Run updates, backups, security and reporting across all client sites from your own server. Keep data private and prove your value with branded reports …
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
203
15 issue groups
Security
177
7 issue groups
Performance
29
1 issue group
I18n
1
1 issue group
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $ids_in at WHERE l.log_id IN ($ids_in)"130
- Category
- Security
- Occurrences
- 130
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $ids_in at WHERE l.log_id IN ($ids_in)"
ERRORMaintainabilitywp function not compatible with requires wpFunction "utf8_decode()" requires WordPress 6.9.0, but your plugin minimum supported version is WordPress 6.2.0.80
- Category
- Maintainability
- Occurrences
- 80
- Severity
- error
Sample message
Function "utf8_decode()" requires WordPress 6.9.0, but your plugin minimum supported version is WordPress 6.2.0.
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_mainwp_default_post_to_edit".64
- Category
- Maintainability
- Occurrences
- 64
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_mainwp_default_post_to_edit".
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "admin_post_thumbnail_size".37
- Category
- Maintainability
- Occurrences
- 37
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "admin_post_thumbnail_size".
WARNINGPerformancePost Not In excludeUsing exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.29
- Category
- Performance
- Occurrences
- 29
- Severity
- warning
Sample message
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.26
- Category
- Security
- Occurrences
- 26
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $batch_limit7
- Category
- Security
- Occurrences
- 7
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $batch_limit
WARNINGMaintainabilityDiscouraged PHP functionThe use of function ini_set() is discouraged4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
The use of function ini_set() is discouraged
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['dtsstart']4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['dtsstart']
Show 15 moreShow less
WARNINGSecurityRequest data is not unslashed4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
$_POST['dtsstart'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityNon-prefixed constant3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "DOING_CRON".
WARNINGMaintainabilitytrademarked term3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "MainWP Dashboard" - contains the restricted term "wp" which cannot be used at all in your plugin name.
WARNINGMaintainabilityupdate modification detected3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins
WARNINGSecurityInput is not validated2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['monitor_wpid']. Check that the array index exists before using it.
ERRORMaintainabilityrename rename2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rename() is discouraged. Use WP_Filesystem::move() to rename a file.
ERRORMaintainabilityForbidden PHP function found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
The use of function eval() is forbidden
WARNINGMaintainabilityDynamic hook name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter".
ERRORMaintainabilityfile system operations is writable1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
ERRORMaintainabilityunlink unlink1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
ERRORI18nNon Singular String Literal Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: $english_label
WARNINGMaintainabilitymismatched plugin name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Plugin name "MainWP Dashboard: Self-hosted WordPress Management for Agencies" is different from the name declared in plugin header "MainWP Dashboard".
ERRORMaintainabilityMissing direct file access protection1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilityplugin updater detected1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Plugin Updater detected. These are not permitted in WordPress.org hosted plugins. Detected: site_transient_update_plugins
WARNINGRepo Compliancereadme parser warnings trimmed section changelog1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
The "Changelog" section is too long and was truncated. A maximum of 5000 characters is supported.
External Connections
Potential connections found in static code analysis.
Outbound calls
275
External assets
0
Incoming endpoints
1
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Admin AJAX endpoints1
admin_post
Score History
2 score snapshots
v6.1.2
31
Latest
- Findings
- 412
- Errors
- 95
- Warnings
- 317
- Check
- 2.0.0
v6.1.1
31
Score
- Findings
- 412
- Errors
- 95
- Warnings
- 317
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 31 | 412 | 95 | 317 | v6.1.2 | 2.0.0 |
| 31 | 412 | 95 | 317 | v6.1.1 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Category
Issue
Domain
Related
Author
Category
Issue
Domain
Related
Related Plugins
1k+ active installs
10k+ active installs
1k+ active installs
6k+ active installs
1k+ active installs
3k+ active installs