HD Quiz

Create a Quiz. An easy-to-use feature rich plugin to create quizzes with quiz timer, pagination, hints, advanced marking, and leading help and support

v2.2.1Harmonic DesignUpdated 4 days agoAdded 11 years ago7k+ installs98% rating100% support resolved

exam quiz quiz maker quizzes

Score

252

Errors

Warnings

Change

Category Scores

Security0

Repo100

Performance96

Maintainability72

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

333 findings

Security

281

7 issue groups

Maintainability

8 issue groups

I18n

4 issue groups

Performance

1 issue group

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$activeClass'.205

Category: Security
Occurrences: 205
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$activeClass'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.36

Category: Security
Occurrences: 36
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;26

Category: Maintainability
Occurrences: 26
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.10

Category: Security
Occurrences: 10
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGSecurityRequest data is not unslashed$_POST['hdq_tools_nonce'] not unslashed before sanitization. Use wp_unslash() or similar9

Category: Security
Occurrences: 9
Severity: warning

Sample message

$_POST['hdq_tools_nonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_FILES['hdq_csv_file_upload']8

Category: Security
Occurrences: 8
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_FILES['hdq_csv_file_upload']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.7

Category: Security
Occurrences: 7
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST["data"]. Check that the array index exists before using it.6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST["data"]. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGMaintainabilityslow db query tax queryDetected usage of tax_query, possible slow query.5

Category: Maintainability
Occurrences: 5
Severity: warning

Sample message

Detected usage of tax_query, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_tax_query

ERRORI18nText Domain MismatchMismatched text domain. Expected 'hd-quiz' but got 'text_domain'.5

Category: I18n
Occurrences: 5
Severity: error

Sample message

Mismatched text domain. Expected 'hd-quiz' but got 'text_domain'.

WordPress.WP.I18n.TextDomainMismatch Reference

Show 10 more

WARNINGMaintainabilityNot In Footer4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter

ERRORI18nMissing Arg Domain3

Category: I18n
Occurrences: 3
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

WARNINGMaintainabilityNo PHP code found2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.

Internal.NoCodeFound

ERRORMaintainabilityForbidden PHP function found1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

The use of function move_uploaded_file() is forbidden

Generic.PHP.ForbiddenFunctions.Found

WARNINGI18nDiscouraged text-domain loading1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

ERRORMaintainabilitydate date1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

ERRORMaintainabilityparse url parse url1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url

ERRORMaintainabilityDeprecated parameter: get_terms parameter 21

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

The parameter "$args" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.

WordPress.WP.DeprecatedParameters.Get_termsParam2Found

ERRORI18nNon Singular String Literal Text1

Category: I18n
Occurrences: 1
Severity: error

Sample message

The $text parameter must be a single text string literal. Found: $setting

WordPress.WP.I18n.NonSingularStringLiteralText Reference

ERRORPerformanceSuppress Filters suppress filters1

Category: Performance
Occurrences: 1
Severity: error

Sample message

Setting `suppress_filters` to `true` is prohibited.

WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters

Score History

First score snapshot

yesterday

v2.2.1

Latest

Findings: 333
Errors: 252
Warnings: 81
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	39	333	252	81	v2.2.1	2.0.0

2k+ active installs

SurveyX Builder – Easy Feedback, Poll, Quiz & Survey

2k+ active installs

Interact: Embed A Quiz On Your Site

3k+ active installs

Woorise – Landing Pages, Forms & Surveys

1k+ active installs

LifterLMS Labs

2k+ active installs

ARI Stream Quiz – WordPress Quizzes Builder

2k+ active installs

HD Quiz

Category Scores

Issues to Review

Score History

Related Plugins