๐ A powerful and dynamic WordPress popup toolkit to grow your email list, retain customers, and boost conversions.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
292
12 issue groups
Security
19
4 issue groups
Performance
3
2 issue groups
I18n
1
1 issue group
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_wp_current_template_content".79
- Category
- Maintainability
- Occurrences
- 79
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_wp_current_template_content".
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;65
- Category
- Maintainability
- Occurrences
- 65
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilityDynamic hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter".64
- Category
- Maintainability
- Occurrences
- 64
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter".
ERRORMaintainabilityblock api version too lowEditor blocks must define "apiVersion" 3 or higher in block.json for WordPress 7.0+ iframe editor compatibility.30
- Category
- Maintainability
- Occurrences
- 30
- Severity
- error
Sample message
Editor blocks must define "apiVersion" 3 or higher in block.json for WordPress 7.0+ iframe editor compatibility.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.18
- Category
- Maintainability
- Occurrences
- 18
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().17
- Category
- Maintainability
- Occurrences
- 17
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $promo_subscriber_list_table used in $wpdb->get_row()\n$promo_subscriber_list_table assigned unsafely at line 92.14
- Category
- Security
- Occurrences
- 14
- Severity
- warning
Sample message
Unescaped parameter $promo_subscriber_list_table used in $wpdb->get_row()\n$promo_subscriber_list_table assigned unsafely at line 92.
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "block_editor_settings_all".10
- Category
- Maintainability
- Occurrences
- 10
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "block_editor_settings_all".
WARNINGMaintainabilityslow db query tax queryDetected usage of tax_query, possible slow query.4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of tax_query, possible slow query.
WARNINGMaintainabilityslow db query meta queryDetected usage of meta_query, possible slow query.2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
Show 9 moreShow less
ERRORSecurityOutput is not escaped2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$html'.
WARNINGSecurityNonce verification recommended2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGPerformancePost Not In exclude2
- Category
- Performance
- Occurrences
- 2
- Severity
- warning
Sample message
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WARNINGMaintainabilityslow db query meta key1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_key, possible slow query.
WARNINGMaintainabilityslow db query meta value1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_value, possible slow query.
WARNINGMaintainabilityNon-prefixed function1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "iconvert_flash_messages_show".
WARNINGSecurityInput is not sanitized1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['search-campaign']
ERRORI18nText Domain Mismatch1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Mismatched text domain. Expected 'iconvert-promoter' but got 'kubio'.
WARNINGPerformancePost Not In post not in1
- Category
- Performance
- Occurrences
- 1
- Severity
- warning
Sample message
Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
Score History
First score snapshot
v1.1.1
57
Latest
- Findings
- 315
- Errors
- 98
- Warnings
- 217
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 57 | 315 | 98 | 217 | v1.1.1 | 2.0.0 |
Related Plugins
3k+ active installs
2k+ active installs
4k+ active installs
10k+ active installs
60k+ active installs
1k+ active installs