EasyMe Connect

Connects your EasyMe account to Wordpress.

v3.0.4easymebizUpdated Added 500 installs100% rating
37
Score
130
Errors
45
Warnings
+0
Change

Category Scores

Security0
Repo83
Performance100
Maintainability72

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

175 findings

Security

88

8 issue groups

I18n

62

6 issue groups

Maintainability

21

10 issue groups

Repo Compliance

1

1 issue group

ERRORI18nText Domain MismatchMismatched text domain. Expected 'easyme-connect' but got 'easyme'.51
Category
I18n
Occurrences
51
Severity
error

Sample message

Mismatched text domain. Expected 'easyme-connect' but got 'easyme'.

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_page['auth_url']'.32
Category
Security
Occurrences
32
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_page['auth_url']'.

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.21
Category
Security
Occurrences
21
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SERVER['EM_API_SERVER']11
Category
Security
Occurrences
11
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER['EM_API_SERVER']

WARNINGSecurityRequest data is not unslashed$_SERVER['EM_API_SERVER'] not unslashed before sanitization. Use wp_unslash() or similar10
Category
Security
Occurrences
10
Severity
warning

Sample message

$_SERVER['EM_API_SERVER'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_METHOD']. Check that the array index exists before using it.8
Category
Security
Occurrences
8
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_METHOD']. Check that the array index exists before using it.

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.7
Category
I18n
Occurrences
7
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.3
Category
Security
Occurrences
3
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

ERRORMaintainabilityOffloaded ContentFound call to wp_register_script() with external resource. Offloading scripts to your servers or any remote service is disallowed.2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Found call to wp_register_script() with external resource. Offloading scripts to your servers or any remote service is disallowed.

Show 15 more
WARNINGMaintainabilityNon-prefixed hook name2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "em_filter_content".

WARNINGSecurityNonce verification recommended2
Category
Security
Occurrences
2
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityMissing Version2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

ERRORMaintainabilityNo Explicit Version2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_enqueue_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.

WARNINGI18nDiscouraged text-domain loading1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

WARNINGMaintainabilityslow db query meta query1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Detected usage of meta_query, possible slow query.

WARNINGMaintainabilityNon-prefixed global variable1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$f".

WARNINGMaintainabilityNon-prefixed global variable1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$const".

WARNINGMaintainabilityerror log error log1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

ERRORSecurityException output is not escaped1
Category
Security
Occurrences
1
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$type'.

ERRORMaintainabilityparse url parse url1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

ERRORI18nDeprecated parameter: load_plugin_textdomain parameter 21
Category
I18n
Occurrences
1
Severity
error

Sample message

The parameter "FALSE" at position #2 of load_plugin_textdomain() has been deprecated since WordPress version 2.7.0. Use "" instead.

WARNINGI18nNo Html Wrapped Strings1
Category
I18n
Occurrences
1
Severity
warning

Sample message

Translatable string should not be wrapped in HTML. Found: '<p style="text-align:right; font-style:italic; font-size: 80%; margin:0 padding: 0">You are logged in as https://ezme.io/wp/user/name | <a href="https://ezme.io/wp/logout">log out</a></p>'

ERRORI18nNon Singular String Literal Text1
Category
I18n
Occurrences
1
Severity
error

Sample message

The $text parameter must be a single text string literal. Found: 'EasyMe Connect ' . $vars['plugin']['Version']

ERRORRepo Complianceno license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.

External Connections

Potential connections found in static code analysis.

10 domains

Outbound calls

31

External assets

2

Incoming endpoints

0

Notable Domains

ezme.io18 · outbound
api.easyme.com1 · outbound
easyme.dk1 · outbound
help.easyme.dk1 · outbound
oauth.easyme.com1 · outbound

Platform / Reference Domains

developer.wordpress.org4 · platform/reference

External Asset Domains

cdnjs.cloudflare.com4 · asset + outbound

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v3.0.4

37

Latest

Findings
175
Errors
130
Warnings
45
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related Plugins

Events Block

600 active installs

100
Calendar

4k+ active installs

99