Create and save SQL Reports in your WP Admin and place them on pages and posts with a shortcode. Keep your database safe with automatic backups.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
226
8 issue groups
Maintainability
73
16 issue groups
I18n
8
1 issue group
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" h2.ELISQLREPORTS-Report-Name {display: none;}</style><!-- $cache[0] -->\n"'.71
- Category
- Security
- Occurrences
- 71
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" h2.ELISQLREPORTS-Report-Name {display: none;}</style><!-- $cache[0] -->\n"'.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['delete']56
- Category
- Security
- Occurrences
- 56
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['delete']
WARNINGSecurityRequest data is not unslashed$_GET['delete'] not unslashed before sanitization. Use wp_unslash() or similar56
- Category
- Security
- Occurrences
- 56
- Severity
- warning
Sample message
$_GET['delete'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $GLOBALS16
- Category
- Security
- Occurrences
- 16
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $GLOBALS
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['DB_PASSWORD']. Check that the array index exists before using it.13
- Category
- Security
- Occurrences
- 13
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['DB_PASSWORD']. Check that the array index exists before using it.
ERRORMaintainabilitywp function not compatible with requires wpFunction "esc_attr()" requires WordPress 2.8.0, but your plugin minimum supported version is WordPress 2.6.0.9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- error
Sample message
Function "esc_attr()" requires WordPress 2.8.0, but your plugin minimum supported version is WordPress 2.6.0.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.8
- Category
- Security
- Occurrences
- 8
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().8
- Category
- I18n
- Occurrences
- 8
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
Show 15 moreShow less
ERRORMaintainabilityForbidden PHP function found7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
The use of function eval() is forbidden
ERRORMaintainabilityfile system operations fwrite6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
ERRORSecurityDatabase parameter is not escaped5
- Category
- Security
- Occurrences
- 5
- Severity
- error
Sample message
Unescaped parameter $SQ used in $wpdb->get_results()\n$SQ assigned unsafely at line 417.
ERRORMaintainabilitymysql mysqli query5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: mysqli_query.
ERRORMaintainabilitydate date5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilitymysql mysqli free result4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: mysqli_free_result.
WARNINGMaintainabilityNon-prefixed global variable4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$func".
ERRORMaintainabilitymysql mysqli error3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: mysqli_error.
ERRORMaintainabilitymysql mysqli fetch row3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: mysqli_fetch_row.
WARNINGMaintainabilityerror log print r3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations fopen3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityfile system operations fclose2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityMissing direct file access protection2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilityOffloaded Content1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.
ERRORSecurityUnescaped Literal1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
Found unescaped literal "%" character.
External Connections
Potential connections found in static code analysis.
Outbound calls
9
External assets
0
Incoming endpoints
0
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Score History
First score snapshot
v5.25.25
27
Latest
- Findings
- 323
- Errors
- 165
- Warnings
- 158
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 27 | 323 | 165 | 158 | v5.25.25 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Domain
Related
Author
Issue
Domain
Related
Related Plugins
600 active installs
1k+ active installs
900 active installs
3k+ active installs
10k+ active installs
1k+ active installs