WordPress.PHP.DevelopmentFunctions.prevent_path_disclosure_error_reporting

prevent path disclosure error reporting

Development or debugging behavior appears in code that may run in production.

medium weight

Why It Shows Up

The scan found logging, debugging, path disclosure, `phpinfo()`, error-reporting changes, or similar development-oriented functions.

Why It Matters

Debug output can leak paths, configuration, request data, stack details, or sensitive runtime information.

How to Fix

  • Remove temporary debugging calls before release.
  • If logging is required, guard it with `WP_DEBUG` or a plugin setting intended for administrators.
  • Never show debug details to unauthenticated visitors or normal front-end users.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#251Year Make Model Search for WooCommerce351881621k+Output is not escaped
#252authLdap3647304k+Exception output is not escaped
#253CP Blocks3646381k+wp function not compatible with requires wp
#254Google SEO Pressor for Rich snippets3651160400Missing nonce verification
#255Speed Optimizer – The All-In-One Performance-Boosting Plugin3645961m+Non-prefixed hook name
#256Wanderlust OCA para WooCommerce3615755500Text Domain Mismatch
#257WP Coder – Insert & Manage Code Snippets365328010k+Nonce verification recommended
#258360 Javascript Viewer37144221k+Output is not escaped
#259Delivery Date Time & Pickup for WooCommerce37148216400Output is not escaped
#260Get Custom Field Values3740441k+Output is not escaped
#261XML Sitemap Generator for Google3743791m+Input is not validated
#262Phoenix Media Rename3717510450k+Output is not escaped
#263Ashe Extra38109543k+Text Domain Mismatch
#264CRUDLab Disable Comments382054700Missing nonce verification
#265Buttonizer – Social Media Share Buttons, Social Icons, & Social Feeds381678250k+Output is not escaped
#266Lana Downloads Manager38146783k+Unsafe printing function
#267Responsive Mailform ( Plugin Version ) – easy, responsive, contact, mailform38120107500Output is not escaped
#268Slickplan Importer384058400Non-prefixed global variable
#269Templatiq383194900Non-prefixed hook name
#270BugSnag Error Monitoring plugin3952962k+wp function not compatible with requires wp
#271Culqi39571881k+Text Domain Mismatch
#272Library Viewer396593400Non-prefixed hook name
#273UserHeat Plugin39121206k+Non Singular String Literal Domain
#274WP Multibyte Patch3924551m+Input is not sanitized
#275Analytics Germanized for Google Analytics (GDPR / DSGVO)4049148k+Output is not escaped
#276QR code MeCard/vCard generator40322212k+Unsafe printing function
#277Lockdown WP Admin41205010k+Request data is not unslashed
#278Text Hover4144131k+Output is not escaped
#279Text Replace4155123k+Output is not escaped
#280Trusty Whistleblowing Solution4223017400Text Domain Mismatch
#281Directorist – WPML Integration4310134400Non-prefixed hook name
#282Good Old Twitter Feed Widget4311010400Text Domain Mismatch
#283Buttonizer – Live Chat, AI Chatbot, Call, Chat, Contact Button44247150k+Non-prefixed constant
#284Tabby Checkout4733464k+Non-prefixed class
#285WP PHP Console471824500Output is not escaped
#286MWW Disclaimer Buttons482116400Output is not escaped
#287Search in Place4974573k+wp function not compatible with requires wp
#288PDF Invoices & Packing Slips for WooCommerce – Challan49561514k+Non-prefixed global variable
#289StoryChief5112551k+Input is not sanitized
#290Hangul font nanumgothic – google5235161k+Output is not escaped
#291WP Hooks Finder5227311k+Output is not escaped
#292Social Media Widget53902130k+Text Domain Mismatch
#293WP Console – WordPress PHP Console powered by PsySH53344820k+Exception output is not escaped
#294Anti-Captcha (anti-spam botblocker)5623261k+rand mt rand
#295Blog Time57386600Output is not escaped
#296Text Domain Inspector614136400Non-prefixed global variable
#297Mantenimiento web63491520k+Text Domain Mismatch
#298Werk aan de Muur644820900Non Singular String Literal Domain
#299CP Media Player – Audio Player and Video Player66224483k+Text Domain Mismatch
#300Payment Gateway for Cpay with WooCommerce676726400wp function not compatible with requires wp