Replace your WooCommerce checkout page with a beautiful, mobile friendly, conversion optimized, Shopify like checkout template.
Prioritized issue groups from the latest Plugin Check scan
Maintainability
985
17 issue groups
I18n
752
3 issue groups
Security
471
5 issue groups
Sample message
Mismatched text domain. Expected 'checkoutwc-lite' but got 'cartflows'.
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'cfw_thank_you_status_icon_' . $order_status".
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" {$oParserState->peek()} "'.
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "cfw_account_password_field_slide".
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Since {$package} {$version}: "'.
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$Angelleye_PayPal_Express_Checkout_Helper".
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Sample message
Detected usage of a non-sanitized input variable: $_GET[$return_param_key]
Sample message
Function "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 5.2.0.
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "CFW_ACTION_NO_ERROR_SUPPRESSION_BUFFER".
Sample message
var_dump() found. Debug code should not normally be used in production.
Sample message
Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: \PDO.
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
Sample message
Missing $domain parameter in function call to __().
Sample message
Use of a direct database call is discouraged.
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
Sample message
trigger_error() found. Debug code should not normally be used in production.
Sample message
Processing form data without nonce verification.
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$hook_name".
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
Potential connections found in static code analysis.
Outbound calls
280
External assets
0
Incoming endpoints
20
No external asset domains detected.
register_rest_route
register_rest_route
wp_ajax
register_rest_route
register_rest_route
register_rest_route
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
3 score snapshots
v11.1.4
25
Latest
v11.1.3
25
Score
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 25 | 2,251 | 1,399 | 852 | v11.1.4 | 2.0.0 |
| 25 | 2,250 | 1,399 | 851 | v11.1.3 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.