Editorial Calendar allows you to view all your posts, schedule post, make quick edits, and manage your blog by dragging and dropping posts.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
231
7 issue groups
Maintainability
44
12 issue groups
I18n
10
5 issue groups
Supply Chain
1
1 issue group
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$date'.93
- Category
- Security
- Occurrences
- 93
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$date'.
WARNINGSecurityRecommendedProcessing form data without nonce verification.44
- Category
- Security
- Occurrences
- 44
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityMissing Unslash$_GET['author-hide'] not unslashed before sanitization. Use wp_unslash() or similar36
- Category
- Security
- Occurrences
- 36
- Severity
- warning
Sample message
$_GET['author-hide'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityMissingProcessing form data without nonce verification.24
- Category
- Security
- Occurrences
- 24
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['author-hide']13
- Category
- Security
- Occurrences
- 13
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['author-hide']
WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_GET['postid']. Check that the array index exists before using it.11
- Category
- Security
- Occurrences
- 11
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['postid']. Check that the array index exists before using it.
ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.10
- Category
- Security
- Occurrences
- 10
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.10
- Category
- Maintainability
- Occurrences
- 10
- Severity
- warning
Sample message
Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.10
- Category
- Maintainability
- Occurrences
- 10
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Show 15 moreShow less
ERRORI18nMissing Translators Comment5
- Category
- I18n
- Occurrences
- 5
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityprevent path disclosure error reporting4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
error_reporting() can lead to full path disclosure.
WARNINGMaintainabilityquery posts query posts4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
query_posts() is discouraged. Use WP_Query instead.
WARNINGMaintainabilityNon Prefixed Hookname Found3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "edit_post".
ERRORI18nMissing Arg Domain2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
WARNINGI18nload plugin textdomain Found1
- Category
- I18n
- Occurrences
- 1
- Severity
- warning
Sample message
load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.
ERRORMaintainabilityfile system operations fclose1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fopen1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityfile system operations fread1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().
ERRORI18nLoad plugin textdomain Param2Found1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The parameter "'wp-content/plugins/' . $plugin_dir . '/languages/'" at position #2 of load_plugin_textdomain() has been deprecated since WordPress version 2.7.0. Use "" instead.
ERRORI18nNon Singular String Literal Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: '<div id="feedbacksection">' .\n '<h2>Help us Make the Editorial Calendar Better</h2>' .\n 'We are always trying to improve the Editorial Calendar and you can help. May we collect some data about your blog and browser settings to help us improve this plugin? We\'ll only do it once and your blog will show up on our <a target="_blank" href="http://www.zackgrossbart.com/edcal/mint/">Editorial Calendar Statistics page</a>.<br /><br />' .\n '<button class="button-secondary" onclick="edcal.doFeedback();">Collect Data</button> ' .\n '<a href="#" id="nofeedbacklink" onclick="edcal.noFeedback(); return false;">No thank you</a></div>'
ERRORMaintainabilityapplication detected1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Application files are not permitted.
ERRORSupply Chainhidden files1
- Category
- Supply Chain
- Occurrences
- 1
- Severity
- error
Sample message
Hidden files are not permitted.
ERRORMaintainabilitylibrary core files1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Library files that are already in the WordPress core are not permitted.
ERRORMaintainabilitymissing direct file access protection1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Score History
First score snapshot
v3.9.4
35
Latest
- Findings
- 287
- Errors
- 127
- Warnings
- 160
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 35 | 287 | 127 | 160 | v3.9.4 | 2.0.0 |
Related Plugins
4k+ active installs
4k+ active installs
6k+ active installs