Import & embed Vimeo in WordPress. Create video galleries & playlists, auto-sync showcases. Gutenberg blocks & Elementor support.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
725
9 issue groups
Maintainability
135
14 issue groups
I18n
31
1 issue group
Performance
3
1 issue group
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like echo esc_html_x() or echo esc_attr_x()), found '_ex'.300
- Category
- Security
- Occurrences
- 300
- Severity
- error
Sample message
All output should be run through an escaping function (like echo esc_html_x() or echo esc_attr_x()), found '_ex'.
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" ({$k})"'.275
- Category
- Security
- Occurrences
- 275
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" ({$k})"'.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.46
- Category
- Security
- Occurrences
- 46
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.33
- Category
- Security
- Occurrences
- 33
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityRequest data is not unslashed$_GET[$name] not unslashed before sanitization. Use wp_unslash() or similar33
- Category
- Security
- Occurrences
- 33
- Severity
- warning
Sample message
$_GET[$name] not unslashed before sanitization. Use wp_unslash() or similar
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.31
- Category
- I18n
- Occurrences
- 31
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$CVM_PLAYER_SETTINGS".30
- Category
- Maintainability
- Occurrences
- 30
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$CVM_PLAYER_SETTINGS".
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET[$name]29
- Category
- Security
- Occurrences
- 29
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET[$name]
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.22
- Category
- Maintainability
- Occurrences
- 22
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;21
- Category
- Maintainability
- Occurrences
- 21
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Show 15 moreShow less
WARNINGMaintainabilityMissing Version13
- Category
- Maintainability
- Occurrences
- 13
- Severity
- warning
Sample message
Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.
WARNINGMaintainabilityNon-prefixed hook name12
- Category
- Maintainability
- Occurrences
- 12
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "admin_print_scripts".
WARNINGMaintainabilityMixed line endings11
- Category
- Maintainability
- Occurrences
- 11
- Severity
- warning
Sample message
File has mixed line endings; this may cause incorrect results
WARNINGMaintainabilityerror log trigger error7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
trigger_error() found. Debug code should not normally be used in production.
WARNINGMaintainabilityslow db query meta query4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
WARNINGSecuritywp redirect wp redirect4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
WARNINGMaintainabilityslow db query tax query3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of tax_query, possible slow query.
ERRORMaintainabilitydate date3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
WARNINGMaintainabilityNon-prefixed class3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "CVM_Options_Factory".
WARNINGSecurityInput is not validated3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['color']. Check that the array index exists before using it.
ERRORPerformanceSuppress Filters suppress filters3
- Category
- Performance
- Occurrences
- 3
- Severity
- error
Sample message
Setting `suppress_filters` to `true` is prohibited.
ERRORSecuritySQL query is not prepared2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $query
WARNINGMaintainabilityslow db query meta key2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of meta_key, possible slow query.
WARNINGMaintainabilityslow db query meta value2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of meta_value, possible slow query.
WARNINGMaintainabilityNon-prefixed constant2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "IFRAME_REQUEST".
External Connections
Not analyzed yet.
Score History
First score snapshot
v2.3.7
32
Latest
- Findings
- 906
- Errors
- 642
- Warnings
- 264
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 32 | 906 | 642 | 264 | v2.3.7 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.