Dynamic Front-End Heartbeat Control

An enhanced solution to optimize the performance of your WordPress website and automatically achieve the best Heartbeat API values.

v1.2.998.1CodeloghinUpdated 4 months agoAdded 3 years ago1k+ installs96% rating

admin-ajax heartbeat heartbeat api performance site health

Score

217

Errors

111

Warnings

Change

Category Scores

Security0

Repo100

Performance100

Maintainability57

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

328 findings

I18n

184

1 issue group

Maintainability

107

9 issue groups

Security

10 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'dynamic-front-end-heartbeat-control' but got 'dfehc'.184

Category: I18n
Occurrences: 184
Severity: error

Sample message

Mismatched text domain. Expected 'dynamic-front-end-heartbeat-control' but got 'dfehc'.

WordPress.WP.I18n.TextDomainMismatch Reference

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.40

Category: Maintainability
Occurrences: 40
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().40

Category: Maintainability
Occurrences: 40
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_COOKIE[$name]12

Category: Security
Occurrences: 12
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE[$name]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style>\r\n'.10

Category: Security
Occurrences: 10
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style>\r\n'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;10

Category: Maintainability
Occurrences: 10
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORMaintainabilityrand mt randmt_rand() is discouraged. Use the far less predictable wp_rand() instead.6

Category: Maintainability
Occurrences: 6
Severity: error

Sample message

mt_rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_mt_rand

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$plugin_file".4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$plugin_file".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $safe used in $wpdb->query()\n$safe assigned unsafely at line 340.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Unescaped parameter $safe used in $wpdb->query()\n$safe assigned unsafely at line 340.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable {$safe} at "ALTER TABLE {$safe} ENGINE=InnoDB"3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable {$safe} at "ALTER TABLE {$safe} ENGINE=InnoDB"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

Show 10 more

WARNINGMaintainabilitySchema Change2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

ERRORMaintainabilitydate date2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

WARNINGMaintainabilityDynamic hook name2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$hook".

WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound

ERRORSecurityException output is not escaped2

Category: Security
Occurrences: 2
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Method {$method} does not exist."'.

WordPress.Security.EscapeOutput.ExceptionNotEscaped Reference

WARNINGSecurityMissing nonce verification2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGSecurityNonce verification recommended2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

ERRORSecurityDatabase parameter is not escaped1

Category: Security
Occurrences: 1
Severity: error

Sample message

Unescaped parameter $query used in $wpdb->get_col()\n$query assigned unsafely at line 327.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORSecuritySQL query is not prepared1

Category: Security
Occurrences: 1
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $query

WordPress.DB.PreparedSQL.NotPrepared

WARNINGSecurityRequest data is not unslashed1

Category: Security
Occurrences: 1
Severity: warning

Sample message

$_POST['optimize_function'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORMaintainabilitywp function not compatible with requires wp1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Function "wp_trigger_error()" requires WordPress 6.4.0, but your plugin minimum supported version is WordPress 5.5.0.

wp_function_not_compatible_with_requires_wp Reference

External Connections

Potential connections found in static code analysis.

2 domains

Outbound calls

External assets

Incoming endpoints

Notable Domains

codeloghin.com1 · outbound

heartbeat.support1 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

wp_ajax_nopriv_$actionpublic

wp_ajax

/wp-json/dfehc-unclogger/v1/get/REST

register_rest_route

/wp-json/dfehc-unclogger/v1/optimize-db/(?P<tool>[^/]+)REST

register_rest_route

/wp-json/dfehc-unclogger/v1/set/REST

register_rest_route

/wp-json/dfehc-unclogger/v1/woocommerce-cache/clearREST

register_rest_route

/wp-json/dfehc-unclogger/v1/woocommerce-transients/countREST

register_rest_route

Admin AJAX endpoints6

wp_ajax_$actionauthenticated

wp_ajax

wp_ajax_dfehc_optimizeauthenticated

wp_ajax

wp_ajax_dfehc_pingauthenticated

wp_ajax

wp_ajax_dfehc_update_heartbeat_intervalauthenticated

wp_ajax

wp_ajax_dfehc_widget_refresh_statsauthenticated

wp_ajax

wp_ajax_get_server_loadauthenticated

wp_ajax

Score History

First score snapshot

yesterday

v1.2.998.1

Latest

Findings: 328
Errors: 217
Warnings: 111
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	36	328	217	111	v1.2.998.1	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

31 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

codeloghin.com1 signal heartbeat.support1 signal

Related Plugins

DietPress

2k+ active installs

100

Disable Emojis (GDPR friendly)

60k+ active installs

100

Embed Optimizer

50k+ active installs

100

Image Placeholders

60k+ active installs

100

Load Combined Core Block Assets

1k+ active installs

100

Memory Limit Manager

400 active installs

100