Blog Floating Button(BFB)は、ブログにフロートボタンを簡単に実装できるプラグインです。フロートボタンでキラーページに簡単に誘導することができるため、商品購入数や問い合わせ数の向上が期待できます。
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
760
11 issue groups
Maintainability
172
14 issue groups
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"/* INPUT NOT FOUND scss $v */\n"'.528
- Category
- Security
- Occurrences
- 528
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"/* INPUT NOT FOUND scss $v */\n"'.
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;74
- Category
- Maintainability
- Occurrences
- 74
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['p']56
- Category
- Security
- Occurrences
- 56
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['p']
WARNINGSecurityRequest data is not unslashed$_GET['p'] not unslashed before sanitization. Use wp_unslash() or similar56
- Category
- Security
- Occurrences
- 56
- Severity
- warning
Sample message
$_GET['p'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['device']. Check that the array index exists before using it.32
- Category
- Security
- Occurrences
- 32
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['device']. Check that the array index exists before using it.
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $distinct30
- Category
- Security
- Occurrences
- 30
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $distinct
ERRORMaintainabilityShort PHP open tag foundShort PHP opening tag used with echo; expected "<?php echo $device ..." but found "<?= $device ..."24
- Category
- Maintainability
- Occurrences
- 24
- Severity
- error
Sample message
Short PHP opening tag used with echo; expected "<?php echo $device ..." but found "<?= $device ..."
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $sql_device at " $sql_memo $sql_post_url $sql_device $sql_optimize_id ORDER BY date DESC "20
- Category
- Security
- Occurrences
- 20
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $sql_device at " $sql_memo $sql_post_url $sql_device $sql_optimize_id ORDER BY date DESC "
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.20
- Category
- Maintainability
- Occurrences
- 20
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.18
- Category
- Maintainability
- Occurrences
- 18
- Severity
- warning
Sample message
Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.
Show 15 moreShow less
WARNINGSecurityMissing nonce verification14
- Category
- Security
- Occurrences
- 14
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityDatabase parameter is not escaped10
- Category
- Security
- Occurrences
- 10
- Severity
- warning
Sample message
Unescaped parameter $table_name used in $wpdb->get_results()\n$table_name assigned unsafely at line 95.
ERRORSecurityException output is not escaped6
- Category
- Security
- Occurrences
- 6
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"$msg: $loc"'.
ERRORMaintainabilityNo Explicit Version6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_register_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.
WARNINGMaintainabilityNot In Footer6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORSecurityDatabase parameter is not escaped4
- Category
- Security
- Occurrences
- 4
- Severity
- error
Sample message
Unescaped parameter $distinct used in $wpdb->get_results()\n$distinct assigned unsafely at line 157.
WARNINGMaintainabilityDirect Query4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilityslow db query meta key4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of meta_key, possible slow query.
WARNINGMaintainabilityslow db query meta value4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of meta_value, possible slow query.
WARNINGSecurityNonce verification recommended4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityNo PHP code found2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.
ERRORMaintainabilityOffloaded Content2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Found call to wp_enqueue_style() with external resource. Offloading styles to your servers or any remote service is disallowed.
WARNINGMaintainabilityslow db query meta query2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
WARNINGMaintainabilityerror log set error handler2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
set_error_handler() found. Debug code should not normally be used in production.
Score History
First score snapshot
v1.4.20
26
Latest
- Findings
- 945
- Errors
- 705
- Warnings
- 240
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 26 | 945 | 705 | 240 | v1.4.20 | 2.0.0 |
Related Plugins
20k+ active installs
1k+ active installs
2k+ active installs
9k+ active installs
8k+ active installs
3k+ active installs