PluginScore

BrightEdge Autopilot

BrightEdge, the global leader in enterprise organic search and content performance, empowers marketers to transform online content into business resul …

v1.1.18Sammy YuUpdated Added 500 installs100% rating
BrightEdgeLEMLink Equity Managerautopilotseo
30
Score
108
Errors
31
Warnings
+0
Change

Category Scores

Security0
Repo77
Performance100
Maintainability40

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

139 findings

Maintainability

61

16 issue groups

Security

55

6 issue groups

I18n

16

2 issue groups

Repo Compliance

1

1 issue group

ERRORMaintainabilitycurl curl setoptUsing cURL functions is highly discouraged. Use wp_remote_get() instead.20
Category
Maintainability
Occurrences
20
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_setopt
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args['after_widget']'.18
Category
Security
Occurrences
18
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args['after_widget']'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORI18nText Domain MismatchMismatched text domain. Expected 'brightedge-autopilot' but got "be_ixf_php_wp".15
Category
I18n
Occurrences
15
Severity
error

Sample message

Mismatched text domain. Expected 'brightedge-autopilot' but got "be_ixf_php_wp".

WordPress.WP.I18n.TextDomainMismatchReference
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.12
Category
Security
Occurrences
12
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunctionReference
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.9
Category
Security
Occurrences
9
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityRequest data is not unslashed$_GET["ixf-debug"] not unslashed before sanitization. Use wp_unslash() or similar8
Category
Security
Occurrences
8
Severity
warning

Sample message

$_GET["ixf-debug"] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilityparse url parse urlparse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET["ixf-debug"]7
Category
Security
Occurrences
7
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET["ixf-debug"]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
ERRORMaintainabilitytimezone change date default timezone setUsing date_default_timezone_set() and similar isn't allowed, instead use WP internal timezone support.6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using date_default_timezone_set() and similar isn't allowed, instead use WP internal timezone support.

WordPress.DateTime.RestrictedFunctions.timezone_change_date_default_timezone_set
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
Show 15 more
ERRORMaintainabilitydate date4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date
WARNINGMaintainabilityerror log print r2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r
ERRORMaintainabilitycurl curl close2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_close
ERRORMaintainabilitycurl curl errno2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_errno
ERRORMaintainabilitycurl curl error2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_error
ERRORMaintainabilitycurl curl exec2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_exec
ERRORMaintainabilitycurl curl getinfo2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_getinfo
ERRORMaintainabilitycurl curl init2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_init
WARNINGMaintainabilityNon-prefixed constant1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "BEIXF_VENDOR_DIR".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound
WARNINGSecurityInput is not validated1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_URI']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
ERRORMaintainabilityfile system operations fclose1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

WordPress.WP.AlternativeFunctions.file_system_operations_fclose
ERRORMaintainabilityfile system operations fopen1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WordPress.WP.AlternativeFunctions.file_system_operations_fopen
ERRORMaintainabilitystrip tags strip tags1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags
ERRORI18nMissing Arg Domain1
Category
I18n
Occurrences
1
Severity
error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomainReference
ERRORRepo Complianceinvalid license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Your plugin has an invalid license declared. Please update your readme with a valid SPDX license identifier.

invalid_licenseReference

External Connections

Potential connections found in static code analysis.

5 domains

Outbound calls

8

External assets

0

Incoming endpoints

0

Notable Domains

brightedge.com2 · outbound
ixfd1-api.bc0a.com2 · outbound
php-fig.org2 · outbound
ixfc0-api.bc0a.com1 · outbound
php.net1 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v1.1.18

30

Latest

Findings
139
Errors
108
Warnings
31
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

30 nodes