Media File Renamer: Rename for better SEO (AI-Powered)

Rename filenames and media metadata for SEO and tidiness. Using AI, manually, in bulk, or in so many other ways!

v6.2.8Jordy MeowUpdated Added 40k+ installs92% rating
26
Score
154
Errors
170
Warnings
+0
Change

Category Scores

Security0
Repo100
Performance100
Maintainability5

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

324 findings

Maintainability

132

13 issue groups

Security

129

10 issue groups

I18n

30

2 issue groups

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.36
Category
Maintainability
Occurrences
36
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().34
Category
Maintainability
Occurrences
34
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $havingSql at $havingSql\n25
Category
Security
Occurrences
25
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $havingSql at $havingSql\n

ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: $this->domain23
Category
I18n
Occurrences
23
Severity
error

Sample message

The $domain parameter must be a single text string literal. Found: $this->domain

ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $ids_to_update17
Category
Security
Occurrences
17
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $ids_to_update

ERRORSecurityDatabase parameter is not escapedUnescaped parameter $id used in $wpdb->get_row()\n$id assigned unsafely at line 268.16
Category
Security
Occurrences
16
Severity
error

Sample message

Unescaped parameter $id used in $wpdb->get_row()\n$id assigned unsafely at line 268.

ERRORSecurityQuoted Simple PlaceholderSimple placeholders should not be quoted in the query string in $wpdb->prepare(). Found: '%d'.16
Category
Security
Occurrences
16
Severity
error

Sample message

Simple placeholders should not be quoted in the query string in $wpdb->prepare(). Found: '%d'.

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.13
Category
Security
Occurrences
13
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityNon-prefixed classClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "MeowKit_MFRH_Admin".12
Category
Maintainability
Occurrences
12
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "MeowKit_MFRH_Admin".

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.12
Category
Security
Occurrences
12
Severity
warning

Sample message

Processing form data without nonce verification.

Show 15 more
ERRORSecurityOutput is not escaped10
Category
Security
Occurrences
10
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$formattedString'.

ERRORMaintainabilityMissing direct file access protection9
Category
Maintainability
Occurrences
9
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGSecurityRequest data is not unslashed8
Category
Security
Occurrences
8
Severity
warning

Sample message

$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar

ERRORMaintainabilitydate date7
Category
Maintainability
Occurrences
7
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WARNINGSecurityInput is not sanitized7
Category
Security
Occurrences
7
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET["page"]

ERRORI18nText Domain Mismatch7
Category
I18n
Occurrences
7
Severity
error

Sample message

Mismatched text domain. Expected 'media-file-renamer' but got 'meowapps'.

ERRORSecurityException output is not escaped5
Category
Security
Occurrences
5
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

ERRORMaintainabilityfile system operations fwrite5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

ERRORMaintainabilityfile system operations is writable5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().

ERRORMaintainabilityrand mt rand5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

mt_rand() is discouraged. Use the far less predictable wp_rand() instead.

WARNINGMaintainabilityNon-prefixed global variable4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$clean_uninstall".

WARNINGMaintainabilityerror log error log4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

ERRORMaintainabilityfile system operations fclose4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

ERRORMaintainabilityfile system operations fopen4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

ERRORMaintainabilityrand rand3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

rand() is discouraged. Use the far less predictable wp_rand() instead.

External Connections

Potential connections found in static code analysis.

13 domains

Outbound calls

62

External assets

0

Incoming endpoints

0

Notable Domains

meowapps.com26 · outbound
meow.click2 · outbound
fb.me1 · outbound
jordymeow.com1 · outbound
offbeatjapan.org1 · outbound

Platform / Reference Domains

ps.w.org12 · platform/reference
wordpress.org11 · platform/reference
w3.org2 · platform/reference
github.com1 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

3 score snapshots

+0
1007550250Jun 20, 2026, 02:36 AM UTC Score 26/100 Plugin v6.2.6 Plugin Check 2.0.0 148 errors, 170 warningsJun 28, 2026, 12:24 PM UTC Score 26/100 Plugin v6.2.7 Plugin Check 2.0.0 151 errors, 170 warningsJun 30, 2026, 04:37 AM UTC Score 26/100 Plugin v6.2.8 Plugin Check 2.0.0 154 errors, 170 warningsJun 20, 2026Jun 30, 2026

v6.2.8

26

Latest

Findings
324
Errors
154
Warnings
170
Check
2.0.0

v6.2.7

26

Score

Findings
321
Errors
151
Warnings
170
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related Plugins

Export Media as ZIP

1k+ active installs

100
Export Media URLs

7k+ active installs

100
BEA – Sanitize Filename

1k+ active installs

99
Default Featured Image

60k+ active installs

99