Free WordPress migration plugin for backup, restore, clone, and site transfer with zero downtime. Migrate WordPress site easily.
Prioritized issue groups from the latest Plugin Check scan
Maintainability
197
17 issue groups
Security
92
8 issue groups
Sample message
Use of a direct database call is discouraged.
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $end at "SELECT * FROM `$table` LIMIT $start, $end"
Sample message
The use of function ini_set() is discouraged
Sample message
error_reporting() can lead to full path disclosure.
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
Sample message
Unescaped parameter $column used in $wpdb->get_results()\n$column assigned unsafely at line 16.
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
Sample message
$_GET['_wpnonce'] not unslashed before sanitization. Use wp_unslash() or similar
Sample message
Function "get_rest_url()" requires WordPress 4.4.0, but your plugin minimum supported version is WordPress 4.0.0.
Sample message
Processing form data without nonce verification.
Sample message
Unescaped parameter $table used in $wpdb->get_results()
Sample message
Use placeholders and $wpdb->prepare(); found $query
Sample message
Detected usage of a non-sanitized input variable: $_GET['_wpnonce']
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().
Sample message
rename() is discouraged. Use WP_Filesystem::move() to rename a file.
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: chmod().
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$error_msg'.
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().
Sample message
error_log() found. Debug code should not normally be used in production.
Sample message
Plugin folders are deleted when upgraded. Do not save data to the plugin folder using copy(). Detected usage of constant WP_CONTENT_DIR. Use wp_upload_dir() to get the uploads directory path or save to the database instead.
Sample message
Attempting a database schema change is discouraged.
Potential connections found in static code analysis.
Outbound calls
291
External assets
1
Incoming endpoints
8
register_rest_route
wp_ajax
wp_ajax
admin_post
admin_post
admin_post
wp_ajax
wp_ajax
First score snapshot
v3.1.5
24
Latest
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 24 | 333 | 140 | 193 | v3.1.5 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.