WordPress.WP.AlternativeFunctions.file_system_operations_fopen

file system operations fopen

The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.

medium weight

Why It Shows Up

Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.

Why It Matters

WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.

How to Fix

  • Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
  • Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
  • Never write PHP code from user input or remote responses.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#401Post Export Import with Media246191,3341k+Non-prefixed global variable
#402Post Status Notifier Lite24984451700Missing direct file access protection
#403Product Catalog Simple241,5551,9821k+Output is not escaped
#404Premium Blocks – Gutenberg Blocks, Patterns & Templates241403082k+Non-prefixed function
#405Product Editor Pro – WooCommerce Bulk Edit: Prices, Stock, Images, Titles, CSV Import & More242,1544,8331k+Non-prefixed global variable
#406ProfileGrid – User Profiles, Groups and Communities244742,4606k+Non-prefixed global variable
#407Pz-LinkCard249511,58120k+Non-prefixed global variable
#408Quick Event Manager241523881k+Non-prefixed function
#409reGenerate Thumbnails Advanced2422012270k+Unsafe printing function
#410RS WP Book Showcase – A Complete Book Catalogue & Library System249103431k+Text Domain Mismatch
#411RSFirewall!245635214k+Output is not escaped
#412RSVP and Event Management243456243k+Direct Query
#413Sailthru for WordPress242392662k+Non-prefixed global variable
#414Security Plugin, Firewall & Malware Scanner with Auto Removal241,19176930k+Output is not escaped
#415SEO Engine – Smart SEO with AI, Schema & Redirection for WordPress242393041k+Direct Query
#416SEOKEY – Powerful SEO plugin with Expert Insights and SEO Audit246059281k+Non-prefixed global variable
#417SEO Ultimate2443726910k+Output is not escaped
#418Servebolt Optimizer241,9586811k+Text Domain Mismatch
#419Service Box Slider246181,410500Non-prefixed global variable
#420ShiftController Employee Shift Scheduling24358196700Output is not escaped
#421ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization2492632210k+Output is not escaped
#422Simple Membership242,3731,78940k+Unsafe printing function
#423SiteGuard WP Plugin24359350500k+Output is not escaped
#424Video Slider – Slider Carousel242082,2033k+Request data is not unslashed
#425Slideshow Gallery LITE248964145k+Output is not escaped
#426MoreConvert Wishlist for WooCommerce243,6786299k+Text Domain Mismatch
#427Softaculous241154910k+file system operations fread
#428Spotlight Social Feeds – Block, Shortcode, and Widget2441114760k+Output is not escaped
#429GEO Plugin by Squirrly SEO241,19622430k+Missing Translators Comment
#430StoreEngine — Complete eCommerce Solution with Memberships, Licensing, Affiliates & More24149482600Non-prefixed global variable
#431Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for Photographers243601,4721k+Nonce verification recommended
#432Tainacan241385921k+Direct Query
#433Templately – Elementor & Gutenberg Template Library: 6500+ Free & Pro Ready Templates And Cloud!24167225400k+Nonce verification recommended
#434Timber248512820k+Non-prefixed hook name
#435Ultimate Maps by Supsystic241,03437410k+Non Singular String Literal Domain
#436Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin249382,935200k+Non-prefixed global variable
#437UpdraftPlus: WP Backup & Migration Plugin242772993m+Non-prefixed global variable
#438User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder246643,32150k+Non-prefixed global variable
#439Video Conferencing with Zoom241,10544010k+Unsafe printing function
#440VikRentItems Flexible Rental Management System244,7554,639600Non-prefixed global variable
#441Visitor Traffic Real Time Statistics2447392730k+Non-prefixed global variable
#442PDF Ink Lite – Free PDF Watermark & Password Protection242265612k+Non-prefixed global variable
#443WCMultiShipping — Mondial Relay, Inpost & Chronopost for WooCommerce247304995k+Output is not escaped
#444Product Feed Manager for WooCommerce – CTX Feed – Support 220+ Shopping & Social Channels241,6151,38170k+Text Domain Mismatch
#445Disable Updates – Updates Manager, Disable Automatic Updates, Disable All Updates2452213510k+Output is not escaped
#446Bulk Edit Products for WooCommerce – WP Sheet Editor2494193610k+Text Domain Mismatch
#447Coupon Affiliates – Affiliate Plugin for WooCommerce241,0223,0745k+Non-prefixed global variable
#448Bulk Edit Coupons for WooCommerce – WP Sheet Editor241,006950500Text Domain Mismatch
#449Flat Rate Shipping Method for WooCommerce241,2381,7725k+Non-prefixed global variable
#450Payment Plugins Braintree For WooCommerce247317552k+Output is not escaped