Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
326
16 issue groups
Security
31
7 issue groups
I18n
1
1 issue group
Performance
1
1 issue group
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$ImageId".234
- Category
- Maintainability
- Occurrences
- 234
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$ImageId".
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;50
- Category
- Maintainability
- Occurrences
- 50
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_title'.21
- Category
- Security
- Occurrences
- 21
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_title'.
WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".10
- Category
- Maintainability
- Occurrences
- 10
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".
WARNINGMaintainabilityslow db query tax queryDetected usage of tax_query, possible slow query.8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
Detected usage of tax_query, possible slow query.
WARNINGMaintainabilityNon Prefixed Function FoundFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "desert_shopire_user_custom_style".5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "desert_shopire_user_custom_style".
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_SESSION['fable-extra-woocompare-list']3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_SESSION['fable-extra-woocompare-list']
WARNINGMaintainabilitywp reset query wp reset querywp_reset_query() is discouraged. Use wp_reset_postdata() instead.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
wp_reset_query() is discouraged. Use wp_reset_postdata() instead.
WARNINGMaintainabilityMissing VersionResource version not set in call to wp_register_style(). This means new versions of the style may not always be loaded due to browser caching.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Resource version not set in call to wp_register_style(). This means new versions of the style may not always be loaded due to browser caching.
ERRORSecurityUnescaped DBParameterUnescaped parameter $page used in $wpdb->get_var()\n$page used without escaping.2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
Unescaped parameter $page used in $wpdb->get_var()\n$page used without escaping.
Show 15 moreShow less
WARNINGMaintainabilityDirect Query2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORSecurityNot Prepared2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $query
WARNINGMaintainabilityNon Prefixed Constant Found2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "WPFE_PATH".
ERRORMaintainabilityNo Explicit Version2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_enqueue_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.
WARNINGSecurityInterpolated Not Prepared1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable {$page} at "SELECT `ID` FROM `{$wpdb->posts}` WHERE `post_name` = '{$page}' AND `post_type` = 'page' LIMIT 1;"
WARNINGMaintainabilityslow db query meta key1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_key, possible slow query.
WARNINGMaintainabilityslow db query meta query1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
WARNINGMaintainabilityerror log error log1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
WARNINGSecurityInput Not Validated1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['fable_extra_product_d']. Check that the array index exists before using it.
WARNINGSecurityMissing Unslash1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
$_POST['keyword'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilitystrip tags strip tags1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
ERRORMaintainabilityGet terms Param2Found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
The parameter "array( 'parent' => $parent, 'hide_empty' => false, 'exclude' => $exclude)" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.
WARNINGI18nNo Html Wrapped Strings1
- Category
- I18n
- Occurrences
- 1
- Severity
- warning
Sample message
Translatable string should not be wrapped in HTML. Found: '<div class="wf-col-lg-12 wf-col-xs-12"><div class="fable-extra-woowishlist-item wishlist-head"><div><h5>Product Image</h5></div><div class="product-name"><h5>Product Name</h5></div><div class="product-price"><h5>Unit price</h5></div><div class="product-stock-status"><h5>Stock status</h5></div><div class="product-add-to-cart"><h5>Action</h5></div></div></div>'
WARNINGPerformancePost Not In exclude1
- Category
- Performance
- Occurrences
- 1
- Severity
- warning
Sample message
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
Score History
First score snapshot
v1.0.13
32
Latest
- Findings
- 361
- Errors
- 79
- Warnings
- 282
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 32 | 361 | 79 | 282 | v1.0.13 | 2.0.0 |
Related Plugins
5k+ active installs
5k+ active installs
2k+ active installs
3k+ active installs
3k+ active installs
10k+ active installs