Email marketing and newsletter plugin for WordPress. Create email campaigns, grow subscribers, automate emails, and customize WooCommerce emails.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
2,286
9 issue groups
Security
2,082
13 issue groups
I18n
176
3 issue groups
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.1,114
- Category
- Maintainability
- Occurrences
- 1,114
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().992
- Category
- Maintainability
- Occurrences
- 992
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $batch_placeholders at WHERE batch_id IN ($batch_placeholders)\n895
- Category
- Security
- Occurrences
- 895
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $batch_placeholders at WHERE batch_id IN ($batch_placeholders)\n
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $abTestsTable used in $wpdb->get_col()\n$abTestsTable assigned unsafely at line 4381.481
- Category
- Security
- Occurrences
- 481
- Severity
- warning
Sample message
Unescaped parameter $abTestsTable used in $wpdb->get_col()\n$abTestsTable assigned unsafely at line 4381.
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $abTestQuery237
- Category
- Security
- Occurrences
- 237
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $abTestQuery
ERRORSecurityDatabase parameter is not escapedUnescaped parameter $abTestQuery used in $wpdb->get_results()\n$abTestQuery assigned unsafely at line 508.182
- Category
- Security
- Occurrences
- 182
- Severity
- error
Sample message
Unescaped parameter $abTestQuery used in $wpdb->get_results()\n$abTestQuery assigned unsafely at line 508.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.87
- Category
- Security
- Occurrences
- 87
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.84
- Category
- I18n
- Occurrences
- 84
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGSecurityUnfinished PrepareReplacement variables found, but no valid placeholders found in the query.75
- Category
- Security
- Occurrences
- 75
- Severity
- warning
Sample message
Replacement variables found, but no valid placeholders found in the query.
ERRORI18nInterpolated Variable TextThe $text parameter must not contain interpolated variables or expressions. Found: {$childFK['child_table']}66
- Category
- I18n
- Occurrences
- 66
- Severity
- error
Sample message
The $text parameter must not contain interpolated variables or expressions. Found: {$childFK['child_table']}
Show 15 moreShow less
WARNINGMaintainabilityNon-prefixed global variable56
- Category
- Maintainability
- Occurrences
- 56
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$accessToken".
ERRORMaintainabilityMissing direct file access protection38
- Category
- Maintainability
- Occurrences
- 38
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGSecurityRequest data is not unslashed35
- Category
- Security
- Occurrences
- 35
- Severity
- warning
Sample message
$_COOKIE['mailerpress_lock_data'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilitydate date28
- Category
- Maintainability
- Occurrences
- 28
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
WARNINGSecurityInput is not sanitized28
- Category
- Security
- Occurrences
- 28
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_COOKIE['mailerpress_lock_data']
WARNINGMaintainabilitySchema Change27
- Category
- Maintainability
- Occurrences
- 27
- Severity
- warning
Sample message
Attempting a database schema change is discouraged.
ERRORI18nUnordered Placeholders Text26
- Category
- I18n
- Occurrences
- 26
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$d", but got "%d, %d" in 'Reset %d stuck chunks and scheduled %d chunks for processing'.
ERRORSecurityOutput is not escaped23
- Category
- Security
- Occurrences
- 23
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Operation: {$op['type']} on {$op['manager']->getTableName()}\n"'.
WARNINGMaintainabilityNon-prefixed hook name13
- Category
- Maintainability
- Occurrences
- 13
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".
ERRORSecurityLike Wildcards In Query12
- Category
- Security
- Occurrences
- 12
- Severity
- error
Sample message
SQL wildcards for a LIKE query should be passed in through a replacement parameter. Found: LIKE '%%\"customer_email\"%%'.
ERRORSecurityException output is not escaped10
- Category
- Security
- Occurrences
- 10
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Cannot create table {$this->tableName}: no columns defined"'.
ERRORMaintainabilityPlugin Directory Write9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- error
Sample message
Plugin folders are deleted when upgraded. Do not save data to the plugin folder using file_put_contents(). Detected usage of constant PLUGINDIR. Use wp_upload_dir() to get the uploads directory path or save to the database instead.
WARNINGSecurityReplacements Wrong Number9
- Category
- Security
- Occurrences
- 9
- Severity
- warning
Sample message
Incorrect number of replacements passed to $wpdb->prepare(). Found 1 replacement parameters, expected 2.
ERRORMaintainabilityunlink unlink9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- error
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
ERRORSecurityUnsafe printing function8
- Category
- Security
- Occurrences
- 8
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
External Connections
Potential connections found in static code analysis.
Outbound calls
300
External assets
0
Incoming endpoints
0
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Score History
First score snapshot
v2.0.5
24
Latest
- Findings
- 4,625
- Errors
- 772
- Warnings
- 3,853
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 24 | 4,625 | 772 | 3,853 | v2.0.5 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Category
Issue
Domain
Related
Author
Category
Issue
Domain
Related
Related Plugins
2k+ active installs
500 active installs
4k+ active installs
400 active installs
500 active installs
600 active installs