Plugin counts posts views (hits) by using external AJAX based counter script of this plugin, which is best solution for caching whole page or using ot …
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
175
9 issue groups
I18n
85
2 issue groups
Maintainability
27
8 issue groups
Repo Compliance
4
4 issue groups
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$cache'.141
- Category
- Security
- Occurrences
- 141
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$cache'.
ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: $this->plugin_alias84
- Category
- I18n
- Occurrences
- 84
- Severity
- error
Sample message
The $domain parameter must be a single text string literal. Found: $this->plugin_alias
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.8
- Category
- Security
- Occurrences
- 8
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.7
- Category
- Security
- Occurrences
- 7
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityRequest data is not unslashed$_GET['post_id'] not unslashed before sanitization. Use wp_unslash() or similar5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
$_GET['post_id'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORSecurityDatabase parameter is not escapedUnescaped parameter $q used in $wpdb->get_results()\n$q assigned unsafely at line 1030.4
- Category
- Security
- Occurrences
- 4
- Severity
- error
Sample message
Unescaped parameter $q used in $wpdb->get_results()\n$q assigned unsafely at line 1030.
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $q4
- Category
- Security
- Occurrences
- 4
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $q
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Show 13 moreShow less
WARNINGMaintainabilityNon-prefixed global variable3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$ahc".
WARNINGSecurityInput is not sanitized3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['post_id']
ERRORMaintainabilitystrip tags strip tags3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
ERRORSecuritySetting is missing a sanitization callback2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
Sanitization missing for register_setting().
ERRORMaintainabilityMissing direct file access protection2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilityslow db query meta key1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_key, possible slow query.
WARNINGSecurityPlugin menu slug uses __FILE__1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Using __FILE__ for menu slugs risks exposing filesystem structure.
ERRORI18nMissing Arg Domain1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
ERRORRepo Complianceoutdated tested upto header1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Tested up to: 5.7 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
ERRORRepo Complianceplugin header no license1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.
WARNINGRepo Compliancereadme parser warnings too many tags1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
One or more tags were ignored. Please limit your plugin to 5 tags.
WARNINGRepo Compliancereadme parser warnings trimmed short description1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
The "Short Description" section is too long and was truncated. A maximum of 150 characters is supported.
ERRORMaintainabilitywp function not compatible with requires wp1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Function "submit_button()" requires WordPress 3.1.0, but your plugin minimum supported version is WordPress 3.0.0.
External Connections
Potential connections found in static code analysis.
Outbound calls
5
External assets
0
Incoming endpoints
1
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
wp_ajax
Score History
First score snapshot
v0.10.210305
37
Latest
- Findings
- 291
- Errors
- 247
- Warnings
- 44
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 37 | 291 | 247 | 44 | v0.10.210305 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
4k+ active installs
1k+ active installs
6k+ active installs
2k+ active installs
600 active installs
2k+ active installs