PluginScore

g-FFL Cockpit

Built by a FFL, for FFL's. Automate inventory synchronization and order fulfillment with multiple distributors.

v2.0.25garidiumUpdated Added 500 installs100% rating
FFLdistributorfirearmsfulfillmentwoocommerce
36
Score
17
Errors
220
Warnings
+0
Change

Category Scores

Security2
Repo100
Performance100
Maintainability51

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

237 findings

Maintainability

211

14 issue groups

Security

26

7 issue groups

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.106
Category
Maintainability
Occurrences
106
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().76
Category
Maintainability
Occurrences
76
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable {$id_placeholders} at "SELECT ID FROM {$wpdb->posts} WHERE ID IN ({$id_placeholders}) AND post_type = 'attachment'"7
Category
Security
Occurrences
7
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable {$id_placeholders} at "SELECT ID FROM {$wpdb->posts} WHERE ID IN ({$id_placeholders}) AND post_type = 'attachment'"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared
WARNINGMaintainabilityslow db query meta keyDetected usage of meta_key, possible slow query.7
Category
Maintainability
Occurrences
7
Severity
warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key
ERRORSecurityDatabase parameter is not escapedUnescaped parameter $invalid_lookup_product_sql used in $wpdb->get_results()\n$invalid_lookup_product_sql assigned unsafely at line 443.5
Category
Security
Occurrences
5
Severity
error

Sample message

Unescaped parameter $invalid_lookup_product_sql used in $wpdb->get_results()\n$invalid_lookup_product_sql assigned unsafely at line 443.

PluginCheck.Security.DirectDB.UnescapedDBParameter
WARNINGMaintainabilityDiscouraged PHP functionThe use of function ini_set() is discouraged4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

The use of function ini_set() is discouraged

Squiz.PHP.DiscouragedFunctions.Discouraged
WARNINGMaintainabilityslow db query meta valueDetected usage of meta_value, possible slow query.4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Detected usage of meta_value, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_value
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.4
Category
Security
Occurrences
4
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGMaintainabilityNon-prefixed classClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "FFLCockpit_Sync_Endpoint".3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "FFLCockpit_Sync_Endpoint".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['g_ffl_cockpit_product_search_allow_users']3
Category
Security
Occurrences
3
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['g_ffl_cockpit_product_search_allow_users']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
Show 11 more
WARNINGSecurityRequest data is not unslashed3
Category
Security
Occurrences
3
Severity
warning

Sample message

$_POST['g_ffl_cockpit_product_search_allow_users'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilityrename rename3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

rename() is discouraged. Use WP_Filesystem::move() to rename a file.

WordPress.WP.AlternativeFunctions.rename_rename
WARNINGSecurityUnfinished Prepare2
Category
Security
Occurrences
2
Severity
warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare
ERRORSecurityOutput is not escaped2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$buf'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORMaintainabilityMissing direct file access protection2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
WARNINGMaintainabilityNon-prefixed constant1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "FFLC_PATH".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound
ERRORMaintainabilityfile system operations fclose1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

WordPress.WP.AlternativeFunctions.file_system_operations_fclose
ERRORMaintainabilityfile system operations fopen1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WordPress.WP.AlternativeFunctions.file_system_operations_fopen
ERRORMaintainabilityfile system operations fread1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().

WordPress.WP.AlternativeFunctions.file_system_operations_fread
ERRORMaintainabilityunlink unlink1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink
ERRORMaintainabilitywp function not compatible with requires wp1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Function "str_ends_with()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 5.0.0.

wp_function_not_compatible_with_requires_wpReference

External Connections

Potential connections found in static code analysis.

12 domains

Outbound calls

51

External assets

0

Incoming endpoints

23

Notable Domains

ffl-api.garidium.com13 · outbound
tiny.cloud8 · outbound
garidium.com2 · outbound
getbootstrap.com2 · outbound
cdnjs.cloudflare.com1 · outbound
mobius.ovh1 · outbound

Platform / Reference Domains

w3.org13 · platform/reference
github.com6 · platform/reference
schema.org2 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

/wp-json/fflcockpit/v1/ai-helpdeskREST

register_rest_route

/wp-json/fflcockpit/v1/ai-helpdesk-pollREST

register_rest_route

/wp-json/fflcockpit/v1/ai-knowledgeREST

register_rest_route

/wp-json/fflcockpit/v1/cartREST

register_rest_route

/wp-json/fflcockpit/v1/cart/addREST

register_rest_route

/wp-json/fflcockpit/v1/cart/checkoutREST

register_rest_route

Score History

First score snapshot

v2.0.25

36

Latest

Findings
237
Errors
17
Warnings
220
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

36 nodes

Related Plugins

Bob Go smart shipping solution for WooCommerce

1k+ active installs

99
eCommerce Shipping Dashboard by UPS for WooCommerce

1k+ active installs

81
Envíos Coordinadora Woocommerce (Oficial) – WordPress plugin

600 active installs

68
Ultimate WooCommerce Brands

500 active installs

50
g-FFL Checkout

600 active installs

31
Advanced Shipment Tracking for WooCommerce

60k+ active installs

24