Generic.PHP.ForbiddenFunctions.Found

PHP Forbidden Functions Found

The plugin uses a PHP or WordPress pattern that coding standards discourage.

medium weight

Why It Shows Up

Plugin Check found a discouraged function, forbidden function, goto, backtick operator, or similar construct.

Why It Matters

Discouraged patterns are often harder to review, less portable across hosts, or easier to misuse securely.

How to Fix

Identify why the construct is used and whether WordPress provides a safer API.
Replace shell execution, dynamic execution, or broad forbidden functions with constrained WordPress APIs.
If a third-party library triggers the warning, isolate and document it.

References

WordPress Coding Standards

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	BulletProof Security	0	5,048	4,949	20k+	1 month ago	Output Not Escaped
#2	JetBackup – Backup, Restore & Migrate	10	1,559	145	100k+	2 months ago	Exception Not Escaped
#3	wpForo Forum	17	4,033	2,922	20k+	21 days ago	Unsafe Printing Function
#4	WPtouch – Make your WordPress Website Mobile-Friendly	17	1,466	325	50k+	7 months ago	Text Domain Mismatch
#5	Download Monitor	19	425	1,364	80k+	5 days ago	Non Prefixed Hookname Found
#6	Event Organiser	19	1,106	544	20k+	2 years ago	Text Domain Mismatch
#7	Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution	19	1,218	901	100k+	12 days ago	Exception Not Escaped
#8	Matomo Analytics – Powerful, Privacy-First Insights for WordPress	19	1,909	878	100k+	5 days ago	Exception Not Escaped
#9	Membership Plugin – Kadence Memberships	19	5,082	2,982	9k+	26 days ago	Text Domain Mismatch
#10	Scrollsequence – Cinematic Scroll Image Animation Plugin	19	878	1,528	4k+	14 days ago	Non Prefixed Variable Found
#11	BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot	20	508	1,406	30k+	3 days ago	Non Prefixed Variable Found
#12	Brizy – Page Builder	20	589	720	70k+	12 days ago	Output Not Escaped
#13	GiveWP – Donation Plugin and Fundraising Platform	20	3,435	3,580	100k+	6 days ago	Output Not Escaped
#14	Link Library	20	1,941	1,397	10k+	2 months ago	Unsafe Printing Function
#15	Brevo – Email, SMS, Web Push, Chat, and more.	20	460	646	100k+	2 months ago	Missing Unslash
#16	Microthemer Lite – Visual Editor to Customize CSS	20	1,004	1,699	10k+	2 months ago	Non Prefixed Variable Found
#17	Pix por Piggly (para Woocommerce)	20	547	195	4k+	2 years ago	Exception Not Escaped
#18	Robin Image Optimizer – Unlimited Image Optimization, WebP & AVIF	20	557	541	100k+	1 month ago	Output Not Escaped
#19	Razorpay for WooCommerce	20	974	855	100k+	2 days ago	Non Prefixed Function Found
#20	WPJAM Basic	20	328	356	4k+	5 days ago	Output Not Escaped
#21	Backup Migration	21	981	1,093	80k+	16 days ago	Non Prefixed Variable Found
#22	CallTrackingMetrics	21	923	286	3k+	4 months ago	Unsafe Printing Function
#23	Captcha Them All	21	300	323	6k+	3 years ago	Output Not Escaped
#24	Comet Cache	21	857	245	20k+	12 months ago	Output Not Escaped
#25	FileOrganizer – WordPress File Manager	21	536	241	200k+	11 days ago	unlink unlink
#26	Packeta	21	802	333	8k+	8 months ago	Exception Not Escaped
#27	User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor	21	696	1,483	50k+	11 days ago	Recommended
#28	PublishPress Planner – Editorial Calendar, Marketing Content, Kanban Board	21	603	890	6k+	1 month ago	Output Not Escaped
#29	Five Star Restaurant Reservations – WordPress Booking Plugin	21	1,099	1,147	10k+	2 days ago	Output Not Escaped
#30	Royal Addons for Elementor – Addons and Templates Kit for Elementor	21	13,011	2,530	600k+	13 days ago	Text Domain Mismatch
#31	Smart Forms – when you need more than just a contact form	21	776	574	5k+	1 month ago	Output Not Escaped
#32	Accept Stripe Payments	21	373	882	20k+	2 months ago	Missing
#33	Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools	21	786	3,395	30k+	4 days ago	Non Prefixed Variable Found
#34	WP phpMyAdmin	21	4,528	6,435	50k+	8 months ago	Missing Arg Domain
#35	wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin	21	1,354	1,140	70k+	13 days ago	Output Not Escaped
#36	Frontend Admin by DynamiApps	22	5,922	3,208	10k+	4 days ago	Text Domain Mismatch
#37	Advanced Ads – Ad Manager & AdSense	22	578	734	100k+	13 days ago	Non Prefixed Variable Found
#38	Better Messages – Chat Rooms, Group Chat, Private Messages & AI Chat Bots	22	1,604	2,019	10k+	11 days ago	Direct Query
#39	BuddyPress	22	583	9,008	100k+	9 months ago	Non Prefixed Function Found
#40	RegistrationMagic – User Registration Forms Plugin	22	3,654	5,062	8k+	yesterday	Non Prefixed Variable Found
#41	Download Manager	22	2,290	1,301	100k+	5 days ago	Output Not Escaped
#42	Dynamic QR Code – generator	22	238	208	6k+	1 year ago	missing direct file access protection
#43	E2Pdf – Export Pdf Tool for WordPress	22	1,075	836	10k+	5 days ago	Unsafe Printing Function
#44	Events Manager – Calendar, Bookings, Tickets, and more!	22	4,722	5,621	70k+	2 days ago	Output Not Escaped
#45	File Manager Pro – Filester	22	565	391	100k+	29 days ago	Missing Unslash
#46	Five Star Restaurant Menu and Food Ordering	22	752	609	5k+	18 days ago	Output Not Escaped
#47	FunnelKit Payment Gateway for Stripe WooCommerce	22	244	321	20k+	1 month ago	Input Not Sanitized
#48	GeoDirectory – WP Business Directory Plugin and Classified Listings Directory	22	4,462	3,972	10k+	11 days ago	Output Not Escaped
#49	Anti-Malware Security and Brute-Force Firewall	22	544	965	100k+	3 months ago	Output Not Escaped
#50	Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms	22	1,037	722	20k+	25 days ago	Unsafe Printing Function