WordPress.Security.PluginMenuSlug.Using__FILE__
Plugin menu slug uses __FILE__
Plugin Check reported a security-sensitive coding pattern that needs review.
Why It Shows Up
The finding came from a security-focused WordPress coding standard or Plugin Check rule.
Why It Matters
Security findings often involve trust boundaries: request input, browser output, redirects, database access, capabilities, or filesystem behavior.
How to Fix
- Identify the untrusted value or privileged action involved.
- Add validation, sanitization, escaping, nonce checks, capability checks, or prepared SQL as appropriate.
- Rerun Plugin Check after the code path is fixed.
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #201 | AWEOS Google Maps iframe load per click | 81 | 11 | 7 | 3k+ | Text Domain Mismatch | ||
| #202 | Checklist in Post | 81 | 14 | 7 | 400 | Missing Version | ||
| #203 | Export emails | 83 | 8 | 7 | 500 | Direct Query | ||
| #204 | LocaliQ – Tracking Code | 85 | 11 | 11 | 2k+ | Non-prefixed function | ||
| #205 | TopBar Call To Action | 85 | 40 | 5 | 2k+ | Text Domain Mismatch | ||
| #206 | Donorbox – Free Recurring Donation Plugin and Fundraising Platform | 87 | 5 | 6 | 8k+ | Missing Arg Domain | ||
| #207 | Local Business Schema (JSON-LD) Lite | 90 | 155 | 8 | 3k+ | Text Domain Mismatch | ||
| #208 | BZScore – Live Score | 94 | 5 | 3 | 700 | strip tags strip tags | ||
| #209 | Pinyin Slugs | 97 | 1 | 3k+ | Plugin menu slug uses __FILE__ |