WordPress.WP.AlternativeFunctions.file_system_operations_fputs

file system operations fputs

The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.

medium weight

Why It Shows Up

Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.

Why It Matters

WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.

How to Fix

Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
Never write PHP code from user input or remote responses.

References

WordPress Filesystem API

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Added	Updated	Top Issue
#51	Events Made Easy	25	507	6,299	1k+	15 years ago	today	Non-prefixed function
#52	GD Security Headers	25	407	521	1k+	7 years ago	1 month ago	Output is not escaped
#53	Site Kit by Google – Analytics, Search Console, AdSense, Speed	25	1,304	242	5m+	7 years ago	8 days ago	Missing direct file access protection
#54	Secure Copy Content Protection and Content Locking	25	958	799	20k+	8 years ago	5 days ago	Output is not escaped
#55	Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin	25	960	738	60k+	8 years ago	7 days ago	Text Domain Mismatch
#56	VikBooking Hotel Booking Engine & PMS	25	13,232	8,312	8k+	8 years ago	7 days ago	Output is not escaped
#57	VikRentCar Car Rental Management System	25	5,537	5,048	4k+	7 years ago	26 days ago	Non-prefixed global variable
#58	W3 Total Cache	25	617	1,345	900k+	17 years ago	1 month ago	Non-prefixed global variable
#59	WPvivid Backup for MainWP	25	818	1,794	10k+	7 years ago	22 days ago	Missing nonce verification
#60	WPvivid — Backup, Migration & Staging	25	899	1,461	900k+	7 years ago	22 days ago	Non-prefixed namespace
#61	FG Joomla to WordPress	27	278	101	7k+	14 years ago	3 months ago	Unsafe printing function
#62	درگاه پرداخت بانک ملت ووکامرس	28	61	130	2k+	11 years ago	5 years ago	Request data is not unslashed
#63	User Verification by PickPlugins	29	41	314	5k+	10 years ago	15 days ago	Request data is not unslashed
#64	HollerBox — Fast & Effective Popups & Lead-Generation	34	78	92	2k+	9 years ago	1 month ago	Output is not escaped
#65	Security Optimizer – The All-In-One Protection Plugin	35	40	82	1m+	5 years ago	yesterday	Request data is not unslashed
#66	Export Themes	36	122	90	2k+	15 years ago	6 years ago	Non-prefixed constant
#67	Send PDF for Contact Form 7	37	22	308	9k+	10 years ago	14 days ago	Non-prefixed global variable
#68	Tilopay	37	35	130	1k+	5 years ago	7 months ago	Nonce verification recommended
#69	Blackhole for Bad Bots	39	123	69	30k+	10 years ago	2 months ago	Output is not escaped
#70	Database Addon for Contact Form 7 – CFDB7	40	35	56	600k+	9 years ago	1 month ago	Nonce verification recommended
#71	Tabby Checkout	47	33	46	4k+	4 years ago	20 days ago	Non-prefixed class
#72	Salt Shaker	85	15	13	6k+	10 years ago	7 months ago	Interpolated SQL is not prepared