Boxzilla – WordPress Popup Builder

Create WordPress popup and slide-in boxes for forms, offers, notices, and calls to action

v3.4.10Danny van KootenUpdated 3 days agoAdded 10 years ago20k+ installs96% rating

call to action modal popup builder popups slide-in

Score

Errors

Warnings

Change

Category Scores

Security34

Repo100

Performance100

Maintainability77

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

78 findings

Maintainability

9 issue groups

Security

5 issue groups

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$admins".34

Category: Maintainability
Occurrences: 34
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$admins".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityRecommendedProcessing form data without nonce verification.8

Category: Security
Occurrences: 8
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityMissingProcessing form data without nonce verification.5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['boxzilla_box']4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['boxzilla_box']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityMissing Unslash$_POST['boxzilla_box'] not unslashed before sanitization. Use wp_unslash() or similar4

Category: Security
Occurrences: 4
Severity: warning

Sample message

$_POST['boxzilla_box'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORMaintainabilitywp function not compatible with requires wpFunction "wp_doing_ajax()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.6.0.3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

Function "wp_doing_ajax()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.6.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGMaintainabilityslow db query meta keyDetected usage of meta_key, possible slow query.2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key

WARNINGMaintainabilityupdate modification detectedPlugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins

update_modification_detected Reference

Show 4 more

ERRORSecurityOutput Not Escaped1

Category: Security
Occurrences: 1
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$box'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGMaintainabilitymismatched plugin name1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Plugin name "Boxzilla - WordPress Popup Builder" is different from the name declared in plugin header "Boxzilla".

mismatched_plugin_name Reference

ERRORMaintainabilityplugin updater detected1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Plugin Updater detected. These are not permitted in WordPress.org hosted plugins. Detected: site_transient_update_plugins

plugin_updater_detected

WARNINGMaintainabilitytrademarked term1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "Boxzilla - WordPress Popup Builder" - contains the restricted term "wordpress" which cannot be used at all in your plugin name.

trademarked_term

Score History

First score snapshot

2 days ago

v3.4.10

Latest

Findings: 78
Errors: 5
Warnings: 73
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	59	78	5	73	v3.4.10	2.0.0

80k+ active installs

100

Advanced Popups

60k+ active installs

Promolayer – Popup Builder & Abandonment Preventer

1k+ active installs

Alligator Popup

2k+ active installs

Light Modal Block

2k+ active installs

WebToffee eCommerce Marketing Automation – Email marketing, Popups, Email customizer

10k+ active installs

Boxzilla – WordPress Popup Builder

Category Scores

Issues to Review

Score History

Related Plugins