Free WooCommerce dashboard & sales report: Google Sheets sync, ROAS, bulk editor, inventory management & live visitors
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
I18n
3,714
3 issue groups
Security
909
12 issue groups
Maintainability
565
10 issue groups
ERRORI18nText Domain MismatchMismatched text domain. Expected 'brikpanel-admin-panel-dashboard-for-woocommerce' but got 'brikpanel'.3,651
- Category
- I18n
- Occurrences
- 3,651
- Severity
- error
Sample message
Mismatched text domain. Expected 'brikpanel-admin-panel-dashboard-for-woocommerce' but got 'brikpanel'.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.221
- Category
- Maintainability
- Occurrences
- 221
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().205
- Category
- Maintainability
- Occurrences
- 205
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.140
- Category
- Security
- Occurrences
- 140
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $parent_list at AND post_parent IN ($parent_list)"131
- Category
- Security
- Occurrences
- 131
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $parent_list at AND post_parent IN ($parent_list)"
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.126
- Category
- Security
- Occurrences
- 126
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $expenses_t used in $wpdb->get_var()\n$expenses_t assigned unsafely at line 1078.104
- Category
- Security
- Occurrences
- 104
- Severity
- warning
Sample message
Unescaped parameter $expenses_t used in $wpdb->get_var()\n$expenses_t assigned unsafely at line 1078.
WARNINGSecurityRequest data is not unslashed$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar88
- Category
- Security
- Occurrences
- 88
- Severity
- warning
Sample message
$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_FILES['brikpanel_import_file']['tmp_name']84
- Category
- Security
- Occurrences
- 84
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_FILES['brikpanel_import_file']['tmp_name']
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style id=\"brikpanel-appearance-overrides\">{$css}</style>"'.78
- Category
- Security
- Occurrences
- 78
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style id=\"brikpanel-appearance-overrides\">{$css}</style>"'.
Show 15 moreShow less
ERRORSecuritySQL query is not prepared74
- Category
- Security
- Occurrences
- 74
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $city_base
WARNINGMaintainabilityNon-prefixed global variable72
- Category
- Maintainability
- Occurrences
- 72
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$bp_gs_picker_cfg".
ERRORI18nMissing Translators Comment57
- Category
- I18n
- Occurrences
- 57
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityNon-prefixed hook name41
- Category
- Maintainability
- Occurrences
- 41
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'woocommerce_process_product_meta_' . $post_type_key".
ERRORSecurityException output is not escaped36
- Category
- Security
- Occurrences
- 36
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$code'.
ERRORSecurityDatabase parameter is not escaped26
- Category
- Security
- Occurrences
- 26
- Severity
- error
Sample message
Unescaped parameter $city_base used in $wpdb->get_results()\n$city_base assigned unsafely at line 2418.
WARNINGSecurityReplacements Wrong Number11
- Category
- Security
- Occurrences
- 11
- Severity
- warning
Sample message
Incorrect number of replacements passed to $wpdb->prepare(). Found 1 replacement parameters, expected 2.
WARNINGSecurityUnfinished Prepare11
- Category
- Security
- Occurrences
- 11
- Severity
- warning
Sample message
Replacement variables found, but no valid placeholders found in the query.
ERRORI18nUnordered Placeholders Text6
- Category
- I18n
- Occurrences
- 6
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$s", but got "%d, %s" in 'clamped to %d days since tracking start (%s)'.
WARNINGMaintainabilityDiscouraged PHP function5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
The use of function set_time_limit() is discouraged
WARNINGMaintainabilityerror log error log5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations fclose5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fwrite5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
ERRORMaintainabilityNot Allowed3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead
WARNINGMaintainabilityslow db query meta query3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
External Connections
Potential connections found in static code analysis.
Outbound calls
96
External assets
0
Incoming endpoints
100
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Admin AJAX endpoints100
admin_post
admin_post
admin_post
admin_post
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
88 more hidden
Score History
7 score snapshots
v3.1.44
24
Latest
- Findings
- 5,215
- Errors
- 3,950
- Warnings
- 1,265
- Check
- 2.0.0
v3.1.43
24
Score
- Findings
- 5,210
- Errors
- 3,945
- Warnings
- 1,265
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 24 | 5,215 | 3,950 | 1,265 | v3.1.44 | 2.0.0 |
| 24 | 5,210 | 3,945 | 1,265 | v3.1.43 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Category
Issue
Domain
Related
Author
Category
Issue
Domain
Related
Related Plugins
800 active installs
20k+ active installs
700 active installs
400 active installs