Create high-converting WooCommerce checkout pages, WooCommerce thank you pages & sales funnels with the highest-rated WordPress funnel builder.
Prioritized issue groups from the latest Plugin Check scan
Maintainability
2,463
10 issue groups
I18n
2,154
5 issue groups
Security
1,090
10 issue groups
Sample message
Mismatched text domain. Expected 'funnel-builder' but got 'FunnelKit'.
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$VARS".
Sample message
Missing $domain parameter in function call to __().
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"#wfacp-sec-wrapper .wfacp_coderockz_woo_delivery{padding:0 $px"'.
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'bwf_email_section_' . $section['type']".
Sample message
Use of a direct database call is discouraged.
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Sample message
Processing form data without nonce verification.
Sample message
Unescaped parameter $Sql_Query used in $wpdb->get_col()\n$Sql_Query assigned unsafely at line 442.
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "BWFBlocksOptin_Render_Block".
Sample message
Processing form data without nonce verification.
Sample message
The $text parameter must be a single text string literal. Found: $address_key_group
Sample message
Detected usage of a non-sanitized input variable: $_COOKIE[$attr['key']]
Sample message
Use placeholders and $wpdb->prepare(); found $ob_query
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bwf_clean".
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable {$bwf_table} at "TRUNCATE TABLE {$bwf_table}"
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"No such method exists: $name"'.
Sample message
The $text text string should have translatable content. Found: ''
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$cart_image_filter".
Sample message
Namespaces declared by a theme/plugin should start with the theme/plugin prefix. Found: "FunnelKit".
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
Potential connections found in static code analysis.
Outbound calls
283
External assets
6
Incoming endpoints
11
register_rest_route
register_rest_route
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
5 score snapshots
v3.15.0.9
25
Latest
v3.15.0.8
25
Score
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 25 | 5,788 | 3,164 | 2,624 | v3.15.0.9 | 2.0.0 |
| 25 | 5,788 | 3,164 | 2,624 | v3.15.0.8 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.