PluginScore

Falcon – WordPress Optimizations & Tweaks

A lightweight WordPress optimization and tweak plugin for a better performance

v2.10.1Anh TranUpdated Added 2k+ installs100% rating
Optimizeadminperformancespeedtweaks
69
Score
29
Errors
21
Warnings
+0
Change

Category Scores

Security58
Repo91
Performance100
Maintainability67

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

50 findings

Maintainability

38

13 issue groups

Security

10

5 issue groups

Repo Compliance

2

2 issue groups

ERRORMaintainabilityShort PHP open tag foundShort PHP opening tag used with echo; expected "<?php echo esc_attr ..." but found "<?= esc_attr ..."15
Category
Maintainability
Occurrences
15
Severity
error

Sample message

Short PHP opening tag used with echo; expected "<?php echo esc_attr ..." but found "<?= esc_attr ..."

Generic.PHP.DisallowShortOpenTag.EchoFound
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;7
Category
Maintainability
Occurrences
7
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$default_email&quot;.4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$default_email&quot;.

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_SERVER[&#039;REQUEST_METHOD&#039;]. Check that the array index exists before using it.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER[&#039;REQUEST_METHOD&#039;]. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGMaintainabilityNon-prefixed constantGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;DISABLE_WP_CRON&quot;.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;DISABLE_WP_CRON&quot;.

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.2
Category
Security
Occurrences
2
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SERVER[&#039;REQUEST_URI&#039;]2
Category
Security
Occurrences
2
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER[&#039;REQUEST_URI&#039;]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityRequest data is not unslashed$_SERVER[&#039;REQUEST_URI&#039;] not unslashed before sanitization. Use wp_unslash() or similar2
Category
Security
Occurrences
2
Severity
warning

Sample message

$_SERVER[&#039;REQUEST_URI&#039;] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilityfive star reviews detectedLinking directly to 5 stars reviews is not allowed.2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Linking directly to 5 stars reviews is not allowed.

five_star_reviews_detectedReference
WARNINGMaintainabilityABSPATHDetectedWriting files using ABSPATH may be problematic. Consider using wp_upload_dir() instead if storing user data or generated files.1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Writing files using ABSPATH may be problematic. Consider using wp_upload_dir() instead if storing user data or generated files.

PluginCheck.CodeAnalysis.WriteFile.ABSPATHDetected
Show 10 more
WARNINGSecurityNonce verification recommended1
Category
Security
Occurrences
1
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
ERRORMaintainabilityfile system operations is writable1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().

WordPress.WP.AlternativeFunctions.file_system_operations_is_writable
ERRORMaintainabilityfile system operations readfile1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: readfile().

WordPress.WP.AlternativeFunctions.file_system_operations_readfile
ERRORMaintainabilityfile system operations rmdir1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().

WordPress.WP.AlternativeFunctions.file_system_operations_rmdir
ERRORMaintainabilityparse url parse url1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
WARNINGMaintainabilitymismatched plugin name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "Falcon - WordPress Optimizations & Tweaks" is different from the name declared in plugin header "Falcon".

mismatched_plugin_nameReference
WARNINGMaintainabilitymissing composer json file1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The &quot;/vendor&quot; directory using composer exists, but &quot;composer.json&quot; file is missing.

missing_composer_json_fileReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
WARNINGRepo Complianceplugin header nonexistent domain path1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

The "Domain Path" header in the plugin file must point to an existing folder. Found: "languages"

plugin_header_nonexistent_domain_pathReference
WARNINGMaintainabilitytrademarked term1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "Falcon - WordPress Optimizations &amp; Tweaks" - contains the restricted term "wordpress" which cannot be used at all in your plugin name.

trademarked_term

External Connections

Not analyzed yet.

Score History

First score snapshot

v2.10.1

69

Latest

Findings
50
Errors
29
Warnings
21
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Related Plugins

DietPress

2k+ active installs

100
Disable Emojis (GDPR friendly)

60k+ active installs

100
Embed Optimizer

50k+ active installs

100
Image Placeholders

60k+ active installs

100
Load Combined Core Block Assets

1k+ active installs

100
Modern Image Formats

100k+ active installs

100