WP Gravity Forms Constant Contact Plugin

gravity forms constant contact addon Requires at least: 3.8 Tested up to: 7.0 Stable tag: 1.1.3 Version: 1.1.3 Requires PHP: 5.

v1.1.3CRM PerksUpdated Added 600 installs0% rating
31
Score
684
Errors
164
Warnings
+0
Change

Category Scores

Security0
Repo80
Performance100
Maintainability45

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

848 findings

I18n

507

3 issue groups

Security

252

11 issue groups

Maintainability

83

11 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'gf-constant-contact' but got '%dd%'.452
Category
I18n
Occurrences
452
Severity
error

Sample message

Mismatched text domain. Expected 'gf-constant-contact' but got '%dd%'.

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"' $sel >"'.118
Category
Security
Occurrences
118
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"' $sel >"'.

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.53
Category
Security
Occurrences
53
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.33
Category
I18n
Occurrences
33
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.27
Category
Maintainability
Occurrences
27
Severity
warning

Sample message

Use of a direct database call is discouraged.

ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $id25
Category
Security
Occurrences
25
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $id

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().24
Category
Maintainability
Occurrences
24
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORI18nUnordered Placeholders TextMultiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in '%sUpdate from Constant Contact %s Field Choices will not be updated live from Constant Contact and are editable in Gravity Forms. If you make an edit in Constant Contact, it will not be updated in your form.'.22
Category
I18n
Occurrences
22
Severity
error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in '%sUpdate from Constant Contact %s Field Choices will not be updated live from Constant Contact and are editable in Gravity Forms. If you make an edit in Constant Contact, it will not be updated in your form.'.

ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.14
Category
Maintainability
Occurrences
14
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WARNINGSecurityRequest data is not unslashed$_GET['tab'] not unslashed before sanitization. Use wp_unslash() or similar11
Category
Security
Occurrences
11
Severity
warning

Sample message

$_GET['tab'] not unslashed before sanitization. Use wp_unslash() or similar

Show 15 more
ERRORSecurityDatabase parameter is not escaped10
Category
Security
Occurrences
10
Severity
error

Sample message

Unescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 106.

WARNINGSecurityInput is not sanitized10
Category
Security
Occurrences
10
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['crm']

WARNINGSecurityDatabase parameter is not escaped9
Category
Security
Occurrences
9
Severity
warning

Sample message

Unescaped parameter $table used in $wpdb->get_results()\n$table assigned unsafely at line 372.

WARNINGMaintainabilityerror log print r7
Category
Maintainability
Occurrences
7
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

WARNINGSecurityInterpolated SQL is not prepared5
Category
Security
Occurrences
5
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $active_clause at "SELECT * FROM $table_name WHERE form_id=%d $active_clause ORDER BY sort"

WARNINGSecurityMissing nonce verification5
Category
Security
Occurrences
5
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityInput is not validated4
Category
Security
Occurrences
4
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_REQUEST['VXGConstant ContactError']. Check that the array index exists before using it.

WARNINGMaintainabilitySchema Change3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Attempting a database schema change is discouraged.

WARNINGSecuritywp redirect wp redirect2
Category
Security
Occurrences
2
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

ERRORMaintainabilityNon Enqueued Script2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WARNINGMaintainabilitytrademarked term2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "WP Gravity Forms Constant Contact Plugin" - contains the restricted term "plugin" which cannot be used at all in your plugin name.

ERRORMaintainabilityfile system operations fclose1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

ERRORMaintainabilitystrip tags strip tags1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

ERRORMaintainabilityNon Enqueued Stylesheet1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Stylesheets must be registered/enqueued via wp_enqueue_style()

ERRORMaintainabilityfive star reviews detected1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Linking directly to 5 stars reviews is not allowed.

External Connections

Potential connections found in static code analysis.

9 domains

Outbound calls

16

External assets

0

Incoming endpoints

10

Notable Domains

crmperks.com6 · outbound
gravityforms.com2 · outbound
api.cc.email1 · outbound
ccontact.com1 · outbound

Platform / Reference Domains

github.com1 · platform/reference
w3.org1 · platform/reference
wordpress.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints10
wp_ajax_get_field_map_authenticated

wp_ajax

wp_ajax_get_field_map_object_authenticated

wp_ajax

wp_ajax_get_objects_authenticated

wp_ajax

wp_ajax_log_detail_authenticated

wp_ajax

wp_ajax_object_area_authenticated

wp_ajax

wp_ajax_object_picklist_authenticated

wp_ajax

wp_ajax_refresh_data_authenticated

wp_ajax

wp_ajax_update_feed_authenticated

wp_ajax

wp_ajax_update_feed_sort_authenticated

wp_ajax

wp_ajax_vxg_constant_review_dismissauthenticated

wp_ajax

Score History

First score snapshot

v1.1.3

31

Latest

Findings
848
Errors
684
Warnings
164
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

34 nodes

Related Plugins

Disable Gravity Forms Fields

600 active installs

99
99
GF No Duplicates

600 active installs

98