WordPress.PHP.DevelopmentFunctions.error_log_print_r
error log print r
Development or debugging behavior appears in code that may run in production.
Why It Shows Up
The scan found logging, debugging, path disclosure, `phpinfo()`, error-reporting changes, or similar development-oriented functions.
Why It Matters
Debug output can leak paths, configuration, request data, stack details, or sensitive runtime information.
How to Fix
- Remove temporary debugging calls before release.
- If logging is required, guard it with `WP_DEBUG` or a plugin setting intended for administrators.
- Never show debug details to unauthenticated visitors or normal front-end users.
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Updated | Top Issue |
|---|---|---|---|---|---|---|---|
| #751 | WP 404 Auto Redirect to Similar Post | 38 | 166 | 48 | 30k+ | Text Domain Mismatch | |
| #752 | WP Accessibility Helper (WAH) | 38 | 61 | 88 | 10k+ | Missing direct file access protection | |
| #753 | External Store for Shopify | 38 | 97 | 33 | 2k+ | Output is not escaped | |
| #754 | Weather Underground | 38 | 64 | 27 | 3k+ | Output is not escaped | |
| #755 | Zoho Campaigns | 38 | 3 | 129 | 3k+ | Non-prefixed global variable | |
| #756 | Ad Invalid Click Protector (AICP) | 39 | 78 | 57 | 10k+ | Text Domain Mismatch | |
| #757 | AffiliatePages – Pros & Cons, Notice, and CTA Blocks for Affiliates | 39 | 91 | 53 | 2k+ | Output is not escaped | |
| #758 | Australia Post WooCommerce Extension | 39 | 99 | 12 | 3k+ | Text Domain Mismatch | |
| #759 | Billplz for WooCommerce | 39 | 289 | 65 | 6k+ | Text Domain Mismatch | |
| #760 | Blogger Importer Extended | 39 | 55 | 45 | 4k+ | Output is not escaped | |
| #761 | Content Visibility for Divi Builder | 39 | 184 | 59 | 2k+ | Non Singular String Literal Domain | |
| #762 | Culqi | 39 | 571 | 88 | 1k+ | Text Domain Mismatch | |
| #763 | Prisna GWT – Google Website Translator | 39 | 117 | 77 | 8k+ | Text Domain Mismatch | |
| #764 | GoSMTP – SMTP for WordPress | 39 | 59 | 42 | 500k+ | Output is not escaped | |
| #765 | Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin | 39 | 1 | 395 | 3k+ | Input is not sanitized | |
| #766 | Meks Easy Photo Feed Widget | 39 | 77 | 27 | 10k+ | Output is not escaped | |
| #767 | Scripts n Styles | 39 | 150 | 92 | 30k+ | Output is not escaped | |
| #768 | Shipping Simulator for WooCommerce | 39 | 120 | 39 | 5k+ | Text Domain Mismatch | |
| #769 | Stock Ticker | 39 | 92 | 49 | 2k+ | Output is not escaped | |
| #770 | CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x | 39 | 7 | 222 | 20k+ | Non-prefixed hook name | |
| #771 | Eurobank WooCommerce Payment Gateway | 39 | 62 | 63 | 2k+ | Non Singular String Literal Domain | |
| #772 | Additional Variation Images Gallery for WooCommerce | 39 | 61 | 127 | 20k+ | Non-prefixed global variable | |
| #773 | Claudio Sanches – PagSeguro for WooCommerce | 39 | 87 | 37 | 10k+ | Unsafe printing function | |
| #774 | Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools | 39 | 323 | 66 | 8k+ | Output is not escaped | |
| #775 | WP Accessibility | 39 | 199 | 104 | 60k+ | Unsafe printing function | |
| #776 | Alt Magic: AI Image Alt Text Generator for WP & Image Rename | 40 | 55 | 118 | 1k+ | Direct Query | |
| #777 | Contact form 7 TO API + Basic Auth | 40 | 73 | 30 | 1k+ | Non Singular String Literal Domain | |
| #778 | Payment Gateway of PayPal for WooCommerce | 40 | 44 | 173 | 7k+ | Nonce verification recommended | |
| #779 | FlyWP Helper – Page Cache, Page Optimization, Emails for FlyWP Server Control Panel | 40 | 20 | 81 | 4k+ | Non-prefixed global variable | |
| #780 | heatmap for WordPress – Realtime analytics | 40 | 94 | 15 | 1k+ | Non Singular String Literal Domain | |
| #781 | JSM Show Post Metadata | 40 | 15 | 66 | 10k+ | Nonce verification recommended | |
| #782 | JSM Show User Metadata | 40 | 14 | 64 | 3k+ | Nonce verification recommended | |
| #783 | One Click SSL | 40 | 136 | 62 | 10k+ | Unsafe printing function | |
| #784 | Quiz Cat – WordPress Quiz Plugin | 40 | 151 | 69 | 5k+ | Output is not escaped | |
| #785 | Multiple Shipping Addresses for WooCommerce (Address Book) | 40 | 21 | 208 | 2k+ | Non-prefixed global variable | |
| #786 | Payment Gateway – nexi Alpha Bank for WooCommerce | 40 | 28 | 45 | 1k+ | Missing nonce verification | |
| #787 | Word Balloon | 40 | 20 | 125 | 10k+ | Request data is not unslashed | |
| #788 | Comments Like Dislike | 41 | 172 | 20 | 5k+ | Non Singular String Literal Domain | |
| #789 | Debug Bar | 41 | 64 | 25 | 20k+ | Output is not escaped | |
| #790 | Disable Everything | 41 | 90 | 16 | 30k+ | Output is not escaped | |
| #791 | Ko-fi Button | 41 | 75 | 15 | 5k+ | Output is not escaped | |
| #792 | Central Color Palette | 41 | 73 | 33 | 10k+ | Output is not escaped | |
| #793 | MaxLimits – Increase Maximum Upload, Post & PHP Limits | 41 | 99 | 16 | 1k+ | Unsafe printing function | |
| #794 | Social Login | 41 | 8 | 110 | 5k+ | Input is not sanitized | |
| #795 | Variation Swatches for WooCommerce | 41 | 29 | 126 | 9k+ | Missing nonce verification | |
| #796 | Simple CPT | 41 | 280 | 60 | 4k+ | Unsafe printing function | |
| #797 | Checkout Field Editor (Checkout Manager) for WooCommerce | 41 | 9 | 88 | 400k+ | Nonce verification recommended | |
| #798 | Pledged Plugins PCI Gateway for NMI and WooCommerce | 41 | 160 | 42 | 3k+ | Text Domain Mismatch | |
| #799 | Advanced FAQ Manager | 42 | 9 | 59 | 2k+ | Input is not sanitized | |
| #800 | CCAvenue Payment Gateway for WooCommerce | 42 | 53 | 40 | 3k+ | Text Domain Mismatch |
