Generic.PHP.ForbiddenFunctions.Found
PHP Forbidden Functions Found
The plugin uses a PHP or WordPress pattern that coding standards discourage.
Why It Shows Up
Plugin Check found a discouraged function, forbidden function, goto, backtick operator, or similar construct.
Why It Matters
Discouraged patterns are often harder to review, less portable across hosts, or easier to misuse securely.
How to Fix
- Identify why the construct is used and whether WordPress provides a safer API.
- Replace shell execution, dynamic execution, or broad forbidden functions with constrained WordPress APIs.
- If a third-party library triggers the warning, isolate and document it.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Updated | Top Issue |
|---|---|---|---|---|---|---|---|
| #251 | Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates | 27 | 8 | 550 | 10k+ | Non Prefixed Namespace Found | |
| #252 | Custom Scrollbar | 27 | 184 | 191 | 2k+ | Output Not Escaped | |
| #253 | Gallery – Photo Albums Plugin | 27 | 647 | 252 | 2k+ | Output Not Escaped | |
| #254 | Multilanguage by BestWebSoft – WordPress Translation Plugin and Language Switcher | 27 | 465 | 345 | 3k+ | Text Domain Mismatch | |
| #255 | MW WP Form | 27 | 334 | 219 | 200k+ | Output Not Escaped | |
| #256 | PublishPress Permissions: Control User Access for Posts, Pages, Categories, Tags | 27 | 424 | 323 | 10k+ | Missing Translators Comment | |
| #257 | Side Cart Woocommerce | Woocommerce Cart | 27 | 490 | 439 | 80k+ | Output Not Escaped | |
| #258 | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | 27 | 165 | 430 | 100k+ | Non Prefixed Variable Found | |
| #259 | WP-DBManager | 27 | 386 | 304 | 60k+ | Non Prefixed Variable Found | |
| #260 | WP Activity Log | 27 | 96 | 230 | 300k+ | Recommended | |
| #261 | GTmetrix for WordPress | 28 | 109 | 70 | 8k+ | Output Not Escaped | |
| #262 | HootKit | 28 | 429 | 1,295 | 8k+ | Non Prefixed Variable Found | |
| #263 | Kadence Starter Templates — Predesigned Website Templates | 28 | 312 | 215 | 300k+ | Missing Arg Domain | |
| #264 | Maven Algolia | 28 | 148 | 89 | 6k+ | Non Singular String Literal Domain | |
| #265 | درگاه پرداخت بانک ملت ووکامرس | 28 | 61 | 130 | 2k+ | Missing Unslash | |
| #266 | Order Tracking – WordPress Status Tracking Plugin | 28 | 619 | 772 | 3k+ | Unsafe Printing Function | |
| #267 | افزونه حمل و نقل ووکامرس | پست پیشتاز، تیپاکس و پیک موتوری | 28 | 131 | 190 | 20k+ | Missing | |
| #268 | Jetpack VaultPress | 28 | 71 | 362 | 10k+ | Missing | |
| #269 | YITH WooCommerce Product Bundles | 28 | 404 | 1,480 | 3k+ | Non Prefixed Variable Found | |
| #270 | Kits, Templates and Patterns | 29 | 380 | 91 | 5k+ | Text Domain Mismatch | |
| #271 | PhastPress | 29 | 95 | 52 | 10k+ | Exception Not Escaped | |
| #272 | Post Views Counter | 29 | 179 | 398 | 200k+ | Non Prefixed Hookname Found | |
| #273 | Responder | 29 | 77 | 185 | 3k+ | Non Prefixed Variable Found | |
| #274 | Security Ninja – WordPress Security & Firewall | 29 | 149 | 347 | 7k+ | Direct Query | |
| #275 | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX | 29 | 135 | 400 | 40k+ | Non Prefixed Variable Found | |
| #276 | WP Popular Posts | 29 | 77 | 300 | 100k+ | Non Prefixed Variable Found | |
| #277 | Dynamic Pricing With Discount Rules for WooCommerce | 30 | 136 | 131 | 5k+ | Output Not Escaped | |
| #278 | Custom Field Template | 30 | 521 | 618 | 30k+ | Recommended | |
| #279 | Import WooCommerce Suite | 30 | 80 | 434 | 4k+ | Interpolated Not Prepared | |
| #280 | Invisible reCaptcha for WordPress | 30 | 90 | 185 | 80k+ | Input Not Sanitized | |
| #281 | Travelers' Map | 30 | 311 | 155 | 1k+ | Output Not Escaped | |
| #282 | Waitlist Woocommerce ( Back in stock notifier ) | 30 | 272 | 311 | 4k+ | Output Not Escaped | |
| #283 | Widgetize Pages Light | 30 | 145 | 104 | 3k+ | Output Not Escaped | |
| #284 | YayPricing – WooCommerce Dynamic Pricing & Discounts | 30 | 174 | 186 | 3k+ | Non Prefixed Variable Found | |
| #285 | YITH Pre-Order for WooCommerce | 30 | 397 | 1,464 | 6k+ | Non Prefixed Variable Found | |
| #286 | YITH WooCommerce Popup | 30 | 395 | 1,551 | 2k+ | Non Prefixed Variable Found | |
| #287 | YITH WooCommerce Product Slider Carousel | 30 | 389 | 1,479 | 4k+ | Non Prefixed Variable Found | |
| #288 | Asgaros Forum | 31 | 167 | 412 | 10k+ | Output Not Escaped | |
| #289 | cformsII | 31 | 777 | 536 | 4k+ | Unsafe Printing Function | |
| #290 | Download Plugin | 31 | 78 | 102 | 50k+ | Missing Unslash | |
| #291 | MainWP Dashboard: Self-hosted WordPress Management for Agencies | 31 | 95 | 317 | 20k+ | Interpolated Not Prepared | |
| #292 | Qode Essential Addons | 31 | 55 | 295 | 10k+ | Non Prefixed Variable Found | |
| #293 | Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets | 31 | 837 | 295 | 100k+ | Unsafe Printing Function | |
| #294 | WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More | 31 | 165 | 271 | 5m+ | Non Prefixed Variable Found | |
| #295 | YITH Color and Label Variations for WooCommerce | 31 | 393 | 1,428 | 9k+ | Non Prefixed Variable Found | |
| #296 | YITH WooCommerce Brands Add-On | 31 | 393 | 1,425 | 9k+ | Non Prefixed Variable Found | |
| #297 | YITH WooCommerce Catalog Mode | 31 | 380 | 1,418 | 60k+ | Non Prefixed Variable Found | |
| #298 | YITH WooCommerce Featured Video | 31 | 383 | 1,434 | 3k+ | Non Prefixed Variable Found | |
| #299 | YITH Frequently Bought Together for WooCommerce | 31 | 389 | 1,452 | 8k+ | Non Prefixed Variable Found | |
| #300 | YITH WooCommerce Order & Shipment Tracking | 31 | 380 | 1,420 | 7k+ | Non Prefixed Variable Found |
