PluginScore

Debloat – Remove Unused CSS, Optimize JS

Remove Unused CSS, Optimize CSS, Optimize JS and speed up your site.

v1.3.0asadknUpdated Added 30k+ installs96% rating
Optimizeperformancespeeduncss
58
Score
24
Errors
20
Warnings
+0
Change

Category Scores

Security33
Repo94
Performance100
Maintainability79

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

44 findings

Maintainability

17

11 issue groups

Security

16

5 issue groups

I18n

10

3 issue groups

Repo Compliance

1

1 issue group

WARNINGSecurityRecommendedProcessing form data without nonce verification.7
Category
Security
Occurrences
7
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$css_cache'.6
Category
Security
Occurrences
6
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$css_cache'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORMaintainabilityparse url parse urlparse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
ERRORI18nText Domain MismatchMismatched text domain. Expected 'debloat' but got 'delobat'.5
Category
I18n
Occurrences
5
Severity
error

Sample message

Mismatched text domain. Expected 'debloat' but got 'delobat'.

WordPress.WP.I18n.TextDomainMismatchReference
ERRORI18nMissing Translators CommentA function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.4
Category
I18n
Occurrences
4
Severity
error

Sample message

A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
WARNINGMaintainabilityInvalid Prefix PassedThe "debloat/remove_css" prefix is not a valid namespace/function/class/variable/constant prefix in PHP.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

The "debloat/remove_css" prefix is not a valid namespace/function/class/variable/constant prefix in PHP.

WordPress.NamingConventions.PrefixAllGlobals.InvalidPrefixPassed
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter
WARNINGI18nload plugin textdomain Foundload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFoundReference
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
Show 10 more
WARNINGMaintainabilityNon Prefixed Hookname Found1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "rt_nginx_helper_purge_all".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
WARNINGMaintainabilityerror log print r1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r
ERRORSecurityException Not Escaped1
Category
Security
Occurrences
1
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"No container exists with key '{$name}'"'.

WordPress.Security.EscapeOutput.ExceptionNotEscapedReference
WARNINGSecurityInput Not Sanitized1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['page']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityMissing Unslash1
Category
Security
Occurrences
1
Severity
warning

Sample message

$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilityNon Enqueued Script1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WordPress.WP.EnqueuedResources.NonEnqueuedScript
WARNINGMaintainabilitymismatched plugin name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "Debloat - Remove Unused CSS, Optimize JS" is different from the name declared in plugin header "Debloat".

mismatched_plugin_nameReference
WARNINGMaintainabilitymissing composer json file1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The "/vendor" directory using composer exists, but "composer.json" file is missing.

missing_composer_json_fileReference
ERRORMaintainabilitymissing direct file access protection1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference

Score History

First score snapshot

v1.3.0

58

Latest

Findings
44
Errors
24
Warnings
20
Check
2.0.0

Related Plugins

DietPress

2k+ active installs

100
Disable Emojis (GDPR friendly)

60k+ active installs

100
Embed Optimizer

50k+ active installs

100
Image Placeholders

60k+ active installs

100
Load Combined Core Block Assets

1k+ active installs

100
Modern Image Formats

100k+ active installs

100