Horizontal scrolling announcements

Horizontal scrolling plugin lets scroll the content from one end to another end like reel. This plugin is using JQuery Marquee script for scrolling

v2.6gopiplusUpdated 2 days agoAdded 8 years ago8k+ installs64% rating

announcements scrolling

Score

215

Errors

140

Warnings

Change

Category Scores

Security0

Repo100

Performance100

Maintainability59

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

355 findings

Security

237

9 issue groups

Maintainability

109

10 issue groups

I18n

3 issue groups

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$am'.92

Category: Security
Occurrences: 92
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$am'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.80

Category: Security
Occurrences: 80
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$am".71

Category: Maintainability
Occurrences: 71
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$am".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityMissing Unslash$_GET['ac'] not unslashed before sanitization. Use wp_unslash() or similar28

Category: Security
Occurrences: 28
Severity: warning

Sample message

$_GET['ac'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORSecurityNot PreparedUse placeholders and $wpdb->prepare(); found $sSql12

Category: Security
Occurrences: 12
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $sSql

WordPress.DB.PreparedSQL.NotPrepared

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.9

Category: Maintainability
Occurrences: 9
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().9

Category: Maintainability
Occurrences: 9
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['ac']8

Category: Security
Occurrences: 8
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['ac']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.7

Category: Maintainability
Occurrences: 7
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

WARNINGSecurityRecommendedProcessing form data without nonce verification.7

Category: Security
Occurrences: 7
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

Show 12 more

ERRORI18nText Domain Mismatch6

Category: I18n
Occurrences: 6
Severity: error

Sample message

Mismatched text domain. Expected 'horizontal-scrolling-announcements' but got 'email-posts-to-subscribers'.

WordPress.WP.I18n.TextDomainMismatch Reference

WARNINGSecurityInput Not Validated5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['hsas_group_txt']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

ERRORMaintainabilitystrip tags strip tags5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags

ERRORSecurityUnescaped DBParameter4

Category: Security
Occurrences: 4
Severity: error

Sample message

Unescaped parameter $sSql used in $wpdb->get_results()\n$sSql assigned unsafely at line 27.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORMaintainabilitymissing direct file access protection3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORMaintainabilityNo Explicit Version2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_enqueue_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.

WordPress.WP.EnqueuedResourceParameters.NoExplicitVersion

ERRORI18nNon Singular String Literal Text2

Category: I18n
Occurrences: 2
Severity: error

Sample message

The $text parameter must be a single text string literal. Found: $errors[0]

WordPress.WP.I18n.NonSingularStringLiteralText Reference

WARNINGI18nload plugin textdomain Found1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

WARNINGMaintainabilitySchema Change1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

WARNINGSecuritywp redirect wp redirect1

Category: Security
Occurrences: 1
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

ERRORMaintainabilityrand mt rand1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

mt_rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_mt_rand

ERRORMaintainabilityrand rand1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_rand

Score History

First score snapshot

yesterday

v2.6

Latest

Findings: 355
Errors: 215
Warnings: 140
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	37	355	215	140	v2.6	2.0.0

Related Plugins

Smooth scrolling with Lenis

3k+ active installs

Preserve Editor Scroll Position

4k+ active installs

MouseWheel Smooth Scroll

100k+ active installs

Announcement & Notification Banner – Bulletin

2k+ active installs