WooCommerce AI Management, B2B Wholesale, Purchase Orders, Multi-store Dashboard, Quotes, Certified Zoho & Exact Online Integrations and more.
Prioritized issue groups from the latest Plugin Check scan
Maintainability
148
13 issue groups
Security
16
6 issue groups
I18n
1
1 issue group
Sample message
Use of a direct database call is discouraged.
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "import_simple_items_cron".
Sample message
Detected usage of meta_query, possible slow query.
Sample message
Processing form data without nonce verification.
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $placeholders at \t\t\t\tWHERE p.ID IN ($placeholders)"
Sample message
Detected usage of meta_key, possible slow query.
Sample message
Detected usage of meta_value, possible slow query.
Sample message
$_GET['category'] not unslashed before sanitization. Use wp_unslash() or similar
Sample message
Replacement variables found, but no valid placeholders found in the query.
Sample message
Detected usage of tax_query, possible slow query.
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$exact_online_sync".
Sample message
Plugin folders are deleted when upgraded. Do not save data to the plugin folder using copy(). Detected usage of constant WP_CONTENT_DIR. Use wp_upload_dir() to get the uploads directory path or save to the database instead.
Sample message
Unescaped parameter $table used in $wpdb->query()\n$table assigned unsafely at line 438.
Sample message
Attempting a database schema change is discouraged.
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "FS_METHOD".
Sample message
Detected usage of a non-sanitized input variable: $_SERVER['REMOTE_ADDR']
Sample message
The $domain parameter must be a single text string literal. Found: ‘commercebird’
Sample message
Plugin name "CommerceBird – AI Command Center, ERP Integrations & B2B for WooCommerce (Zoho, Exact Online)." is different from the name declared in plugin header "CommerceBird".
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Potential connections found in static code analysis.
Outbound calls
41
External assets
3
Incoming endpoints
18
wp_ajax
admin_post
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
5 more hidden
2 score snapshots
v3.0.3
61
Latest
v3.0.2
61
Score
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 61 | 165 | 3 | 162 | v3.0.3 | 2.0.0 |
| 61 | 164 | 3 | 161 | v3.0.2 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.