Generic.PHP.ForbiddenFunctions.Found

Forbidden PHP function found

The plugin uses a PHP or WordPress pattern that coding standards discourage.

medium weight

Why It Shows Up

Plugin Check found a discouraged function, forbidden function, goto, backtick operator, or similar construct.

Why It Matters

Discouraged patterns are often harder to review, less portable across hosts, or easier to misuse securely.

How to Fix

  • Identify why the construct is used and whether WordPress provides a safer API.
  • Replace shell execution, dynamic execution, or broad forbidden functions with constrained WordPress APIs.
  • If a third-party library triggers the warning, isolate and document it.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#501Ultimate Tag Cloud Widget37715164k+Output is not escaped
#502AK Featured Post Widget381354400Output is not escaped
#503BuddyPress Follow38114671k+Text Domain Mismatch
#504Category Posts Widget381532640k+Output is not escaped
#505Checkout Files Upload for WooCommerce38571207k+Input is not sanitized
#506Custom Menu Wizard Widget38326302k+Output is not escaped
#507Decent Comments3893282k+Output is not escaped
#508EU Cookie Law Compliance38151222k+Non Singular String Literal Domain
#509WP Team – WordPress Team Member Plugin3853736600Text Domain Mismatch
#510Insert PHP Code Snippet3816422790k+Output is not escaped
#511Auto SEO META keywords (META tags keywords) optimization + WooCommerce386334700Output is not escaped
#512MultiLine Files for Contact Form 73898409k+Text Domain Mismatch
#513Note – A live edit text widget38118491k+Output is not escaped
#514Ozh' Better Feed384535600Heredoc Output Not Escaped
#515Popular Widget386130700Unsafe printing function
#516qTranslate META388826400Output is not escaped
#517Recent Posts Plus3811141k+Output is not escaped
#518Restrict Widgets38135404k+Non Singular String Literal Domain
#519Like This3860171k+Output is not escaped
#520Author Image3851331k+Output is not escaped
#521Shapely Companion38493910k+Output is not escaped
#522Smart Maintenance Mode381371281k+Output is not escaped
#523Logo Slider , Logo Carousel , Logo showcase , Client Logo3872221k+Output is not escaped
#524TopList.cz381387400Output is not escaped
#525Twiget Twitter Widget3814736500Output is not escaped
#526WP Redirects – Contact Form 7385071400Unsafe printing function
#527Advanced Recent Posts Widget3910521k+Output is not escaped
#528Advanced Spoiler3910619600Non Singular String Literal Domain
#529Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)39164710k+Request data is not unslashed
#530Content Visibility for Divi Builder39184592k+Non Singular String Literal Domain
#531Cookies for Comments39222920k+Input is not validated
#532Gallery Widget3912211500Output is not escaped
#533HD Quiz39252827k+Output is not escaped
#534JJ NextGen JQuery Carousel391229400Output is not escaped
#535JJ NextGen JQuery Slider392217800Output is not escaped
#536Menubar39171461k+Output is not escaped
#537SKP WP Admin Login Captcha3977181k+Output is not escaped
#538Slider Text Scroll399552400Text Domain Mismatch
#539OpenHook39172221k+Unsafe printing function
#540Smart Variation Swatches and Attribute Filters for WooCommerce3939503k+Output is not escaped
#541Woo Button Text395321500Output is not escaped
#542Subscribe Button by AddToAny409347900Output is not escaped
#543Eventer4061551k+Output is not escaped
#544Featured Post403618900Output is not escaped
#545If Widget – Visibility control for Widgets4099251k+Unsafe printing function
#546IFrame Widget40871500Output is not escaped
#547NextGEN Gallery Sidebar Widget405910600Output is not escaped
#548Owl Carousel WP4062191k+Output is not escaped
#549Post Ratings4016032600Output is not escaped
#550Recent & Featured Posts Widget401242600Output is not escaped