Kwayy HTML Sitemap

Kwayy HTML Sitemap will generate HTML (not XML) sitemap for your sitemap page. The plugin will show Page, Posts and also Custom Post Types.

v4.0Bimal RekhadiyaUpdated 4 years agoAdded 14 years ago6k+ installs94% rating

html sitemap

Score

Errors

Warnings

Change

Category Scores

Security28

Repo94

Performance100

Maintainability82

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

32 findings

Security

6 issue groups

Maintainability

9 issue groups

I18n

1 issue group

Repo Compliance

1 issue group

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$kwayyhs_exclude'.3

Category: Security
Occurrences: 3
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$kwayyhs_exclude'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['kwayyhs-exclude']. Check that the array index exists before using it.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['kwayyhs-exclude']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityRequest data is not unslashed$_POST['kwayyhs-exclude'] not unslashed before sanitization. Use wp_unslash() or similar3

Category: Security
Occurrences: 3
Severity: warning

Sample message

$_POST['kwayyhs-exclude'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORMaintainabilityOffloaded ContentOffloading images, js, css, and other scripts to your servers or any remote service is disallowed.2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.

PluginCheck.CodeAnalysis.Offloading.OffloadedContent

WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "shortcode_kwayy_sitemap".2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "shortcode_kwayy_sitemap".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

ERRORMaintainabilityNon Enqueued ScriptScripts must be registered/enqueued via wp_enqueue_script()2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WordPress.WP.EnqueuedResources.NonEnqueuedScript

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.1

Category: Security
Occurrences: 1
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.1

Category: Security
Occurrences: 1
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

Show 7 more

WARNINGMaintainabilityDiscouraged PHP function1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

wp_reset_query() is discouraged. Use wp_reset_postdata() instead.

WordPress.WP.DiscouragedFunctions.wp_reset_query_wp_reset_query

WARNINGMaintainabilityNot In Footer1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter

ERRORI18nMissing Arg Domain1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Missing $domain parameter in function call to _e().

WordPress.WP.I18n.MissingArgDomain Reference

ERRORMaintainabilityinvalid plugin name1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Plugin name header in your readme is missing or invalid. Please update your readme with a valid plugin name header. Eg: "=== Example Name ==="

invalid_plugin_name Reference

ERRORMaintainabilityMissing direct file access protection1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORMaintainabilityno stable tag1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Invalid or missing Stable Tag. Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.

no_stable_tag Reference

ERRORRepo Complianceoutdated tested upto header1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 3.5 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

External Connections

Not analyzed yet.

Score History

First score snapshot

3 days ago

v4.0

Latest

Findings: 32
Errors: 13
Warnings: 19
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
3 days agoLatest	56	32	13	19	v4.0	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

26 nodes

Loading map

PluginAuthorCategoryIssueRelated

Relationship links

Issue

Related Plugins

Code Embed

10k+ active installs

100

Allow HTML in Category Descriptions

8k+ active installs

Disable WP Sitemaps

10k+ active installs

Minify HTML

10k+ active installs

HTML Page Sitemap (Block and Shortcode)

10k+ active installs

Surbma | Yoast SEO Sitemap to robots.txt

2k+ active installs