Featured Post Plugin for Wordpress.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
37
6 issue groups
Maintainability
11
7 issue groups
I18n
4
1 issue group
Repo Compliance
2
2 issue groups
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<a href=\"#!featured-toggle\" class=\"featured-post-toggle {$class}\" data-post-id=\"{$post_id}\">$text</a>"'.24
- Category
- Security
- Occurrences
- 24
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<a href=\"#!featured-toggle\" class=\"featured-post-toggle {$class}\" data-post-id=\"{$post_id}\">$text</a>"'.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().4
- Category
- I18n
- Occurrences
- 4
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['post_status']. Check that the array index exists before using it.3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['post_status']. Check that the array index exists before using it.
ERRORMaintainabilitystrip tags strip tagsstrip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
WARNINGMaintainabilityDiscouraged PHP functionwp_reset_query() is discouraged. Use wp_reset_postdata() instead.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
wp_reset_query() is discouraged. Use wp_reset_postdata() instead.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['post_type']2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['post_type']
WARNINGSecurityRequest data is not unslashed$_GET['post_type'] not unslashed before sanitization. Use wp_unslash() or similar2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
$_GET['post_type'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilityForbidden PHP function foundThe use of function create_function() is forbidden1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
The use of function create_function() is forbidden
WARNINGMaintainabilityslow db query meta queryDetected usage of meta_query, possible slow query.1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
Show 6 moreShow less
WARNINGSecurityMissing nonce verification1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityDeprecated function: get_currentuserinfo1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
get_currentuserinfo() has been deprecated since WordPress version 4.5.0. Use wp_get_current_user() instead.
ERRORMaintainabilityinvalid plugin name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Plugin name header in your readme is missing or invalid. Please update your readme with a valid plugin name header. Eg: "=== Example Name ==="
ERRORMaintainabilityMissing direct file access protection1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORRepo Complianceoutdated tested upto header1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Tested up to: 4.0 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
ERRORRepo Complianceplugin header no license1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.
External Connections
Potential connections found in static code analysis.
Outbound calls
4
External assets
0
Incoming endpoints
1
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Admin AJAX endpoints1
wp_ajax
Score History
First score snapshot
v3.2.1
40
Latest
- Findings
- 54
- Errors
- 36
- Warnings
- 18
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 40 | 54 | 36 | 18 | v3.2.1 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Plugin
Author
Issue
Related
Plugin
Author
Issue
Related
Related Plugins
3k+ active installs
3k+ active installs
200k+ active installs
400 active installs
800 active installs
400 active installs