Logo Slider: The best responsive plugin for Logo Showcase, Logo Carousel, and displaying clients' logos. Includes shortcode generator with preview!
Category Scores
Top Issues by Category
i18n669
maintainability200
security199
Issues Details
1,102 issues found in latest scan
Mismatched text domain. Expected 'gs-logo-slider' but got 'gscs'.
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'GS_Plugins/Force_Enqueue_Assets/' . $this->get_assets_key()".
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$cats'.
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_image_size".
Processing form data without nonce verification.
$_GET[$paged_var] not unslashed before sanitization. Use wp_unslash() or similar
Detected usage of a non-sanitized input variable: $_FILES['import_file']
Function "add_term_meta()" requires WordPress 4.4.0, but your plugin minimum supported version is WordPress 4.3.0.
Detected usage of a possibly undefined superglobal array index: $_FILES['import_file']. Check that the array index exists before using it.
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Use placeholders and $wpdb->prepare(); found interpolated variable $column at "ALTER TABLE `$table` ADD INDEX `{$column}_idx` (`$column`)"
Processing form data without nonce verification.
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$handler . '--script'".
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "GSL_MENU_POSITION".
Detected usage of meta_key, possible slow query.
Unescaped parameter $column used in $wpdb->query()\n$column assigned unsafely at line 68.
Replacement variables found, but no valid placeholders found in the query.
Detected usage of meta_value, possible slow query.
Detected usage of tax_query, possible slow query.
unlink() is discouraged. Use wp_delete_file() to delete a file.
| Code | Type | Message | Count |
|---|---|---|---|
| WordPress.WP.I18n.TextDomainMismatch | ERROR | Mismatched text domain. Expected 'gs-logo-slider' but got 'gscs'. | 480 |
| WordPress.WP.I18n.MissingArgDomain | ERROR | Missing $domain parameter in function call to __(). | 107 |
| WordPress.WP.I18n.MissingTranslatorsComment | ERROR | A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. | 82 |
| WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | WARNING | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'GS_Plugins/Force_Enqueue_Assets/' . $this->get_assets_key()". | 45 |
| WordPress.Security.EscapeOutput.OutputNotEscaped | ERROR | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$cats'. | 45 |
| WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound | WARNING | Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_image_size". | 35 |
| WordPress.Security.NonceVerification.Recommended | WARNING | Processing form data without nonce verification. | 32 |
| WordPress.DB.DirectDatabaseQuery.DirectQuery | WARNING | Use of a direct database call is discouraged. | 28 |
| WordPress.Security.ValidatedSanitizedInput.MissingUnslash | WARNING | $_GET[$paged_var] not unslashed before sanitization. Use wp_unslash() or similar | 28 |
| WordPress.Security.ValidatedSanitizedInput.InputNotSanitized | WARNING | Detected usage of a non-sanitized input variable: $_FILES['import_file'] | 26 |
| wp_function_not_compatible_with_requires_wp | ERROR | Function "add_term_meta()" requires WordPress 4.4.0, but your plugin minimum supported version is WordPress 4.3.0. | 26 |
| WordPress.Security.ValidatedSanitizedInput.InputNotValidated | WARNING | Detected usage of a possibly undefined superglobal array index: $_FILES['import_file']. Check that the array index exists before using it. | 20 |
| WordPress.DB.DirectDatabaseQuery.NoCaching | WARNING | Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete(). | 19 |
| WordPress.Security.EscapeOutput.UnsafePrintingFunction | ERROR | All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. | 16 |
| missing_direct_file_access_protection | ERROR | PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit; | 14 |
| WordPress.DB.PreparedSQL.InterpolatedNotPrepared | WARNING | Use placeholders and $wpdb->prepare(); found interpolated variable $column at "ALTER TABLE `$table` ADD INDEX `{$column}_idx` (`$column`)" | 12 |
| WordPress.Security.NonceVerification.Missing | WARNING | Processing form data without nonce verification. | 12 |
| WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound | WARNING | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$handler . '--script'". | 9 |
| WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound | WARNING | Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "GSL_MENU_POSITION". | 7 |
| WordPress.DB.SlowDBQuery.slow_db_query_meta_key | WARNING | Detected usage of meta_key, possible slow query. | 5 |
| PluginCheck.Security.DirectDB.UnescapedDBParameter | ERROR | Unescaped parameter $column used in $wpdb->query()\n$column assigned unsafely at line 68. | 4 |
| WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare | WARNING | Replacement variables found, but no valid placeholders found in the query. | 4 |
| WordPress.DB.SlowDBQuery.slow_db_query_meta_value | WARNING | Detected usage of meta_value, possible slow query. | 4 |
| WordPress.DB.SlowDBQuery.slow_db_query_tax_query | WARNING | Detected usage of tax_query, possible slow query. | 4 |
| WordPress.WP.AlternativeFunctions.unlink_unlink | ERROR | unlink() is discouraged. Use wp_delete_file() to delete a file. | 4 |
Latest Snapshot
Findings
1,102
Errors
789
Warnings
313
Score History
First score snapshot
First scan completed
v3.8.4 · Plugin Check 2.0.0 · Model 2026.06-mvp-static-v2
v3.8.4
25
Latest
- Findings
- 1,102
- Errors
- 789
- Warnings
- 313
- Plugin Check
- 2.0.0
- Model
- 2026.06-mvp-static-v2
| Scan | Score | Findings | Errors | Warnings | Plugin | Plugin Check | Model |
|---|---|---|---|---|---|---|---|
| Latest | 25 | 1,102 | 789 | 313 | v3.8.4 | 2.0.0 | 2026.06-mvp-static-v2 |
