Load plugins only where you need them. No bloat, no conflicts, more speed. Deactivate plugins where they don't add anything useful.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
748
10 issue groups
Maintainability
70
15 issue groups
WARNINGSecurityRecommendedProcessing form data without nonce verification.474
- Category
- Security
- Occurrences
- 474
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityMissing Unslash$_COOKIE['fdp_order'] not unslashed before sanitization. Use wp_unslash() or similar129
- Category
- Security
- Occurrences
- 129
- Severity
- warning
Sample message
$_COOKIE['fdp_order'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityMissingProcessing form data without nonce verification.92
- Category
- Security
- Occurrences
- 92
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_GET['order']. Check that the array index exists before using it.32
- Category
- Security
- Occurrences
- 32
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['order']. Check that the array index exists before using it.
ERRORMaintainabilitywp function not compatible with requires wpFunction "delete_expired_transients()" requires WordPress 4.9.0, but your plugin minimum supported version is WordPress 4.6.0.20
- Category
- Maintainability
- Occurrences
- 20
- Severity
- error
Sample message
Function "delete_expired_transients()" requires WordPress 4.9.0, but your plugin minimum supported version is WordPress 4.6.0.
WARNINGMaintainabilityDiscouragedThe use of function ini_set() is discouraged19
- Category
- Maintainability
- Occurrences
- 19
- Severity
- warning
Sample message
The use of function ini_set() is discouraged
ERRORMaintainabilityFoundThe use of function _cleanup_header_comment() is forbidden5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
The use of function _cleanup_header_comment() is forbidden
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$cart_items_html'.5
- Category
- Security
- Occurrences
- 5
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$cart_items_html'.
WARNINGSecurityUnescaped DBParameterUnescaped parameter $option_name used in $wpdb->get_results()\n$option_name assigned unsafely at line 1486.4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Unescaped parameter $option_name used in $wpdb->get_results()\n$option_name assigned unsafely at line 1486.
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['open-notification']4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['open-notification']
Show 15 moreShow less
ERRORMaintainabilityfile system operations rmdir4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().
WARNINGSecurityInterpolated Not Prepared3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $option_name at "SELECT length(option_value) AS option_value_length FROM $wpdb->options WHERE option_name = '$option_name'"
WARNINGSecuritywp redirect wp redirect3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
ERRORMaintainabilityfile system operations is writable3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
WARNINGMaintainabilitytrademarked term3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "Freesoul Deactivate Plugins - Disable plugins on individual WordPress pages" - contains the restricted term "plugin" which cannot be used at all in your plugin name.
WARNINGMaintainabilityDirect Query2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORSecurityNot Prepared2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $sql
ERRORMaintainabilityrand rand2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rand() is discouraged. Use the far less predictable wp_rand() instead.
ERRORMaintainabilityrename rename2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rename() is discouraged. Use WP_Filesystem::move() to rename a file.
ERRORMaintainabilityPLUGINDIRUsage Found2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Found usage of constant "PLUGINDIR". Use WP_PLUGIN_DIR instead.
ERRORMaintainabilityplugin updater detected2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Plugin Updater detected. These are not permitted in WordPress.org hosted plugins. Detected: class FDP_EDD_SL_Plugin_Updater
WARNINGMaintainabilityupdate modification detected2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins
WARNINGMaintainabilityNo Code Found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.
ERRORMaintainabilitydate date1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Score History
First score snapshot
v2.6.4
32
Latest
- Findings
- 826
- Errors
- 53
- Warnings
- 773
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 32 | 826 | 53 | 773 | v2.6.4 | 2.0.0 |
Related Plugins
2k+ active installs
60k+ active installs
50k+ active installs
60k+ active installs
1k+ active installs
100k+ active installs