has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPTurbo -WordPress性能优化插件 Security & Risk Analysis

wordpress.org/plugins/wpturbo

WPTurbo如其名，即WordPress的涡轮增压器，是一款专门针对WordPress开发的性能优化插件，效用包括WP瘦身，WP速度优化，数据库优化及对象存储等。

600 active installs v3.0.1 PHP 7.0+ WP 5.6+ Updated Dec 29, 2025

cachecdnoptimizeossspeedup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPTurbo -WordPress性能优化插件 Safe to Use in 2026?

Generally Safe

Score 100/100

WPTurbo -WordPress性能优化插件 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "wpturbo" v3.0.1 plugin exhibits a generally strong security posture based on the provided static analysis. It correctly implements nonce and capability checks for all identified AJAX entry points, and there are no observed REST API routes that lack permission callbacks. The absence of critical or high severity taint flows further indicates diligent coding practices regarding input sanitization and output escaping. The plugin also shows good hygiene with a high percentage of properly escaped outputs and a reasonable number of prepared SQL statements, although there's room for improvement in the latter.

However, the analysis does highlight a couple of areas for attention. The SQL queries, while mostly prepared, still have a significant portion (15%) that are not, posing a potential risk for SQL injection if not handled meticulously within the implementation. Additionally, the presence of 5 AJAX handlers, even with authentication checks, represents a considerable attack surface, and any future oversight in these checks could lead to vulnerabilities. The plugin's clean vulnerability history is a positive indicator of past security awareness, but it does not guarantee future immunity, making ongoing vigilance important.

In conclusion, "wpturbo" v3.0.1 demonstrates a commendable effort towards security, with robust handling of its direct entry points. The primary weaknesses lie in the percentage of unprepared SQL queries and the inherent risk associated with a moderately sized AJAX attack surface. These are manageable risks, but addressing them would elevate the plugin's security to an even higher level. The lack of any recorded historical vulnerabilities is a strong point in its favor.

Key Concerns

SQL queries not using prepared statements
Moderately sized AJAX attack surface

Vulnerabilities

None known

WPTurbo -WordPress性能优化插件 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WPTurbo -WordPress性能优化插件 Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

47 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

SQL Query Safety

15% prepared20 total queries

Output Escaping

85% escaped55 total outputs

Attack Surface

WPTurbo -WordPress性能优化插件 Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_wpturbomodule\database.php:32

authwp_ajax_wpturbomodule\optimize.php:25

authwp_ajax_wpturbomodule\reduce.php:18

authwp_ajax_wpturbomodule\storage.php:17

authwp_ajax_wpturbomodule\turbo.php:28

WordPress Hooks 81

filterwpturbo_theme_outputmodule\cdn.php:16

actionwpturbo_optimize_databasemodule\database.php:19

actionwpmodule\lazyload.php:14

filterwpturbo_theme_outputmodule\lazyload.php:43

actionwp_enqueue_scriptsmodule\lazyload.php:45

filterwpturbo_theme_outputmodule\lazyload.php:47

actionwp_footermodule\lazyload.php:48

actionwp_headmodule\lazyload.php:49

filterwp_lazy_loading_enabledmodule\lazyload.php:50

actionwp_enqueue_scriptsmodule\preload.php:20

filterscript_loader_tagmodule\preload.php:21

actionwp_headmodule\preload.php:24

actionwp_headmodule\preload.php:27

actionwpturbo_theme_outputmodule\preload.php:34

actionwpturbo_theme_outputmodule\preload.php:36

actioninitmodule\reduce.php:20

actionget_headermodule\reduce.php:115

filtershow_admin_barmodule\reduce.php:118

filterwp_xmlrpc_server_classmodule\reduce.php:125

filterxmlrpc_enabledmodule\reduce.php:128

filterwp_headersmodule\reduce.php:129

filterpings_openmodule\reduce.php:130

filterpre_update_option_enable_xmlrpcmodule\reduce.php:131

filterpre_option_enable_xmlrpcmodule\reduce.php:132

actiontemplate_redirectmodule\reduce.php:137

actionpre_pingmodule\reduce.php:143

filterrest_authentication_errorsmodule\reduce.php:157

actionwidgets_initmodule\reduce.php:164

filtershow_recent_comments_widget_stylemodule\reduce.php:166

filterwp_headersmodule\reduce.php:168

actiontemplate_redirectmodule\reduce.php:173

actiontemplate_redirectmodule\reduce.php:178

actionadmin_initmodule\reduce.php:183

actionwp_loadedmodule\reduce.php:188

filtercomments_arraymodule\reduce.php:200

filtercomments_openmodule\reduce.php:201

filterpings_openmodule\reduce.php:202

actionadmin_menumodule\reduce.php:207

actionadmin_print_styles-index.phpmodule\reduce.php:226

actionadmin_print_styles-profile.phpmodule\reduce.php:235

actionwp_dashboard_setupmodule\reduce.php:244

filterpre_option_default_pingback_flagmodule\reduce.php:249

filtercomments_templatemodule\reduce.php:254

filterfeed_links_show_comments_feedmodule\reduce.php:262

filterwp_default_scriptsmodule\reduce.php:269

filterthe_generatormodule\reduce.php:280

filterget_comment_author_linkmodule\reduce.php:311

filterget_comment_author_urlmodule\reduce.php:314

filtercomment_form_default_fieldsmodule\reduce.php:315

filterwp_revisions_to_keepmodule\reduce.php:335

filterheartbeat_settingsmodule\reduce.php:351

filterheartbeat_settingsmodule\reduce.php:368

filterget_avatar_urlmodule\reduce.php:375

filterwpturbo_theme_outputmodule\reduce.php:382

filterwpturbo_theme_outputmodule\reduce.php:386

filterwpturbo_theme_outputmodule\reduce.php:391

filterwpturbo_theme_outputmodule\reduce.php:397

actionwpturbo_download_google_fontmodule\reduce.php:398

filteremoji_svg_urlmodule\reduce.php:602

filterembed_oembed_discovermodule\reduce.php:608

filterrewrite_rules_arraymodule\reduce.php:612

filtertiny_mce_pluginsmodule\reduce.php:616

actionwpmodule\script.php:18

actionwp_headmodule\script.php:21

actionwp_body_openmodule\script.php:24

actionwp_footermodule\script.php:27

filterwpturbo_theme_outputmodule\script.php:40

actionwp_footermodule\script.php:48

filterwp_generate_attachment_metadatamodule\storage.php:21

actiondelete_attachmentmodule\storage.php:22

filterwp_get_attachment_metadatamodule\storage.php:25

filterwp_calculate_image_srcsetmodule\storage.php:26

filterwp_get_attachment_urlmodule\storage.php:27

actiontemplate_redirectmodule\theme.php:9

actionadmin_menumodule\turbo.php:18

filterplugin_action_linksmodule\turbo.php:20

actionadmin_enqueue_scriptsmodule\turbo.php:22

filterplugin_row_metamodule\turbo.php:24

actionadmin_noticesmodule\turbo.php:26

filterstyle_loader_tagmodule\turbo.php:359

filterscript_loader_tagmodule\turbo.php:387

Scheduled Events 2

wpturbo_optimize_database

wpturbo_download_google_font

Maintenance & Trust

WPTurbo -WordPress性能优化插件 Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 29, 2025

PHP min version7.0

Downloads11K

Community Trust

Rating0/100

Number of ratings0

Active installs600

Alternatives

WPTurbo -WordPress性能优化插件 Alternatives

Swift Performance Lite

swift-performance-lite

Swift Performance is a cache and performance booster plugin. It can speed up your site, improve SEO scores and user experience.

7K 4 CVEs

WP Fastest Cache – WordPress Cache Plugin

wp-fastest-cache

The simplest and fastest WP Cache system

1.0M 35 CVEs

W3 Total Cache

w3-total-cache

Search Engine (SEO) & Performance Optimization (WPO) via caching. Integrated caching: CDN, Page, Minify, Object, Fragment, Database support.

900K 28 CVEs

SpeedyCache – Cache, Optimization, Performance

speedycache

SpeedyCache is a WordPress cache plugin that helps you improve performance of your WordPress site by caching, minifying, and compressing your website.

600K 4 CVEs

Breeze Cache

breeze

Breeze is a caching plugin developed by Cloudways. Breeze uses advance caching systems to improve site loading times exponentially.

400K 8 CVEs

Developer Profile

WPTurbo -WordPress性能优化插件 Developer Profile

wbolt.com

11 plugins · 17K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

202 days

View full developer profile

Detection Fingerprints

How We Detect WPTurbo -WordPress性能优化插件

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpturbo/assets/js/lazyload.min.js/wp-content/plugins/wpturbo/assets/css/lazyload.min.css

Script Paths

/wp-content/plugins/wpturbo/assets/js/lazyload.min.js

Version Parameters

wpturbo/assets/js/lazyload.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpturbo-lazy

Data Attributes

data-srcdata-srcsetdata-sizes

FAQ