Advanced Product Fields (Product Addons) for WooCommerce

Add options (addons) to your WooCommerce products so your customers can personalize their products. Product forms for everyone!

v1.7Wombat PluginsUpdated 2 months agoAdded 7 years ago50k+ installs96% rating89% support resolved

Product Addons Woocommerce Product Addons product fields woocommerce woocommerce product options

Score

145

Errors

145

Warnings

Change

Category Scores

Security0

Repo100

Performance100

Maintainability70

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

290 findings

Security

176

7 issue groups

Maintainability

113

5 issue groups

I18n

1 issue group

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_wp_admin_css_colors[$active_color_scheme]'.103

Category: Security
Occurrences: 103
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_wp_admin_css_colors[$active_color_scheme]'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_field_types".69

Category: Maintainability
Occurrences: 69
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_field_types".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;31

Category: Maintainability
Occurrences: 31
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecurityRecommendedProcessing form data without nonce verification.28

Category: Security
Occurrences: 28
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['_dupenonce']15

Category: Security
Occurrences: 15
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['_dupenonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityMissing Unslash$_GET['_dupenonce'] not unslashed before sanitization. Use wp_unslash() or similar13

Category: Security
Occurrences: 13
Severity: warning

Sample message

$_GET['_dupenonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityMissingProcessing form data without nonce verification.9

Category: Security
Occurrences: 9
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".7

Category: Maintainability
Occurrences: 7
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.5

Category: Security
Occurrences: 5
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

ERRORMaintainabilitywp function not compatible with requires wpFunction "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.5.0.5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Function "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.5.0.

wp_function_not_compatible_with_requires_wp Reference

Show 3 more issue groups

WARNINGSecurityInput Not Validated3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['_wpnonce']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGMaintainabilityInvalid Prefix Passed1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The "wapf/field" prefix is not a valid namespace/function/class/variable/constant prefix in PHP.

WordPress.NamingConventions.PrefixAllGlobals.InvalidPrefixPassed

ERRORI18nMissing Translators Comment1

Category: I18n
Occurrences: 1
Severity: error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

Score History

First score snapshot

yesterday

v1.7

Latest

Findings: 290
Errors: 145
Warnings: 145
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	39	290	145	145	v1.7	2.0.0

Related Plugins

Kliken: Ads + Pixel for Meta

40k+ active installs

100

Magnify – Suggestive Search Plugin

3k+ active installs

100

No Shipping Message for WooCommerce

3k+ active installs

100

Paystack WooCommerce Payment Gateway

30k+ active installs

100

Product Addons and Product Options With Custom Fields – WowAddons

3k+ active installs

100

Show only lowest prices in variable products for WooCommerce

7k+ active installs

100