WordPress.WP.AlternativeFunctions.file_system_operations_chmod
file system operations chmod
The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.
Why It Shows Up
Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.
Why It Matters
WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.
How to Fix
- Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
- Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
- Never write PHP code from user input or remote responses.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Updated | Top Issue |
|---|---|---|---|---|---|---|---|
| #51 | Newsletters | 22 | 2,968 | 2,248 | 2k+ | Text Domain Mismatch | |
| #52 | Smart Popup by Supsystic | 22 | 3,172 | 503 | 10k+ | Non Singular String Literal Domain | |
| #53 | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | 22 | 1,581 | 2,326 | 300k+ | Non Prefixed Variable Found | |
| #54 | Prime Mover – Migrate WordPress Website & Backups | 22 | 1,326 | 1,600 | 10k+ | Non Prefixed Variable Found | |
| #55 | PageSpeed Ninja – Cache, Minify, Defer CSS JavaScript, Critical CSS, Optimize Images, Convert WebP | 22 | 984 | 407 | 5k+ | Unsafe Printing Function | |
| #56 | ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF | 22 | 1,044 | 799 | 300k+ | Non Prefixed Variable Found | |
| #57 | Simple Job Board | 22 | 634 | 1,355 | 10k+ | Non Prefixed Variable Found | |
| #58 | WooCommerce | 22 | 1,355 | 6,129 | 7m+ | Non Prefixed Variable Found | |
| #59 | ManageWP Worker | 22 | 507 | 565 | 1m+ | Non Prefixed Class Found | |
| #60 | File Manager | 22 | 740 | 520 | 1m+ | Unsafe Printing Function | |
| #61 | WP Umbrella: Update Backup Restore & Monitoring | 22 | 915 | 905 | 70k+ | Exception Not Escaped | |
| #62 | Wp-Insert | 22 | 267 | 301 | 10k+ | Output Not Escaped | |
| #63 | WP-WebAuthn | 22 | 957 | 396 | 2k+ | Exception Not Escaped | |
| #64 | WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell | 22 | 5,996 | 2,790 | 5k+ | Text Domain Mismatch | |
| #65 | WPSSO Core – Complete Schema Markup and Meta Tags | 22 | 1,407 | 412 | 5k+ | Missing Translators Comment | |
| #66 | YaySMTP – WP Mail SMTP with Email Logs, Tracking & Reports | 22 | 654 | 435 | 10k+ | Exception Not Escaped | |
| #67 | ЮKassa для WooCommerce | 22 | 591 | 168 | 9k+ | Echo Found | |
| #68 | Affiliate Super Assistent | 23 | 1,280 | 267 | 2k+ | Text Domain Mismatch | |
| #69 | Kadence Security – Password, Two Factor Authentication, and Brute Force Protection | 23 | 1,053 | 967 | 700k+ | Missing Translators Comment | |
| #70 | Content Egg – Affiliate Product Importer & Price Comparison | 23 | 1,231 | 1,257 | 10k+ | Non Prefixed Variable Found | |
| #71 | CWW Companion | 23 | 307 | 223 | 1k+ | Output Not Escaped | |
| #72 | DK PDF – WordPress PDF Generator | 23 | 744 | 335 | 3k+ | Exception Not Escaped | |
| #73 | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | 23 | 3,723 | 10,283 | 40k+ | Non Prefixed Namespace Found | |
| #74 | Error Log Monitor | 23 | 694 | 1,414 | 20k+ | Non Prefixed Variable Found | |
| #75 | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder with AI | 23 | 395 | 1,342 | 90k+ | Non Prefixed Variable Found | |
| #76 | Export WordPress Pages to Static HTML & PDF — Static Site Export | 23 | 490 | 301 | 5k+ | Text Domain Mismatch | |
| #77 | Fuse Social Floating Sidebar | 23 | 1,840 | 1,573 | 10k+ | Non Prefixed Variable Found | |
| #78 | Futurio Extra | 23 | 787 | 205 | 20k+ | Text Domain Mismatch | |
| #79 | GAinWP Google Analytics Integration for WordPress | 23 | 525 | 176 | 8k+ | Output Not Escaped | |
| #80 | Gmedia Photo Gallery | 23 | 350 | 1,121 | 7k+ | Non Prefixed Variable Found | |
| #81 | Kenta Companion | 23 | 657 | 1,419 | 2k+ | Non Prefixed Variable Found | |
| #82 | License Manager for WooCommerce | 23 | 129 | 819 | 6k+ | Missing Unslash | |
| #83 | Master Slider – Responsive Touch Slider | 23 | 800 | 408 | 60k+ | Output Not Escaped | |
| #84 | MasterStudy LMS WordPress Plugin – for Online Courses and Education | 23 | 1,419 | 4,875 | 10k+ | Non Prefixed Variable Found | |
| #85 | Media Library Assistant | 23 | 1,144 | 3,943 | 70k+ | Recommended | |
| #86 | MediaPress | 23 | 904 | 583 | 4k+ | Output Not Escaped | |
| #87 | MultiParcels Shipping For WooCommerce | 23 | 177 | 383 | 4k+ | Missing Unslash | |
| #88 | News Kit Addons For Elementor | 23 | 65 | 419 | 4k+ | Post Not In exclude | |
| #89 | Next Active Directory Integration | 23 | 683 | 284 | 2k+ | Exception Not Escaped | |
| #90 | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery | 23 | 2,119 | 986 | 400k+ | Text Domain Mismatch | |
| #91 | Ocean Extra | 23 | 1,494 | 2,106 | 500k+ | Non Prefixed Variable Found | |
| #92 | Pricing Table by Supsystic | 23 | 1,299 | 447 | 10k+ | Non Singular String Literal Domain | |
| #93 | Print Anywhere & Create PDFs of Order Receipts, Invoices, Labels & More. | 23 | 1,485 | 444 | 1k+ | Text Domain Mismatch | |
| #94 | Print My Blog – Print, PDF, & eBook Converter WordPress Plugin | 23 | 1,077 | 1,660 | 8k+ | Non Prefixed Variable Found | |
| #95 | SecuPress with Simple SSL – Simple and Performant Security | 23 | 1,696 | 1,590 | 40k+ | Non Prefixed Variable Found | |
| #96 | Local Google Analytics for WordPress – caches external requests | 23 | 551 | 199 | 3k+ | Output Not Escaped | |
| #97 | Site Reviews | 23 | 1,625 | 598 | 60k+ | Output Not Escaped | |
| #98 | Smart Slider 3 | 23 | 261 | 268 | 800k+ | Non Prefixed Variable Found | |
| #99 | Softaculous | 23 | 116 | 49 | 10k+ | file system operations fread | |
| #100 | Strong Testimonials | 23 | 192 | 393 | 90k+ | Recommended |
