Plugin to create useful fields for Italian sites, to be used in the forms produced with Contact Form 7 and WPForms.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
204
9 issue groups
Maintainability
180
13 issue groups
I18n
50
2 issue groups
Repo Compliance
1
1 issue group
WARNINGSecurityUnquoted Complex PlaceholderComplex placeholders used for values in the query string in $wpdb->prepare() will NOT be quoted automagically. Found: %1$s.128
- Category
- Security
- Occurrences
- 128
- Severity
- warning
Sample message
Complex placeholders used for values in the query string in $wpdb->prepare() will NOT be quoted automagically. Found: %1$s.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.91
- Category
- Maintainability
- Occurrences
- 91
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
ERRORI18nText Domain MismatchMismatched text domain. Expected 'campi-moduli-italiani' but got 'contact-form-7'.49
- Category
- I18n
- Occurrences
- 49
- Severity
- error
Sample message
Mismatched text domain. Expected 'campi-moduli-italiani' but got 'contact-form-7'.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['order']47
- Category
- Security
- Occurrences
- 47
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['order']
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().37
- Category
- Maintainability
- Occurrences
- 37
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilitySchema ChangeAttempting a database schema change is discouraged.21
- Category
- Maintainability
- Occurrences
- 21
- Severity
- warning
Sample message
Attempting a database schema change is discouraged.
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;17
- Category
- Maintainability
- Occurrences
- 17
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $if_statement used in $wpdb->get_results()\n$if_statement assigned unsafely at line 573.12
- Category
- Security
- Occurrences
- 12
- Severity
- warning
Sample message
Unescaped parameter $if_statement used in $wpdb->get_results()\n$if_statement assigned unsafely at line 573.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST[$this->_args['singular']]. Check that the array index exists before using it.4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST[$this->_args['singular']]. Check that the array index exists before using it.
Show 15 moreShow less
WARNINGSecurityRequest data is not unslashed4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
$_POST[$name] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityNon-prefixed class3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "CodiceFiscale".
WARNINGSecurityMissing nonce verification3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityDiscouraged PHP function2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
The use of function set_time_limit() is discouraged
WARNINGMaintainabilityerror log print r2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
ERRORMaintainabilityrename rename2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rename() is discouraged. Use WP_Filesystem::move() to rename a file.
WARNINGI18nDiscouraged text-domain loading1
- Category
- I18n
- Occurrences
- 1
- Severity
- warning
Sample message
load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.
ERRORSecurityDatabase parameter is not escaped1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
Unescaped parameter $sql used in $wpdb->get_row()\n$sql assigned unsafely at line 627.
ERRORSecuritySQL query is not prepared1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $sql
WARNINGMaintainabilityerror log error log1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
WARNINGMaintainabilityerror log var dump1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
var_dump() found. Debug code should not normally be used in production.
WARNINGMaintainabilityerror log var export1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
var_export() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations rmdir1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().
ERRORRepo Complianceoutdated tested upto header1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
WARNINGMaintainabilityupgrade notice limit1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
The upgrade notice for "1.1.0" exceeds the limit of 300 characters.
External Connections
Potential connections found in static code analysis.
Outbound calls
126
External assets
0
Incoming endpoints
18
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
wp_ajax
wp_ajax
wp_ajax
wp_ajax
Admin AJAX endpoints14
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
2 more hidden
Score History
First score snapshot
v2.3.2
34
Latest
- Findings
- 435
- Errors
- 72
- Warnings
- 363
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 34 | 435 | 72 | 363 | v2.3.2 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.