CiviCRM Profile Sync

Keeps a WordPress User profile in sync with a CiviCRM Contact and integrates WordPress and CiviCRM Entities when using Advanced Custom Fields.

v0.7.3Christian WachUpdated Added 500 installs100% rating
35
Score
31
Errors
140
Warnings
+0
Change

Category Scores

Security66
Repo75
Performance92
Maintainability63

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

171 findings

Maintainability

146

10 issue groups

Security

17

2 issue groups

Performance

4

1 issue group

Supply Chain

2

1 issue group

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$activity_post_type".78
Category
Maintainability
Occurrences
78
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$activity_post_type".

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'acf/fields/' . $this->name . "/query/key={$field['key']}"".29
Category
Maintainability
Occurrences
29
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'acf/fields/' . $this->name . "/query/key={$field['key']}"".

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;23
Category
Maintainability
Occurrences
23
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.13
Category
Security
Occurrences
13
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityDynamic hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter . '/action=' . $action".6
Category
Maintainability
Occurrences
6
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter . '/action=' . $action".

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.4
Category
Security
Occurrences
4
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORPerformanceSuppress Filters suppress filtersSetting `suppress_filters` to `true` is prohibited.4
Category
Performance
Occurrences
4
Severity
error

Sample message

Setting `suppress_filters` to `true` is prohibited.

WARNINGMaintainabilityerror log error logerror_log() found. Debug code should not normally be used in production.3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

ERRORSupply ChainHidden files includedHidden files are not permitted.2
Category
Supply Chain
Occurrences
2
Severity
error

Sample message

Hidden files are not permitted.

Show 6 more
WARNINGMaintainabilityDiscouraged PHP function1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The use of function ini_set() is discouraged

WARNINGMaintainabilityNon-prefixed global symbol1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The "acf/fields/civicrm" prefix is not a valid namespace/function/class/variable/constant prefix in PHP.

WARNINGMaintainabilityNon-prefixed class1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "CRM_Contact_Form_Task_CreateWordPressUsers".

ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

ERRORRepo Compliancereadme mismatched header requires1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Mismatched Requires at least: 4.9 != 5.7. "Requires at least" needs to be exactly the same with that in your main plugin file's header.

WARNINGMaintainabilitytrademarked term1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The plugin slug includes a restricted term. Your plugin slug - "civicrm-wp-profile-sync" - contains the restricted term "wp" which cannot be used at all in your plugin slug.

External Connections

Potential connections found in static code analysis.

16 domains

Outbound calls

42

External assets

0

Incoming endpoints

26

Notable Domains

jqueryui.com5 · outbound
api.jqueryui.com2 · outbound
bugs.php.net2 · outbound
gist.github.com2 · outbound
jquery.org2 · outbound

Platform / Reference Domains

github.com9 · platform/reference
core.trac.wordpress.org4 · platform/reference
developer.wordpress.org3 · platform/reference
codex.wordpress.org1 · platform/reference
gnu.org1 · platform/reference
wordpress.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

wp_ajax_nopriv_acf/fields/public

wp_ajax

Admin AJAX endpoints11
wp_ajax_acf/fields/authenticated

wp_ajax

wp_ajax_sync_participant_roles_to_postsauthenticated

wp_ajax

wp_ajax_sync_posts_to_participant_rolesauthenticated

wp_ajax

wp_ajax_cwps_get_country_fieldauthenticated

wp_ajax

wp_ajax_cwps_get_state_fieldauthenticated

wp_ajax

wp_ajax_event_type_get_valueauthenticated

wp_ajax

wp_ajax_sync_activities_to_postsauthenticated

wp_ajax

wp_ajax_sync_contacts_to_postsauthenticated

wp_ajax

wp_ajax_sync_groups_to_termsauthenticated

wp_ajax

wp_ajax_sync_posts_to_activitiesauthenticated

wp_ajax

wp_ajax_sync_posts_to_contactsauthenticated

wp_ajax

Score History

First score snapshot

v0.7.3

35

Latest

Findings
171
Errors
31
Warnings
140
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related Plugins

Easy Author Avatar Image

1k+ active installs

100
ACF Field For CF7

10k+ active installs

99
ACF Clone Repeater

1k+ active installs

98
ACF Flexible Content Modal

800 active installs

98