WordPress.WP.AlternativeFunctions.file_system_operations_fsockopen
file system operations fsockopen
The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.
Why It Shows Up
Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.
Why It Matters
WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.
How to Fix
- Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
- Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
- Never write PHP code from user input or remote responses.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #151 | SpinupWP | 49 | 43 | 38 | 30k+ | Non-prefixed function | ||
| #152 | Yext Plugin | 55 | 16 | 23 | 700 | Non-prefixed function | ||
| #153 | Mailster AmazonSES Integration | 60 | 52 | 25 | 2k+ | Missing Arg Domain | ||
| #154 | Яндекс.ПДС Пингер / Yandex Site search pinger | 64 | 21 | 5 | 800 | Output is not escaped | ||
| #155 | Affiliates Manager Google reCAPTCHA Integration | 67 | 18 | 10 | 400 | Request data is not unslashed | ||
| #156 | Mailster WordPress Newsletter Plugin | 69 | 14 | 11 | 8k+ | Output is not escaped | ||
| #157 | reCAPTCHA for bbPress | 75 | 14 | 19 | 800 | Non-prefixed function | ||
| #158 | Mailster Mailgun Integration | 77 | 16 | 5 | 500 | Missing Translators Comment | ||
| #159 | Mailster SendGrid Integration | 83 | 23 | 3 | 1k+ | Missing Translators Comment |