Allow customers to request quotes, send product enquiries, and run WooCommerce in catalog mode by hiding prices and replacing the Add to Cart button.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
68
9 issue groups
Maintainability
19
10 issue groups
I18n
10
2 issue groups
Repo Compliance
1
1 issue group
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$gmwqp_arr['gmwqp_captcha_site_key']'.38
- Category
- Security
- Occurrences
- 38
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$gmwqp_arr['gmwqp_captcha_site_key']'.
WARNINGSecurityMissing Unslash$_POST['_ajax_nonce'] not unslashed before sanitization. Use wp_unslash() or similar11
- Category
- Security
- Occurrences
- 11
- Severity
- warning
Sample message
$_POST['_ajax_nonce'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORI18nText Domain MismatchMismatched text domain. Expected 'gm-woocommerce-quote-popup' but got 'gmwqp'.8
- Category
- I18n
- Occurrences
- 8
- Severity
- error
Sample message
Mismatched text domain. Expected 'gm-woocommerce-quote-popup' but got 'gmwqp'.
WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_POST['g-recaptcha-response']. Check that the array index exists before using it.7
- Category
- Security
- Occurrences
- 7
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['g-recaptcha-response']. Check that the array index exists before using it.
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['_ajax_nonce']6
- Category
- Security
- Occurrences
- 6
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['_ajax_nonce']
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityRecommendedProcessing form data without nonce verification.2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilityrand randrand() is discouraged. Use the far less predictable wp_rand() instead.2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rand() is discouraged. Use the far less predictable wp_rand() instead.
ERRORI18nNon Singular String Literal TextThe $text parameter must be a single text string literal. Found: $gmwqp_trasnlation_button_label2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: $gmwqp_trasnlation_button_label
Show 12 moreShow less
WARNINGSecurityUnescaped DBParameter1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Unescaped parameter $table_name used in $wpdb->get_results()\n$table_name assigned unsafely at line 31.
WARNINGSecurityInterpolated Not Prepared1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $table_name at "SELECT ID FROM $table_name where post_type='gmwqp_enquiry' "
WARNINGMaintainabilityslow db query meta query1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
ERRORSecurityUnsafe Printing Function1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
WARNINGSecuritywp redirect wp redirect1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
ERRORMaintainabilityfile system operations fclose1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityGet terms Param2Found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
The parameter "array(\n 'hide_empty' => false,\n )" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.
ERRORMaintainabilityNon Enqueued Script1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Scripts must be registered/enqueued via wp_enqueue_script()
ERRORMaintainabilityfive star reviews detected1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Linking directly to 5 stars reviews is not allowed.
ERRORRepo Complianceoutdated tested upto header1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
ERRORMaintainabilitystable tag mismatch1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Mismatched Stable Tag: 1.0.0 != 3.2. Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.
WARNINGMaintainabilitytrademarked term1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
The plugin slug includes a restricted term. Your plugin slug - "gm-woocommerce-quote-popup" - contains the restricted term "woocommerce" which cannot be used within in your plugin slug, unless your plugin slug contains one of the allowed patterns: "for woocommerce", "with woocommerce", "using woocommerce", or "and woocommerce". The term must still not appear anywhere else in your plugin slug.
Score History
First score snapshot
v3.2
40
Latest
- Findings
- 98
- Errors
- 57
- Warnings
- 41
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 40 | 98 | 57 | 41 | v3.2 | 2.0.0 |
Related Plugins
10k+ active installs
10k+ active installs
5k+ active installs