WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
Non-prefixed hook name
The plugin defines a hook name without a plugin-specific prefix.
Why It Shows Up
WordPress loads many plugins in the same PHP runtime. Plugin Check found a global symbol or hook name that is not clearly namespaced to this plugin.
Why It Matters
Unprefixed globals can collide with WordPress core, themes, or other plugins, causing fatal errors, overwritten values, or handlers running in the wrong context.
How to Fix
- Choose a short, unique prefix or namespace based on the plugin slug or vendor name.
- Rename the hook name so it cannot collide with code from another plugin.
- For public hooks, document the final hook name and keep it stable after release.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #2151 | TypeSquare Webfonts for エックスサーバー | 35 | 183 | 98 | 100k+ | Missing Arg Domain | ||
| #2152 | Yabe Webfont – Use Custom Fonts, Google Fonts or Adobe Fonts | 35 | 48 | 114 | 5k+ | Non-prefixed hook name | ||
| #2153 | Comment Experience by Progress Planner | 35 | 135 | 8 | 500 | Text Domain Mismatch | ||
| #2154 | Yoco Payments | 35 | 2 | 32 | 10k+ | Nonce verification recommended | ||
| #2155 | Yotpo: Product & Photo Reviews for WooCommerce | 35 | 24 | 189 | 2k+ | Non-prefixed function | ||
| #2156 | Embeds for YouTube | 35 | 255 | 307 | 10k+ | Non-prefixed global variable | ||
| #2157 | Ziina | 35 | 10 | 25 | 2k+ | Input is not sanitized | ||
| #2158 | Product Labels For Woocommerce (Sale Badges) | 36 | 90 | 48 | 10k+ | Output is not escaped | ||
| #2159 | Admin Customizer | 36 | 143 | 64 | 1k+ | Output is not escaped | ||
| #2160 | Age Verification for your checkout page. Verify your customer's identity | 36 | 155 | 238 | 500 | Output is not escaped | ||
| #2161 | SOOZ – AI for SEO – Bulk Generate Focus Keyphrases, Metadata, Alt Text (SEO Autopilot) | 36 | 4 | 342 | 2k+ | Nonce verification recommended | ||
| #2162 | Awesome GDPR Compliant Cookie Consent and Notice | 36 | 653 | 201 | 500 | Text Domain Mismatch | ||
| #2163 | Bard Extra | 36 | 159 | 75 | 700 | Text Domain Mismatch | ||
| #2164 | Bit Form – Contact Form, Payment Forms, Multi Step Forms, Calculator & Custom Form Builder | 36 | 3 | 321 | 10k+ | Nonce verification recommended | ||
| #2165 | Blaze Demo Importer | 36 | 101 | 94 | 8k+ | Output is not escaped | ||
| #2166 | BlockStrap Page Builder – Bootstrap Blocks | 36 | 81 | 89 | 2k+ | Missing direct file access protection | ||
| #2167 | BP Group Documents | 36 | 27 | 195 | 600 | Non-prefixed global variable | ||
| #2168 | Breadcrumb NavXT | 36 | 102 | 111 | 800k+ | Non Singular String Literal Domain | ||
| #2169 | BuddyMeet | 36 | 114 | 32 | 700 | Unsafe printing function | ||
| #2170 | Bus Ticket Booking with Seat Reservation | 36 | 145 | 192 | 800 | Non-prefixed global variable | ||
| #2171 | Simple SEO | 36 | 164 | 113 | 10k+ | Non Singular String Literal Domain | ||
| #2172 | Contact Form 7 Gated Content | 36 | 122 | 36 | 800 | Short PHP open tag found | ||
| #2173 | Multi Step for Contact Form 7 | 36 | 61 | 106 | 10k+ | Missing nonce verification | ||
| #2174 | Contact Form 7 Polylang Module | 36 | 32 | 45 | 5k+ | Output is not escaped | ||
| #2175 | CloudPayments Gateway for WooCommerce | 36 | 205 | 70 | 500 | Text Domain Mismatch | ||
| #2176 | CM Header and Footer – Add custom scripts and styles to your header and footer with ease | 36 | 230 | 198 | 1k+ | Output is not escaped | ||
| #2177 | CMB2 | 36 | 148 | 19 | 300k+ | Output is not escaped | ||
| #2178 | Code Snippets | 36 | 34 | 203 | 1m+ | Nonce verification recommended | ||
| #2179 | Conditional Payments for WooCommerce | 36 | 292 | 184 | 10k+ | Text Domain Mismatch | ||
| #2180 | Conditional Shipping for WooCommerce | 36 | 93 | 196 | 10k+ | Non-prefixed global variable | ||
| #2181 | Constant Contact Forms | 36 | 39 | 89 | 20k+ | Missing nonce verification | ||
| #2182 | Continuous Image Carousel With Lightbox | 36 | 255 | 129 | 1k+ | Output is not escaped | ||
| #2183 | CP Blocks | 36 | 46 | 38 | 1k+ | wp function not compatible with requires wp | ||
| #2184 | CSH Login | 36 | 126 | 41 | 500 | Output is not escaped | ||
| #2185 | Custom PHP Settings | 36 | 153 | 76 | 10k+ | Output is not escaped | ||
| #2186 | Depicter — Popup & Slider Builder | 36 | 130 | 121 | 80k+ | Exception output is not escaped | ||
| #2187 | Desktop Mode | 36 | 1 | 579 | 2k+ | Direct Query | ||
| #2188 | Doneren met Mollie | 36 | 420 | 351 | 4k+ | SQL query is not prepared | ||
| #2189 | Duitku Payment Gateway | 36 | 507 | 107 | 700 | Text Domain Mismatch | ||
| #2190 | Duplicate Post – duplicate pages, copy content, clone posts | 36 | 71 | 81 | 5k+ | wp function not compatible with requires wp | ||
| #2191 | Dynamic Visibility for Elementor | 36 | 56 | 89 | 50k+ | Non-prefixed hook name | ||
| #2192 | WP CTA – Call Now Button, Sticky Button & Call to Action Builder | 36 | 1 | 433 | 2k+ | Non-prefixed global variable | ||
| #2193 | Easy Support Videos – Embed videos in the admin | 36 | 160 | 95 | 500 | Output is not escaped | ||
| #2194 | Product Carousel Slider for Elementor | 36 | 148 | 63 | 1k+ | Text Domain Mismatch | ||
| #2195 | Enhanced Media Library | 36 | 361 | 117 | 60k+ | Unsafe printing function | ||
| #2196 | Envo's Templates & Widgets for Elementor and WooCommerce | 36 | 1,065 | 54 | 10k+ | Text Domain Mismatch | ||
| #2197 | Export Variable Products | 36 | 79 | 49 | 400 | Text Domain Mismatch | ||
| #2198 | FreePay for WooCommerce | 36 | 114 | 102 | 400 | Output is not escaped | ||
| #2199 | Friendly Functions for Welcart | 36 | 311 | 83 | 1k+ | Non Singular String Literal Domain | ||
| #2200 | Genesis Sandbox Featured Content Widget | 36 | 229 | 24 | 1k+ | Text Domain Mismatch |