Boost your gamification marketing & reward your users with points, achievements, badges & ranks to increase your site activity & loyalty!
Prioritized issue groups from the latest Plugin Check scan
Security
2,886
11 issue groups
I18n
1,689
4 issue groups
Maintainability
1,531
9 issue groups
Performance
22
1 issue group
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"$title</label>\n"'.
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $id_list at "SELECT {$primary_key}, meta_key, meta_value FROM {$meta_table_name} WHERE {$primary_key} IN ($id_list) ORDER BY {$meta_primary_key} ASC"
Sample message
Use of a direct database call is discouraged.
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Sample message
Mismatched text domain. Expected 'gamipress' but got 'cmb2'.
Sample message
$_GET[$field_id] not unslashed before sanitization. Use wp_unslash() or similar
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$$last_points_key".
Sample message
Missing $domain parameter in function call to __().
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'add_meta_boxes_' . self::$props[ $this->id ]['hook']".
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$d", but got "%d, %d" in '%d of %d times earned'.
Sample message
Unescaped parameter $boards used in $wpdb->get_results()\n$boards assigned unsafely at line 30.
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Sample message
Detected usage of a non-sanitized input variable: $_FILES['file']['tmp_name']
Sample message
Processing form data without nonce verification.
Sample message
Processing form data without nonce verification.
Sample message
All output should be run through an escaping function (like echo esc_html_x() or echo esc_attr_x()), found '_ex'.
Sample message
Unescaped parameter $appointment_id used in $wpdb->get_var()\n$appointment_id used without escaping.
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "CT_Ajax_List_Table".
Sample message
Use placeholders and $wpdb->prepare(); found !
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Sample message
Detected usage of a possibly undefined superglobal array index: $_FILES['file']['tmp_name']. Check that the array index exists before using it.
Sample message
Function "apply_filters_deprecated()" requires WordPress 4.6.0, but your plugin minimum supported version is WordPress 4.4.0.
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "CMB_EDD_SL_Plugin_Updater".
Sample message
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
Potential connections found in static code analysis.
Outbound calls
300
External assets
0
Incoming endpoints
0
No external asset domains detected.
No public endpoints detected.
3 score snapshots
v7.9.5
23
Latest
v7.9.4
23
Score
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 23 | 6,365 | 3,621 | 2,744 | v7.9.5 | 2.0.0 |
| 23 | 6,393 | 3,621 | 2,772 | v7.9.4 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.