WordPress.WP.AlternativeFunctions.file_system_operations_mkdir
file system operations mkdir
The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.
Why It Shows Up
Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.
Why It Matters
WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.
How to Fix
- Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
- Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
- Never write PHP code from user input or remote responses.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #601 | Flipbox | 80 | 14 | 17 | 2k+ | wp function not compatible with requires wp | ||
| #602 | Countdown Block | 81 | 14 | 10 | 4k+ | wp function not compatible with requires wp | ||
| #603 | Price Table Block | 81 | 15 | 16 | 900 | file system operations mkdir | ||
| #604 | Progress Bars | 81 | 15 | 14 | 500 | file system operations mkdir | ||
| #605 | Team Member Block | 81 | 15 | 14 | 1k+ | file system operations mkdir | ||
| #606 | Toggle Content | 81 | 16 | 12 | 700 | file system operations mkdir | ||
| #607 | Typing Text | 81 | 15 | 16 | 600 | file system operations mkdir | ||
| #608 | Accordion Toggle | 82 | 17 | 11 | 2k+ | Non-prefixed class | ||
| #609 | Image Gallery Block | 82 | 13 | 10 | 3k+ | wp function not compatible with requires wp | ||
| #610 | Infobox | 82 | 15 | 12 | 1k+ | file system operations mkdir | ||
| #611 | Parallax Slider Block | 82 | 15 | 12 | 1k+ | file system operations mkdir | ||
| #612 | Image Slider Block | 82 | 13 | 14 | 3k+ | wp function not compatible with requires wp | ||
| #613 | Testimonial Block | 82 | 13 | 12 | 500 | wp function not compatible with requires wp | ||
| #614 | LegalBlink for Aruba | 91 | 33 | 29 | 7k+ | Missing direct file access protection | ||
| #615 | MultiManager WP – Manage All Your WordPress Sites Easily | 91 | 28 | 11 | 1k+ | Missing Arg Domain | ||
| #616 | Simple Lightbox for WordPress | 94 | 11 | 7 | 400 | Non Enqueued Script | ||
| #617 | Ghost Kit – Page Builder Blocks, Motion Effects & Extensions | 95 | 17 | 60 | 7k+ | Non-prefixed hook name | ||
| #618 | Force Update Translations | 97 | 8 | 1 | 1k+ | Missing direct file access protection |