Fast User Switching

Fast user switching between users and roles directly from the admin bar - switch from a list or search for users/roles by id, username, email, etc.

v1.4.10Tikweb ManagementUpdated 1 year agoAdded 9 years ago2k+ installs82% rating

admin switch switching user users

Score

Errors

Warnings

Change

Category Scores

Security0

Repo86

Performance100

Maintainability86

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

56 findings

Security

7 issue groups

Maintainability

5 issue groups

I18n

3 issue groups

Repo Compliance

3 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$ret'.14

Category: Security
Occurrences: 14
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$ret'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORMaintainabilityShort PHP open tag foundShort PHP opening tag used with echo; expected "<?php echo $rkey ..." but found "<?= $rkey ..."8

Category: Maintainability
Occurrences: 8
Severity: error

Sample message

Short PHP opening tag used with echo; expected "<?php echo $rkey ..." but found "<?= $rkey ..."

Generic.PHP.DisallowShortOpenTag.EchoFound

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_COOKIE[$key]6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE[$key]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityRequest data is not unslashed$_COOKIE[$key] not unslashed before sanitization. Use wp_unslash() or similar6

Category: Security
Occurrences: 6
Severity: warning

Sample message

$_COOKIE[$key] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "role_can_impersonate".2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "role_can_impersonate".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGI18nDiscouraged text-domain loadingload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

Show 8 more

WARNINGMaintainabilityNon-prefixed class1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "Tikweb_Impersonate".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound

WARNINGSecurityInput is not validated1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['nonce']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

ERRORI18nDeprecated parameter: load_plugin_textdomain parameter 21

Category: I18n
Occurrences: 1
Severity: error

Sample message

The parameter "FALSE" at position #2 of load_plugin_textdomain() has been deprecated since WordPress version 2.7.0. Use "" instead.

WordPress.WP.DeprecatedParameters.Load_plugin_textdomainParam2Found

ERRORI18nNo Empty Strings1

Category: I18n
Occurrences: 1
Severity: error

Sample message

The $text text string should have translatable content. Found: ''

WordPress.WP.I18n.NoEmptyStrings Reference

ERRORMaintainabilityMissing direct file access protection1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORRepo Complianceno license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.

no_license Reference

ERRORRepo Complianceoutdated tested upto header1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 6.5 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

WARNINGRepo Compliancereadme parser warnings too many tags1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags

External Connections

Not analyzed yet.

Score History

First score snapshot

2 days ago

v1.4.10

Latest

Findings: 56
Errors: 28
Warnings: 28
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	40	56	28	28	v1.4.10	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Loading map

PluginAuthorCategoryIssueRelated

Relationship links

Issue

Related Plugins

PufferDesk

0 active installs

100

Redux Framework

900k+ active installs

100

Simply Show Hooks

2k+ active installs

100

Hide WP Admin Notifications

1k+ active installs

One Click Close Comments

4k+ active installs

Plugin Report

1k+ active installs