Next Active Directory Integration allows WordPress to authenticate, authorize, create and update users against Microsoft Active Directory.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
614
8 issue groups
Maintainability
258
16 issue groups
I18n
12
1 issue group
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"End-of-file reached, probably we got disconnected (sent $sent of $length)"'.465
- Category
- Security
- Occurrences
- 465
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"End-of-file reached, probably we got disconnected (sent $sent of $length)"'.
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.84
- Category
- Maintainability
- Occurrences
- 84
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Since $package $version: "'.55
- Category
- Security
- Occurrences
- 55
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Since $package $version: "'.
ERRORMaintainabilitycurl curl setoptUsing cURL functions is highly discouraged. Use wp_remote_get() instead.26
- Category
- Maintainability
- Occurrences
- 26
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$RandomCompatCOMtest".25
- Category
- Maintainability
- Occurrences
- 25
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$RandomCompatCOMtest".
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.22
- Category
- Security
- Occurrences
- 22
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST[NEXT_ACTIVE_DIRECTORY_INTEGRATION_PREFIX . 'user_disabled']22
- Category
- Security
- Occurrences
- 22
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST[NEXT_ACTIVE_DIRECTORY_INTEGRATION_PREFIX . 'user_disabled']
WARNINGSecurityRequest data is not unslashed$_POST[NEXT_ACTIVE_DIRECTORY_INTEGRATION_PREFIX . 'user_disabled'] not unslashed before sanitization. Use wp_unslash() or similar21
- Category
- Security
- Occurrences
- 21
- Severity
- warning
Sample message
$_POST[NEXT_ACTIVE_DIRECTORY_INTEGRATION_PREFIX . 'user_disabled'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().17
- Category
- Maintainability
- Occurrences
- 17
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;17
- Category
- Maintainability
- Occurrences
- 17
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Show 15 moreShow less
WARNINGMaintainabilityerror log trigger error14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
trigger_error() found. Debug code should not normally be used in production.
WARNINGMaintainabilityDirect Query12
- Category
- Maintainability
- Occurrences
- 12
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
ERRORI18nMissing Translators Comment12
- Category
- I18n
- Occurrences
- 12
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityNo Caching11
- Category
- Maintainability
- Occurrences
- 11
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityMissing nonce verification11
- Category
- Security
- Occurrences
- 11
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORSecuritySQL query is not prepared10
- Category
- Security
- Occurrences
- 10
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $query
WARNINGMaintainabilityerror log set error handler9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- warning
Sample message
set_error_handler() found. Debug code should not normally be used in production.
ERRORSecurityDatabase parameter is not escaped8
- Category
- Security
- Occurrences
- 8
- Severity
- error
Sample message
Unescaped parameter $query used in $wpdb->get_results()\n$query assigned unsafely at line 191.
WARNINGMaintainabilityerror log var export8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
var_export() found. Debug code should not normally be used in production.
WARNINGMaintainabilityerror log print r7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
ERRORMaintainabilitycurl curl init7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilityfile system operations fopen6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityForbidden PHP function found5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
The use of function eval() is forbidden
WARNINGMaintainabilityNon-prefixed hook name5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "authorize".
ERRORMaintainabilityfile system operations fwrite5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
External Connections
Not analyzed yet.
Score History
First score snapshot
v3.2.3
23
Latest
- Findings
- 967
- Errors
- 683
- Warnings
- 284
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 23 | 967 | 683 | 284 | v3.2.3 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
4k+ active installs
3k+ active installs
2k+ active installs
1k+ active installs
10k+ active installs
6k+ active installs