PLUGIN SECURITY
Is Cloudflare safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Cloudflare WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
cloudflare - Requires PHP: 7.4+
- Max supported PHP (analyzed): 8.4
Known vulnerabilities
- Cloudflare [cloudflare] < 1.3.21
- CVE-2017-9841 — Cloudflare [cloudflare] < 1.1.12 (Code Injection) · Critical
- Cloudflare [cloudflare] < 1.3.21
- Cloudflare [cloudflare] < 1.3.21
- Cloudflare [cloudflare] < 4.12.3
+ 1 more known vulnerability
- CVE-2024-0212 — Cloudflare [cloudflare] < 4.12.3 (Improper Access Control) · Medium
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Safer / more established alternatives
- Simple CAPTCHA with Cloudflare Turnstile — 100000+ active installs — max PHP 8.4
- Flexible SSL for CloudFlare — 100000+ active installs — max PHP 8.4
- Super Page Cache – Cloudflare Cache, Page Speed & Core Web Vitals — 60000+ active installs — max PHP 8.4
- Disable XML-RPC Pingback — 60000+ active installs
- Login Security Captcha — 10000+ active installs
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.