Generic.PHP.ForbiddenFunctions.Found

Forbidden PHP function found

The plugin uses a PHP or WordPress pattern that coding standards discourage.

medium weight

Why It Shows Up

Plugin Check found a discouraged function, forbidden function, goto, backtick operator, or similar construct.

Why It Matters

Discouraged patterns are often harder to review, less portable across hosts, or easier to misuse securely.

How to Fix

Identify why the construct is used and whether WordPress provides a safer API.
Replace shell execution, dynamic execution, or broad forbidden functions with constrained WordPress APIs.
If a third-party library triggers the warning, isolate and document it.

References

WordPress Coding Standards

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#51	File Manager Pro – Filester	22	565	391	100k+	1 month ago	Request data is not unslashed
#52	Five Star Restaurant Menu and Food Ordering	22	752	609	5k+	19 days ago	Output is not escaped
#53	FunnelKit Payment Gateway for Stripe WooCommerce	22	244	321	20k+	1 month ago	Input is not sanitized
#54	GeoDirectory – WP Business Directory Plugin and Classified Listings Directory	22	4,462	3,972	10k+	12 days ago	Output is not escaped
#55	Anti-Malware Security and Brute-Force Firewall	22	544	965	100k+	4 months ago	Output is not escaped
#56	Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms	22	1,037	722	20k+	26 days ago	Unsafe printing function
#57	IMPress for IDX Broker	22	1,085	636	7k+	2 months ago	Text Domain Mismatch
#58	InfiniteWP Client	22	2,286	1,812	200k+	4 months ago	Exception output is not escaped
#59	Import WP – Export and Import CSV and XML files to WordPress	22	580	330	4k+	2 months ago	Exception output is not escaped
#60	LearnPress – WordPress LMS Plugin for Create and Sell Online Courses	22	2,361	3,384	70k+	5 days ago	Non-prefixed global variable
#61	Leyka	22	253	3,445	2k+	2 months ago	Request data is not unslashed
#62	MailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc.	22	2,619	2,453	10k+	3 days ago	Output is not escaped
#63	Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider	22	207	323	500k+	11 days ago	Non-prefixed global variable
#64	Newsletters	22	2,968	2,248	2k+	3 days ago	Text Domain Mismatch
#65	Smart Popup by Supsystic	22	3,172	503	10k+	22 days ago	Non Singular String Literal Domain
#66	Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App	22	1,581	2,326	300k+	19 days ago	Non-prefixed global variable
#67	Product Catalog Feed by PixelYourSite	22	581	357	8k+	3 years ago	Output is not escaped
#68	Seraphinite Accelerator	22	594	255	50k+	3 days ago	Output is not escaped
#69	Simple Job Board	22	634	1,355	10k+	18 days ago	Non-prefixed global variable
#70	Slim Jetpack	22	2,586	1,947	2k+	9 years ago	Text Domain Mismatch
#71	NextScripts: Social Networks Auto-Poster	22	2,408	1,133	30k+	4 months ago	Output is not escaped
#72	SportsPress – Sports Club & League Manager	22	460	2,242	10k+	4 months ago	Non-prefixed global variable
#73	Theme Editor	22	798	685	50k+	3 months ago	Output is not escaped
#74	ThemeHunk Customizer	22	3,969	582	7k+	7 months ago	Text Domain Mismatch
#75	Welcart e-Commerce	22	10,377	10,896	10k+	19 days ago	Text Domain Mismatch
#76	WCFM Marketplace – Multivendor Marketplace for WooCommerce	22	1,937	1,969	10k+	1 month ago	Non-prefixed global variable
#77	WCFM Membership – WooCommerce Memberships for Multivendor Marketplace	22	559	675	10k+	2 months ago	Non-prefixed global variable
#78	WooCommerce	22	1,355	6,129	7m+	26 days ago	Non-prefixed global variable
#79	Advanced AJAX Product Filters	22	2,683	1,205	50k+	27 days ago	Text Domain Mismatch
#80	ManageWP Worker	22	507	565	1m+	1 month ago	Non-prefixed class
#81	File Manager	22	740	520	1m+	2 months ago	Unsafe printing function
#82	WP Umbrella: Update Backup Restore & Monitoring	22	915	905	70k+	12 days ago	Exception output is not escaped
#83	WP-WebAuthn	22	957	396	2k+	2 months ago	Exception output is not escaped
#84	School Management System – WPSchoolPress	22	314	5,220	1k+	6 days ago	Non-prefixed global variable
#85	YaySMTP – WP Mail SMTP with Email Logs, Tracking & Reports	22	654	435	10k+	6 days ago	Exception output is not escaped
#86	YITH WooCommerce Ajax Search	22	408	1,659	30k+	6 days ago	Non-prefixed global variable
#87	Autoptimize	23	288	191	800k+	3 months ago	Output is not escaped
#88	Booking calendar, Appointment Booking System	23	1,079	1,125	4k+	3 months ago	Output is not escaped
#89	BSK PDF Manager	23	1,576	625	7k+	2 months ago	Text Domain Mismatch
#90	Business Directory Plugin – Easy Listing Directories for WordPress	23	611	1,058	10k+	1 month ago	Non-prefixed global variable
#91	CleanTalk Anti-Spam. Spam Firewall & Bot protection	23	826	1,078	200k+	4 days ago	Missing nonce verification
#92	Content Aware Sidebars – Fastest Widget Area Plugin	23	993	1,738	30k+	7 months ago	Non-prefixed global variable
#93	DK PDF – WordPress PDF Generator	23	744	335	3k+	5 months ago	Exception output is not escaped
#94	Easy Digital Downloads – eCommerce Payments and Subscriptions made easy	23	3,723	10,283	40k+	4 days ago	Non-prefixed namespace
#95	Ecwid by Lightspeed Ecommerce Shopping Cart	23	339	307	20k+	4 months ago	Missing direct file access protection
#96	Essential Real Estate	23	529	5,060	8k+	21 days ago	Non-prefixed global variable
#97	Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder with AI	23	395	1,342	90k+	4 days ago	Non-prefixed global variable
#98	Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder	23	4,746	1,279	30k+	12 days ago	Non Singular String Literal Domain
#99	Fuse Social Floating Sidebar	23	1,840	1,573	10k+	11 months ago	Non-prefixed global variable
#100	Gmedia Photo Gallery	23	350	1,121	7k+	5 months ago	Non-prefixed global variable