aapanel WP Toolkit

A better way to manage dozens of WordPress websites.

v1.2aapanelUpdated 11 months agoAdded 1 year ago2k+ installs100% rating

Manage WordPress administration automatic login remote

Score

Errors

Warnings

Change

Category Scores

Security57

Repo83

Performance100

Maintainability84

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

38 findings

Maintainability

6 issue groups

Security

5 issue groups

Repo Compliance

3 issue groups

ERRORMaintainabilitywp function not compatible with requires wpFunction "_wp_json_sanity_check()" requires WordPress 4.1.0, but your plugin minimum supported version is WordPress 3.0.0.16

Category: Maintainability
Occurrences: 16
Severity: error

Sample message

Function "_wp_json_sanity_check()" requires WordPress 4.1.0, but your plugin minimum supported version is WordPress 3.0.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilitytrademarked termThe plugin name includes a restricted term. Your chosen plugin name - "aapanel WP Toolkit" - contains the restricted term "wp" which cannot be used at all in your plugin name.3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "aapanel WP Toolkit" - contains the restricted term "wp" which cannot be used at all in your plugin name.

trademarked_term

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "wp_login".2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "wp_login".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET[$k]2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET[$k]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityRequest data is not unslashed$_GET[$k] not unslashed before sanitization. Use wp_unslash() or similar2

Category: Security
Occurrences: 2
Severity: warning

Sample message

$_GET[$k] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.1

Category: Security
Occurrences: 1
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

Show 4 more

ERRORRepo Complianceoutdated tested upto header1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

ERRORRepo Compliancereadme mismatched header requires1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Mismatched Requires at least: 4.6 != 3.0. "Requires at least" needs to be exactly the same with that in your main plugin file's header.

readme_mismatched_header_requires Reference

ERRORRepo Compliancereadme short description non official language1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

The readme short description contains unofficial language. It must be written in standard English.

readme_short_description_non_official_language Reference

WARNINGMaintainabilityupdate modification detected1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: auto_update_plugin

update_modification_detected Reference

Score History

First score snapshot

yesterday

v1.2

Latest

Findings: 38
Errors: 20
Warnings: 18
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	71	38	20	18	v1.2	2.0.0

Related Plugins

10k+ active installs

100

Shibboleth

3k+ active installs

100

Simple Login Log

5k+ active installs

100

Customize Admin

4k+ active installs

Disable Login Language Switcher

1k+ active installs

Auto Update Plugins

1k+ active installs