BrikPanel — WooCommerce Dashboard, Sales Report, Google Sheets Sync, Inventory Management & Bulk Editor

Free WooCommerce dashboard & sales report: Google Sheets sync, ROAS, bulk editor, inventory management & live visitors

v3.1.44BrksoftUpdated Added 400 installs100% rating100% support resolved
24
Score
3,950
Errors
1,265
Warnings
+0
Change

Category Scores

Security0
Repo100
Performance90
Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

5,215 findings

I18n

3,714

3 issue groups

Security

909

12 issue groups

Maintainability

565

10 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'brikpanel-admin-panel-dashboard-for-woocommerce' but got 'brikpanel'.3,651
Category
I18n
Occurrences
3,651
Severity
error

Sample message

Mismatched text domain. Expected 'brikpanel-admin-panel-dashboard-for-woocommerce' but got 'brikpanel'.

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.221
Category
Maintainability
Occurrences
221
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().205
Category
Maintainability
Occurrences
205
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.140
Category
Security
Occurrences
140
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $parent_list at AND post_parent IN ($parent_list)"131
Category
Security
Occurrences
131
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $parent_list at AND post_parent IN ($parent_list)"

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.126
Category
Security
Occurrences
126
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $expenses_t used in $wpdb->get_var()\n$expenses_t assigned unsafely at line 1078.104
Category
Security
Occurrences
104
Severity
warning

Sample message

Unescaped parameter $expenses_t used in $wpdb->get_var()\n$expenses_t assigned unsafely at line 1078.

WARNINGSecurityRequest data is not unslashed$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar88
Category
Security
Occurrences
88
Severity
warning

Sample message

$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_FILES['brikpanel_import_file']['tmp_name']84
Category
Security
Occurrences
84
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_FILES['brikpanel_import_file']['tmp_name']

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style id=\"brikpanel-appearance-overrides\">{$css}</style>"'.78
Category
Security
Occurrences
78
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style id=\"brikpanel-appearance-overrides\">{$css}</style>"'.

Show 15 more
ERRORSecuritySQL query is not prepared74
Category
Security
Occurrences
74
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $city_base

WARNINGMaintainabilityNon-prefixed global variable72
Category
Maintainability
Occurrences
72
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$bp_gs_picker_cfg&quot;.

ERRORI18nMissing Translators Comment57
Category
I18n
Occurrences
57
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WARNINGMaintainabilityNon-prefixed hook name41
Category
Maintainability
Occurrences
41
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;&#039;woocommerce_process_product_meta_&#039; . $post_type_key&quot;.

ERRORSecurityException output is not escaped36
Category
Security
Occurrences
36
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$code'.

ERRORSecurityDatabase parameter is not escaped26
Category
Security
Occurrences
26
Severity
error

Sample message

Unescaped parameter $city_base used in $wpdb->get_results()\n$city_base assigned unsafely at line 2418.

WARNINGSecurityReplacements Wrong Number11
Category
Security
Occurrences
11
Severity
warning

Sample message

Incorrect number of replacements passed to $wpdb-&gt;prepare(). Found 1 replacement parameters, expected 2.

WARNINGSecurityUnfinished Prepare11
Category
Security
Occurrences
11
Severity
warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

ERRORI18nUnordered Placeholders Text6
Category
I18n
Occurrences
6
Severity
error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$s", but got "%d, %s" in 'clamped to %d days since tracking start (%s)'.

WARNINGMaintainabilityDiscouraged PHP function5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

The use of function set_time_limit() is discouraged

WARNINGMaintainabilityerror log error log5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

ERRORMaintainabilityfile system operations fclose5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

ERRORMaintainabilityfile system operations fwrite5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

ERRORMaintainabilityNot Allowed3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead

WARNINGMaintainabilityslow db query meta query3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Detected usage of meta_query, possible slow query.

External Connections

Potential connections found in static code analysis.

20 domains

Outbound calls

96

External assets

0

Incoming endpoints

100

Notable Domains

brksoft.com13 · outbound
googleapis.com5 · outbound
docs.google.com2 · outbound

Platform / Reference Domains

w3.org44 · platform/reference
wordpress.org4 · platform/reference
developer.wordpress.org1 · platform/reference
github.com1 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints100
admin_post_brikpanel_dashboard_exportauthenticated

admin_post

admin_post_brikpanel_export_selected_productsauthenticated

admin_post

admin_post_brikpanel_export_settingsauthenticated

admin_post

admin_post_brikpanel_import_settingsauthenticated

admin_post

wp_ajax_brikpanel_add_brandauthenticated

wp_ajax

wp_ajax_brikpanel_add_categoryauthenticated

wp_ajax

wp_ajax_brikpanel_ads_clear_logauthenticated

wp_ajax

wp_ajax_brikpanel_ads_list_accountsauthenticated

wp_ajax

wp_ajax_brikpanel_ads_oauth_disconnectauthenticated

wp_ajax

wp_ajax_brikpanel_ads_oauth_startauthenticated

wp_ajax

wp_ajax_brikpanel_ads_save_login_customerauthenticated

wp_ajax

wp_ajax_brikpanel_ads_save_primaryauthenticated

wp_ajax

88 more hidden

Score History

7 score snapshots

+0
1007550250Jun 26, 2026, 01:16 AM UTC Score 24/100 Plugin v3.1.38 Plugin Check 2.0.0 3,935 errors, 1,244 warningsJun 26, 2026, 06:53 AM UTC Score 24/100 Plugin v3.1.39 Plugin Check 2.0.0 3,945 errors, 1,253 warningsJun 27, 2026, 10:45 AM UTC Score 24/100 Plugin v3.1.40 Plugin Check 2.0.0 3,946 errors, 1,259 warningsJun 27, 2026, 06:58 PM UTC Score 24/100 Plugin v3.1.41 Plugin Check 2.0.0 3,946 errors, 1,259 warningsJun 28, 2026, 07:39 PM UTC Score 24/100 Plugin v3.1.42 Plugin Check 2.0.0 3,951 errors, 1,265 warningsJun 29, 2026, 11:20 AM UTC Score 24/100 Plugin v3.1.43 Plugin Check 2.0.0 3,945 errors, 1,265 warningsJun 29, 2026, 12:17 PM UTC Score 24/100 Plugin v3.1.44 Plugin Check 2.0.0 3,950 errors, 1,265 warningsJun 26, 2026Jun 29, 2026

v3.1.44

24

Latest

Findings
5,215
Errors
3,950
Warnings
1,265
Check
2.0.0

v3.1.43

24

Score

Findings
5,210
Errors
3,945
Warnings
1,265
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related

Related Plugins