PluginScore

Content Widget

A widget that allows you to display the content of a post (of any type) in a widget area.

v0.4.2shazdehUpdated Added 400 installs100% rating
contentpostsidebarwidget
41
Score
72
Errors
9
Warnings
+0
Change

Category Scores

Security0
Repo83
Performance100
Maintainability95

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

81 findings

Security

72

6 issue groups

Maintainability

6

3 issue groups

Repo Compliance

3

3 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_title'.57
Category
Security
Occurrences
57
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_title'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.11
Category
Security
Occurrences
11
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunctionReference
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$categories".4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$categories".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.1
Category
Security
Occurrences
1
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['post_type']1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['post_type']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['post_type']. Check that the array index exists before using it.1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['post_type']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGSecurityRequest data is not unslashed$_POST['post_type'] not unslashed before sanitization. Use wp_unslash() or similar1
Category
Security
Occurrences
1
Severity
warning

Sample message

$_POST['post_type'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilitystrip tags strip tagsstrip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags
WARNINGMaintainabilityDiscouraged PHP functionquery_posts() is discouraged. Use WP_Query instead.1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

query_posts() is discouraged. Use WP_Query instead.

WordPress.WP.DiscouragedFunctions.query_posts_query_posts
ERRORRepo Complianceno licenseMissing "License". Please update your readme with a valid GPLv2 (or later) compatible license.1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.

no_licenseReference
Show 2 more
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 4.6 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
ERRORRepo Complianceplugin header no license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_licenseReference

External Connections

Potential connections found in static code analysis.

0 domains

Outbound calls

0

External assets

0

Incoming endpoints

1

Notable Domains

No notable third-party domains detected.

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints1
wp_ajax_content_widget_get_postsauthenticated

wp_ajax

Score History

First score snapshot

v0.4.2

41

Latest

Findings
81
Errors
72
Warnings
9
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

28 nodes

Related Plugins

3D Viewer – Display Interactive 3D Models

9k+ active installs

100
Crypto Converter ⚡ Widget

1k+ active installs

100
Exchange Rates Widget

1k+ active installs

100
JSM Non-Breaking Space (nbsp) for French Content

1k+ active installs

100
Shortcode Widget

10k+ active installs

100
Add Dashboard Columns

400 active installs

99