カラーミーショップ WordPress プラグインはWordPressでオンラインショップを構築することができるプラグインです。
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
368
8 issue groups
Maintainability
58
10 issue groups
Repo Compliance
3
3 issue groups
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Invalid value for enum '$class', must be one of: '$imploded'"'.309
- Category
- Security
- Occurrences
- 309
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Invalid value for enum '$class', must be one of: '$imploded'"'.
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$c['expl']'.53
- Category
- Security
- Occurrences
- 53
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$c['expl']'.
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$c".16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$c".
WARNINGMaintainabilityerror log error logerror_log() found. Debug code should not normally be used in production.15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations fopenFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilitytrademarked termThe plugin name includes a restricted term. Your chosen plugin name - "ColorMeShop WordPress Plugin" - contains the restricted term "plugin" which cannot be used at all in your plugin name.2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "ColorMeShop WordPress Plugin" - contains the restricted term "plugin" which cannot be used at all in your plugin name.
ERRORMaintainabilityNot AllowedUse of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead
ERRORSecuritySetting is missing a sanitization callbackSanitization missing for register_setting().1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
Sanitization missing for register_setting().
ERRORSecurityHeredoc Output Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found interpolation in unescaped heredoc.1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found interpolation in unescaped heredoc.
Show 11 moreShow less
WARNINGSecurityNonce verification recommended1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not sanitized1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['code']
WARNINGSecurityInput is not validated1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['code']. Check that the array index exists before using it.
WARNINGSecurityRequest data is not unslashed1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
$_GET['code'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilityfile system operations fclose1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fwrite1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
ERRORMaintainabilityNon Enqueued Script1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Scripts must be registered/enqueued via wp_enqueue_script()
ERRORRepo Complianceoutdated tested upto header1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Tested up to: 6.4 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
ERRORRepo Compliancereadme description non official language1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
The readme description contains unofficial language. It must be written in standard English.
ERRORRepo Compliancereadme short description non official language1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
The readme short description contains unofficial language. It must be written in standard English.
ERRORMaintainabilitytrunk stable tag1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Incorrect Stable Tag. It's recommended not to use "Stable Tag: trunk". Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.
External Connections
Potential connections found in static code analysis.
Outbound calls
300
External assets
0
Incoming endpoints
0
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Score History
First score snapshot
v3.0.1
36
Latest
- Findings
- 429
- Errors
- 392
- Warnings
- 37
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 36 | 429 | 392 | 37 | v3.0.1 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
4k+ active installs
600 active installs
500 active installs
2k+ active installs
900 active installs
5k+ active installs