Custom field finder

Allows you to easily find the custom fields (including hidden custom fields) and their values for a post, page or custom post type post.

v0.4YoastUpdated 1 month agoAdded 13 years ago2k+ installs100% rating

custom fields

Score

Errors

Warnings

Change

Category Scores

Security55

Repo100

Performance100

Maintainability97

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

12 findings

Security

4 issue groups

I18n

1 issue group

Maintainability

1 issue group

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$post'.6

Category: Security
Occurrences: 6
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$post'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORI18nMissing Translators CommentA function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.2

Category: I18n
Occurrences: 2
Severity: error

Sample message

A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['_wpnonce']1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['_wpnonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_POST['_wpnonce']. Check that the array index exists before using it.1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['_wpnonce']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityMissing Unslash$_POST['_wpnonce'] not unslashed before sanitization. Use wp_unslash() or similar1

Category: Security
Occurrences: 1
Severity: warning

Sample message

$_POST['_wpnonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference