CP Blocks

CP Blocks allows to insert complementary blocks of code, like buttons, design elements, new functionalities, etc. It supports inserting blocks into th …

v1.1.3codepeopleUpdated Added 1k+ installs100% rating
36
Score
46
Errors
38
Warnings
+0
Change

Category Scores

Security0
Repo88
Performance100
Maintainability62

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

84 findings

Maintainability

55

13 issue groups

Security

23

7 issue groups

I18n

3

2 issue groups

Repo Compliance

3

3 issue groups

ERRORMaintainabilitywp function not compatible with requires wpFunction "get_current_blog_id()" requires WordPress 3.1.0, but your plugin minimum supported version is WordPress 3.0.5.21
Category
Maintainability
Occurrences
21
Severity
error

Sample message

Function "get_current_blog_id()" requires WordPress 3.1.0, but your plugin minimum supported version is WordPress 3.0.5.

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$cp_block_http_host".8
Category
Maintainability
Occurrences
8
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$cp_block_http_host".

ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $field7
Category
Security
Occurrences
7
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $field

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.5
Category
Security
Occurrences
5
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$btn'.4
Category
Security
Occurrences
4
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$btn'.

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $table used in $wpdb->get_results()2
Category
Security
Occurrences
2
Severity
warning

Sample message

Unescaped parameter $table used in $wpdb->get_results()

Show 15 more
WARNINGMaintainabilityNon-prefixed class2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "CP_FEEDBACK".

WARNINGMaintainabilityNon-prefixed function2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "cp_blocks_troubleshoot".

WARNINGMaintainabilityprevent path disclosure error reporting2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

error_reporting() can lead to full path disclosure.

ERRORMaintainabilityparse url parse url2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

ERRORI18nMissing Arg Domain2
Category
I18n
Occurrences
2
Severity
error

Sample message

Missing $domain parameter in function call to __().

WARNINGMaintainabilityMixed line endings1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

File has mixed line endings; this may cause incorrect results

WARNINGI18nDiscouraged text-domain loading1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

ERRORSecurityDatabase parameter is not escaped1
Category
Security
Occurrences
1
Severity
error

Sample message

Unescaped parameter $sql used in $wpdb->query()\n$sql assigned unsafely at line 85.

WARNINGSecurityUnnecessary Prepare1
Category
Security
Occurrences
1
Severity
warning

Sample message

It is not necessary to prepare a query which doesn't use variable replacement.

WARNINGMaintainabilityNon-prefixed hook name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "cfte_get_option".

ERRORMaintainabilityfile system operations mkdir1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().

ERRORMaintainabilityunlink unlink1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

ERRORRepo Compliancelicense mismatch1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Your plugin has a different license declared in the readme file and plugin header. Please update your readme with a valid GPL license identifier.

WARNINGRepo Compliancereadme parser warnings too many tags1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

WARNINGRepo Compliancereadme parser warnings trimmed short description1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

The "Short Description" section is too long and was truncated. A maximum of 150 characters is supported.

External Connections

Potential connections found in static code analysis.

4 domains

Outbound calls

12

External assets

1

Incoming endpoints

1

Notable Domains

Platform / Reference Domains

wordpress.org1 · platform/reference

External Asset Domains

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints1
wp_ajax_cp_feedbackauthenticated

wp_ajax

Score History

First score snapshot

v1.1.3

36

Latest

Findings
84
Errors
46
Warnings
38
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

31 nodes

Related Plugins

Code Embed

10k+ active installs

100
Generate Child Theme

9k+ active installs

100
99
Animate Blocks

400 active installs

99
Attributes for Blocks

4k+ active installs

99