Adds any number of extra Post types, besides Post and Page, for the WordPess Admin. Also allows for special editing rights for specific User roles for …
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
I18n
146
5 issue groups
Maintainability
139
13 issue groups
Security
136
7 issue groups
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a".119
- Category
- Maintainability
- Occurrences
- 119
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a".
ERRORI18nText Domain MismatchMismatched text domain. Expected 'more-types' but got 'more-plugins'.116
- Category
- I18n
- Occurrences
- 116
- Severity
- error
Sample message
Mismatched text domain. Expected 'more-types' but got 'more-plugins'.
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<code>$dir</code>"'.59
- Category
- Security
- Occurrences
- 59
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<code>$dir</code>"'.
ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().24
- Category
- I18n
- Occurrences
- 24
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
WARNINGSecurityRequest data is not unslashed$_GET[$f] not unslashed before sanitization. Use wp_unslash() or similar18
- Category
- Security
- Occurrences
- 18
- Severity
- warning
Sample message
$_GET[$f] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.17
- Category
- Security
- Occurrences
- 17
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET[$f]17
- Category
- Security
- Occurrences
- 17
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET[$f]
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.9
- Category
- Security
- Occurrences
- 9
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['action_keys']. Check that the array index exists before using it.9
- Category
- Security
- Occurrences
- 9
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['action_keys']. Check that the array index exists before using it.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.7
- Category
- Security
- Occurrences
- 7
- Severity
- warning
Sample message
Processing form data without nonce verification.
Show 15 moreShow less
ERRORMaintainabilityMissing direct file access protection4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORI18nMissing Translators Comment3
- Category
- I18n
- Occurrences
- 3
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityDynamic hook name2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$this->filter".
WARNINGMaintainabilityNon-prefixed function2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "__d".
WARNINGMaintainabilityNon-prefixed global variable2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$more_common".
WARNINGMaintainabilityerror log print r2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
WARNINGMaintainabilityDeprecated parameter: get_terms parameter 22
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
The parameter "'orderby=count&hide_empty=0'" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.
ERRORI18nNon Singular String Literal Text2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: 'Default ' . $t->labels->name
ERRORMaintainabilityOffloaded Content1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.
ERRORMaintainabilityfile system operations fclose1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fopen1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityfile system operations fwrite1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
ERRORMaintainabilityDiscouraged WordPress constant usage: TEMPLATEPATH1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Found usage of constant "TEMPLATEPATH". Use get_template_directory() instead.
ERRORMaintainabilityNon Enqueued Stylesheet1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Stylesheets must be registered/enqueued via wp_enqueue_style()
ERRORI18nUnordered Placeholders Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s, %3$s, %4$s", but got "%s, %s, %s, %s" in 'The %s plugin can read objects from a file. The default location for these files is in the %s directory. To create a file object, copy the text below (<code>CTRL/CMD + c</code>), paste it into a text file and save it as %s to the aforementioned directory. If an object exists both in the %s settings and as a file, the file will override the data stored in the database.'.
External Connections
Potential connections found in static code analysis.
Outbound calls
18
External assets
1
Incoming endpoints
0
Notable Domains
Platform / Reference Domains
External Asset Domains
Incoming Endpoints
No public endpoints detected.
Score History
First score snapshot
v1.2
33
Latest
- Findings
- 425
- Errors
- 227
- Warnings
- 198
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 33 | 425 | 227 | 198 | v1.2 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.