PluginScore

Easy Document Embedder – Embed Word, excel, Powerpoint, Pdf file and more..

Document embedding on a website is a common thing we need to do regularly. By using this plugin you can embed all the common files like PDF, Word, XLS …

v1.0techmixUpdated Added 500 installs60% rating
documentembed pdfexcelgoogle docspowerpoint
40
Score
55
Errors
27
Warnings
+0
Change

Category Scores

Security0
Repo91
Performance100
Maintainability80

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

82 findings

Security

46

5 issue groups

Maintainability

20

6 issue groups

I18n

14

2 issue groups

Repo Compliance

2

2 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$base_url'.24
Category
Security
Occurrences
24
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$base_url'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORI18nText Domain MismatchMismatched text domain. Expected 'easy-document-embedder' but got 'pdfdoc-embedder'.13
Category
I18n
Occurrences
13
Severity
error

Sample message

Mismatched text domain. Expected 'easy-document-embedder' but got 'pdfdoc-embedder'.

WordPress.WP.I18n.TextDomainMismatchReference
WARNINGSecurityRequest data is not unslashed$_POST['ede_downlaod_file_url'] not unslashed before sanitization. Use wp_unslash() or similar12
Category
Security
Occurrences
12
Severity
warning

Sample message

$_POST['ede_downlaod_file_url'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;11
Category
Maintainability
Occurrences
11
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.8
Category
Security
Occurrences
8
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter
ERRORMaintainabilitywp function not compatible with requires wpFunction "register_block_type()" requires WordPress 5.0.0, but your plugin minimum supported version is WordPress 3.0.1.2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Function "register_block_type()" requires WordPress 5.0.0, but your plugin minimum supported version is WordPress 3.0.1.

wp_function_not_compatible_with_requires_wpReference
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.1
Category
Security
Occurrences
1
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunctionReference
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['ede_embedder_nonce']1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['ede_embedder_nonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
Show 5 more
ERRORMaintainabilityparse url parse url1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
ERRORI18nNon Singular String Literal Text1
Category
I18n
Occurrences
1
Severity
error

Sample message

The $text parameter must be a single text string literal. Found: 'Shortcode for this Document is : <code>[EDE id="'.$post->ID.'"]</code> (Insert it anywhere in your post/page and show your Document)'

WordPress.WP.I18n.NonSingularStringLiteralTextReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 5.6 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
WARNINGRepo Compliancereadme parser warnings no short description present1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

The "Short Description" section is missing. An excerpt was generated from your main plugin description.

readme_parser_warnings_no_short_description_present
ERRORMaintainabilitytrunk stable tag1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Incorrect Stable Tag. It's recommended not to use "Stable Tag: trunk". Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.

trunk_stable_tagReference

External Connections

Potential connections found in static code analysis.

1 domains

Outbound calls

12

External assets

0

Incoming endpoints

0

Notable Domains

techmix.xyz12 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v1.0

40

Latest

Findings
82
Errors
55
Warnings
27
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

30 nodes

Related Plugins

Document Embedder – Embed PDFs, Word, Excel, and Other Files

9k+ active installs

100
PDF Embed Block – Embed PDF Files in Posts or Pages

3k+ active installs

100
PDF Poster – Display PDF Files with Custom Viewer

20k+ active installs

100
SpreadsheetConverter Calculator

600 active installs

99
WP All Export – User Export Add-On

2k+ active installs

98
DocsPress – Online Documentation

400 active installs

97