Events Calendar for GeoDirectory

Events Calendar add-on for GeoDirectory allows to extend your GeoDirectory powered website with a versatile event manager.

v2.3.30StiofanUpdated Added 2k+ installs100% rating
27
Score
1,229
Errors
462
Warnings
+0
Change

Category Scores

Security0
Repo97
Performance100
Maintainability12

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

1,691 findings

I18n

843

5 issue groups

Security

588

11 issue groups

Maintainability

245

9 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'events-for-geodirectory' but got "geodirectory".589
Category
I18n
Occurrences
589
Severity
error

Sample message

Mismatched text domain. Expected 'events-for-geodirectory' but got "geodirectory".

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_week_days'.295
Category
Security
Occurrences
295
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_week_days'.

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().133
Category
I18n
Occurrences
133
Severity
error

Sample message

Missing $domain parameter in function call to __().

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.109
Category
Security
Occurrences
109
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.100
Category
I18n
Occurrences
100
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$active".99
Category
Maintainability
Occurrences
99
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$active".

WARNINGSecurityRequest data is not unslashed$_GET['gde'] not unslashed before sanitization. Use wp_unslash() or similar49
Category
Security
Occurrences
49
Severity
warning

Sample message

$_GET['gde'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.45
Category
Maintainability
Occurrences
45
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().42
Category
Maintainability
Occurrences
42
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $table at " AND $table.latitude BETWEEN %f AND %f AND $table.longitude BETWEEN %f AND %f "39
Category
Security
Occurrences
39
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $table at " AND $table.latitude BETWEEN %f AND %f AND $table.longitude BETWEEN %f AND %f "

Show 15 more
ERRORMaintainabilitydate date33
Category
Maintainability
Occurrences
33
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

ERRORSecurityUnsafe printing function32
Category
Security
Occurrences
32
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WARNINGSecurityDatabase parameter is not escaped22
Category
Security
Occurrences
22
Severity
warning

Sample message

Unescaped parameter $attachments_table used in $wpdb->query()\n$attachments_table assigned unsafely at line 30.

ERRORI18nNon Singular String Literal Text17
Category
I18n
Occurrences
17
Severity
error

Sample message

The $text parameter must be a single text string literal. Found: $args['rewrite']['slug']

ERRORSecuritySQL query is not prepared14
Category
Security
Occurrences
14
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $sql

WARNINGSecurityInput is not sanitized14
Category
Security
Occurrences
14
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['gde']

WARNINGSecurityMissing nonce verification8
Category
Security
Occurrences
8
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityNot In Footer8
Category
Maintainability
Occurrences
8
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_register_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

ERRORMaintainabilityMissing direct file access protection7
Category
Maintainability
Occurrences
7
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGMaintainabilityNon-prefixed function4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "activate_events_for_geodirectory".

WARNINGMaintainabilityNon-prefixed hook name4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "plugin_locale".

ERRORI18nMissing Singular Placeholder4
Category
I18n
Occurrences
4
Severity
error

Sample message

Missing singular placeholder, needed for some languages. See https://codex.wordpress.org/I18n_for_WordPress_Developers#Plurals

ERRORSecurityDatabase parameter is not escaped3
Category
Security
Occurrences
3
Severity
error

Sample message

Unescaped parameter $post_type used in $wpdb->query()\n$post_type assigned unsafely at line 46.

WARNINGMaintainabilitySchema Change3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Attempting a database schema change is discouraged.

WARNINGSecurityUnfinished Prepare3
Category
Security
Occurrences
3
Severity
warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

External Connections

Not analyzed yet.

Score History

First score snapshot

v2.3.30

27

Latest

Findings
1,691
Errors
1,229
Warnings
462
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Related Plugins

Events Block

600 active installs

100
Termin-Kalender

400 active installs

100