WordPress.Security.PluginMenuSlug.Using__FILE__

Plugin menu slug uses __FILE__

Plugin Check reported a security-sensitive coding pattern that needs review.

critical weight

Why It Shows Up

The finding came from a security-focused WordPress coding standard or Plugin Check rule.

Why It Matters

Security findings often involve trust boundaries: request input, browser output, redirects, database access, capabilities, or filesystem behavior.

How to Fix

  • Identify the untrusted value or privileged action involved.
  • Add validation, sanitization, escaping, nonce checks, capability checks, or prepared SQL as appropriate.
  • Rerun Plugin Check after the code path is fixed.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#201AWEOS Google Maps iframe load per click811173k+Text Domain Mismatch
#202Checklist in Post81147400Missing Version
#203Export emails8387500Direct Query
#204LocaliQ – Tracking Code8511112k+Non-prefixed function
#205TopBar Call To Action854052k+Text Domain Mismatch
#206Donorbox – Free Recurring Donation Plugin and Fundraising Platform87568k+Missing Arg Domain
#207Local Business Schema (JSON-LD) Lite9015583k+Text Domain Mismatch
#208BZScore – Live Score9453700strip tags strip tags
#209Pinyin Slugs9713k+Plugin menu slug uses __FILE__