PluginScore

Nearby Now Reviews and Audio Testimonials

The Nearby Now plugin allows you to display your customer reviews, job locations with photos and videos, and a service-area heat-map on any blog post …

v3.0.0Billy CooverUpdated Added 1k+ installs52% rating
check-insgooglereviewslocationreviewsservicepro
37
Score
66
Errors
67
Warnings
+0
Change

Category Scores

Security0
Repo80
Performance100
Maintainability75

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

133 findings

Security

71

6 issue groups

Maintainability

57

6 issue groups

Repo Compliance

4

4 issue groups

I18n

1

1 issue group

ERRORMaintainabilitywp function not compatible with requires wpFunction "add_settings_field()" requires WordPress 2.7.0, but your plugin minimum supported version is WordPress 2.0.2.51
Category
Maintainability
Occurrences
51
Severity
error

Sample message

Function "add_settings_field()" requires WordPress 2.7.0, but your plugin minimum supported version is WordPress 2.0.2.

wp_function_not_compatible_with_requires_wpReference
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['css']18
Category
Security
Occurrences
18
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['css']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['css']. Check that the array index exists before using it.18
Category
Security
Occurrences
18
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET['css']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGSecurityRequest data is not unslashed$_GET['css'] not unslashed before sanitization. Use wp_unslash() or similar18
Category
Security
Occurrences
18
Severity
warning

Sample message

$_GET['css'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<input id='nearbynow_text_string' name='nearbynow_options[text_string]' size='40' type='text' value='{$options['text_string']}' />"'.8
Category
Security
Occurrences
8
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<input id='nearbynow_text_string' name='nearbynow_options[text_string]' size='40' type='text' value='{$options['text_string']}' />"'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.6
Category
Security
Occurrences
6
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
WARNINGMaintainabilityMissing VersionResource version not set in call to wp_register_script(). This means new versions of the script may not always be loaded due to browser caching.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Resource version not set in call to wp_register_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion
WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r
ERRORMaintainabilityparse url parse urlparse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
Show 7 more
ERRORI18nMissing Arg Domain1
Category
I18n
Occurrences
1
Severity
error

Sample message

Missing $domain parameter in function call to esc_attr_e().

WordPress.WP.I18n.MissingArgDomainReference
ERRORMaintainabilityinvalid plugin name1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Plugin name header in your readme is missing or invalid. Please update your readme with a valid plugin name header. Eg: "=== Example Name ==="

invalid_plugin_nameReference
ERRORMaintainabilityMissing direct file access protection1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORRepo Complianceno license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.

no_licenseReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
ERRORRepo Complianceplugin header no license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_licenseReference
WARNINGRepo Compliancereadme parser warnings trimmed short description1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

The "Short Description" section is too long and was truncated. A maximum of 150 characters is supported.

readme_parser_warnings_trimmed_short_description

External Connections

Potential connections found in static code analysis.

4 domains

Outbound calls

6

External assets

0

Incoming endpoints

0

Notable Domains

api.sidebox.com2 · outbound
d2gwjd5chbpgug.cloudfront.net2 · outbound
nearbynow.co1 · outbound
servicepros.nearbynow.co1 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v3.0.0

37

Latest

Findings
133
Errors
66
Warnings
67
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

33 nodes

Related Plugins

Reviews Widgets for Google & 45+ platforms by Repuso

1k+ active installs

100
Absolute Reviews

6k+ active installs

99
Manually Approved Reviews for WooCommerce

700 active installs

99
TWB Woocommerce Reviews

600 active installs

99
WP Customer Reviews

20k+ active installs

98
Faview – Virtual Reviews for WooCommerce

8k+ active installs

97