Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
1,214
12 issue groups
Security
715
12 issue groups
I18n
19
1 issue group
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.561
- Category
- Maintainability
- Occurrences
- 561
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.546
- Category
- Maintainability
- Occurrences
- 546
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.305
- Category
- Security
- Occurrences
- 305
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityRequest data is not unslashed$_GET['paged'] not unslashed before sanitization. Use wp_unslash() or similar125
- Category
- Security
- Occurrences
- 125
- Severity
- warning
Sample message
$_GET['paged'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['paged']120
- Category
- Security
- Occurrences
- 120
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['paged']
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['click5_history_log_nonce']. Check that the array index exists before using it.48
- Category
- Security
- Occurrences
- 48
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['click5_history_log_nonce']. Check that the array index exists before using it.
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$JETPACK_MODULE_NAMES".47
- Category
- Maintainability
- Occurrences
- 47
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$JETPACK_MODULE_NAMES".
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.37
- Category
- Security
- Occurrences
- 37
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$AdImageURL'.30
- Category
- Security
- Occurrences
- 30
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$AdImageURL'.
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $ids24
- Category
- Security
- Occurrences
- 24
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $ids
Show 15 moreShow less
ERRORI18nText Domain Mismatch19
- Category
- I18n
- Occurrences
- 19
- Severity
- error
Sample message
Mismatched text domain. Expected 'history-log-by-click5' but got 'c5_history'.
WARNINGMaintainabilityNo Caching17
- Category
- Maintainability
- Occurrences
- 17
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORSecurityDatabase parameter is not escaped12
- Category
- Security
- Occurrences
- 12
- Severity
- error
Sample message
Unescaped parameter $q used in $wpdb->get_results()\n$q assigned unsafely at line 4871.
WARNINGMaintainabilityNon-prefixed hook name7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "c5_history_records_per_page".
ERRORMaintainabilityMissing direct file access protection7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilitywp function not compatible with requires wp7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
Function "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 5.3.0.
ERRORMaintainabilityNot Allowed6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead
ERRORSecurityUnsafe printing function6
- Category
- Security
- Occurrences
- 6
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
ERRORMaintainabilityparse url parse url6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
WARNINGMaintainabilityNon-prefixed function4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "c5_history_log_rest_callback".
WARNINGSecurityDatabase parameter is not escaped3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Unescaped parameter $table_name used in $wpdb->get_results()\n$table_name assigned unsafely at line 1030.
ERRORSecurityQuoted Simple Placeholder3
- Category
- Security
- Occurrences
- 3
- Severity
- error
Sample message
Simple placeholders should not be quoted in the query string in $wpdb->prepare(). Found: "%s".
WARNINGMaintainabilityNon-prefixed constant3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "BROWSER".
ERRORMaintainabilityfive star reviews detected3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Linking directly to 5 stars reviews is not allowed.
WARNINGSecurityInterpolated SQL is not prepared2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $tab_name at "SELECT * FROM $tab_name"
External Connections
Potential connections found in static code analysis.
Outbound calls
19
External assets
6
Incoming endpoints
25
Notable Domains
Platform / Reference Domains
External Asset Domains
Incoming Endpoints
register_rest_route
register_rest_route
register_rest_route
Admin AJAX endpoints21
wp_ajax
admin_post
admin_post
admin_post
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
wp_ajax
9 more hidden
Score History
First score snapshot
v1.0.13
22
Latest
- Findings
- 1,965
- Errors
- 675
- Warnings
- 1,290
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 22 | 1,965 | 675 | 1,290 | v1.0.13 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
3k+ active installs
10k+ active installs
1k+ active installs
9k+ active installs
20k+ active installs