Chartbeat

The Chartbeat plugin automatically adds real-time data and a top pages widget to your blog. See who’s on your site, what they’re doing - right now

v2.0.7ChartbeatUpdated 6 years agoAdded 17 years ago1k+ installs50% rating

amp analytics chartbeat instant articles

Score

Errors

Warnings

Change

Category Scores

Security7

Repo83

Performance100

Maintainability80

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

51 findings

Security

6 issue groups

Maintainability

7 issue groups

I18n

1 issue group

Repo Compliance

3 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_widget'.12

Category: Security
Occurrences: 12
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_widget'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "add_chartbeat_config".6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "add_chartbeat_config".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

ERRORMaintainabilitywp function not compatible with requires wpFunction "add_settings_error()" requires WordPress 3.0.0, but your plugin minimum supported version is WordPress 2.8.0.5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Function "add_settings_error()" requires WordPress 3.0.0, but your plugin minimum supported version is WordPress 2.8.0.

wp_function_not_compatible_with_requires_wp Reference

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.4

Category: Security
Occurrences: 4
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().4

Category: I18n
Occurrences: 4
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

ERRORMaintainabilityNon Enqueued ScriptScripts must be registered/enqueued via wp_enqueue_script()3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WordPress.WP.EnqueuedResources.NonEnqueuedScript

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['cbnonce']2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['cbnonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['cbnonce']. Check that the array index exists before using it.2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET['cbnonce']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityRequest data is not unslashed$_GET['cbnonce'] not unslashed before sanitization. Use wp_unslash() or similar2

Category: Security
Occurrences: 2
Severity: warning

Sample message

$_GET['cbnonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

Show 7 more

WARNINGMaintainabilityNot In Footer2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter

ERRORMaintainabilitydate date1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

WARNINGSecurityNonce verification recommended1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

ERRORMaintainabilityMissing direct file access protection1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORRepo Complianceno license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.

no_license Reference

ERRORRepo Complianceoutdated tested upto header1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 4.7 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

ERRORRepo Complianceplugin header no license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_license Reference

External Connections

Potential connections found in static code analysis.

5 domains

Outbound calls

External assets

Incoming endpoints

Notable Domains

chartbeat.com8 · outbound

api.chartbeat.com3 · outbound

apache.org1 · outbound

dashapi.chartbeat.com1 · outbound

External Asset Domains

static2.chartbeat.com2 · asset

Incoming Endpoints

wp_ajax_nopriv_cbproxy-submitpublic

wp_ajax

Admin AJAX endpoints1

wp_ajax_cbproxy-submitauthenticated

wp_ajax

Score History

First score snapshot

yesterday

v2.0.7

Latest

Findings: 51
Errors: 33
Warnings: 18
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	42	51	33	18	v2.0.7	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

32 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

chartbeat.com8 signals api.chartbeat.com3 signals apache.org1 signal dashapi.chartbeat.com1 signal

Related Plugins

PufferSights – AI Crawler Insights

0 active installs

100

VigIA – AI Visibility, Analytics & Control

1k+ active installs

100

Machete

7k+ active installs

Search Analytics for WP

3k+ active installs

Web Worker Offloading

10k+ active installs

Easy Google Adsense and Banner Ads Manager – AdsforWP

2k+ active installs