Contact Form DB for Enfold

Save All Contact from Enfold Module Contact in DB

v2.0.2doitUpdated Added 700 installs100% rating
58
Score
21
Errors
14
Warnings
+0
Change

Category Scores

Security31
Repo89
Performance100
Maintainability86

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

35 findings

Maintainability

14

5 issue groups

Security

13

4 issue groups

I18n

6

3 issue groups

Repo Compliance

2

2 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<td title=\"{$elem}\"><b>{$param}:</b></br> {$reduced_elem} </td>"'.5
Category
Security
Occurrences
5
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<td title=\"{$elem}\"><b>{$param}:</b></br> {$reduced_elem} </td>"'.

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.4
Category
Security
Occurrences
4
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

ERRORI18nText Domain MismatchMismatched text domain. Expected 'contact-form-db-for-enfold' but got 'ecf'.4
Category
I18n
Occurrences
4
Severity
error

Sample message

Mismatched text domain. Expected 'contact-form-db-for-enfold' but got 'ecf'.

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb-&gt;prepare(); found interpolated variable {$contact_time} at &quot;INSERT INTO {$wpdb-&gt;prefix}ecf SET page=&#039;{$page_title}&#039;, complete=&#039;{$contact_value}&#039;, contact_time =&#039;{$contact_time}&#039;&quot;3
Category
Security
Occurrences
3
Severity
warning

Sample message

Use placeholders and $wpdb-&gt;prepare(); found interpolated variable {$contact_time} at &quot;INSERT INTO {$wpdb-&gt;prefix}ecf SET page=&#039;{$page_title}&#039;, complete=&#039;{$contact_value}&#039;, contact_time =&#039;{$contact_time}&#039;&quot;

WARNINGMaintainabilitySchema ChangeAttempting a database schema change is discouraged.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Attempting a database schema change is discouraged.

ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGI18nDiscouraged text-domain loadingload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

Show 4 more
ERRORSecurityDatabase parameter is not escaped1
Category
Security
Occurrences
1
Severity
error

Sample message

Unescaped parameter $page_title used in $wpdb->get_results()\n$page_title assigned unsafely at line 81.

ERRORI18nMissing Arg Domain1
Category
I18n
Occurrences
1
Severity
error

Sample message

Missing $domain parameter in function call to _e().

ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 5.2 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

ERRORRepo Complianceplugin header no license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

External Connections

Potential connections found in static code analysis.

1 domains

Outbound calls

1

External assets

0

Incoming endpoints

0

Notable Domains

wp-love.it1 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v2.0.2

58

Latest

Findings
35
Errors
21
Warnings
14
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

23 nodes