Is plug_cross_origin_protection safe to use?

plug_cross_origin_protection has no known vulnerabilities on the latest version (0.2.0). DepScope rates its health at 45/100 (high risk).

What is the latest version of plug_cross_origin_protection?

The latest version of plug_cross_origin_protection is 0.2.0, released 2026-01-12.

No known vulnerabilities on the latest version of plug_cross_origin_protection.

No, plug_cross_origin_protection is actively maintained. Latest release: 0.2.0 (2026-01-12).

DepScope has no curated alternatives for plug_cross_origin_protection at this time.

plug_cross_origin_protection is licensed under MIT.

hexv0.2.0

A Plug to protect against Cross-Site Request Forgery (CSRF) attacks using modern header-based checks (Sec-Fetch-Site and Origin) instead of tokens.

License MITpermissive2 versions1 maintainers0 deps2 weekly dl

/ 100

Health

safe to use

[email protected] is safe to use (health: 45/100)

Health breakdown0 – 100

15/25

maintenance

0/20

popularity

25/25

security

3/15

maturity

2/15

community

Vulnerabilities

none known

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/hex/plug_cross_origin_protection

First published · 2026-01-11T22:29:10.534549Z

Last updated · 2026-01-12T16:32:25.892763Z