PluginScore

GDPR CCPA Compliance & Cookie Consent Banner

Get compliance with GDPR, CCPA, DPA, and other privacy regulations.

v2.7.5Ninja TeamUpdated Added 1k+ installs100% rating
GDPRGDPR Compliancecookie bannercookie consentdsgvo
33
Score
622
Errors
87
Warnings
+0
Change

Category Scores

Security0
Repo94
Performance100
Maintainability45

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

709 findings

I18n

484

5 issue groups

Maintainability

113

10 issue groups

Security

111

7 issue groups

Repo Compliance

1

1 issue group

ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: NJT_GDPR_I18N469
Category
I18n
Occurrences
469
Severity
error

Sample message

The $domain parameter must be a single text string literal. Found: NJT_GDPR_I18N

WordPress.WP.I18n.NonSingularStringLiteralDomainReference
ERRORMaintainabilitywp function not compatible with requires wpFunction "determine_locale()" requires WordPress 5.0.0, but your plugin minimum supported version is WordPress 3.0.0.97
Category
Maintainability
Occurrences
97
Severity
error

Sample message

Function "determine_locale()" requires WordPress 5.0.0, but your plugin minimum supported version is WordPress 3.0.0.

wp_function_not_compatible_with_requires_wpReference
WARNINGSecurityMissing Unslash$_COOKIE['njt_gdpr_allow_permissions'] not unslashed before sanitization. Use wp_unslash() or similar38
Category
Security
Occurrences
38
Severity
warning

Sample message

$_COOKIE['njt_gdpr_allow_permissions'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_COOKIE['njt_gdpr_allow_permissions']33
Category
Security
Occurrences
33
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE['njt_gdpr_allow_permissions']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.26
Category
Security
Occurrences
26
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunctionReference
ERRORI18nNo Empty StringsThe $text text string should have translatable content. Found: ' '12
Category
I18n
Occurrences
12
Severity
error

Sample message

The $text text string should have translatable content. Found: ' '

WordPress.WP.I18n.NoEmptyStringsReference
WARNINGSecurityMissingProcessing form data without nonce verification.9
Category
Security
Occurrences
9
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date
WARNINGMaintainabilityget page by title Foundget_page_by_title() has been deprecated since WordPress version 6.2.0. Use WP_Query instead.3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

get_page_by_title() has been deprecated since WordPress version 6.2.0. Use WP_Query instead.

WordPress.WP.DeprecatedFunctions.get_page_by_titleFound
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
Show 13 more
ERRORSecurityException Not Escaped2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$e'.

WordPress.Security.EscapeOutput.ExceptionNotEscapedReference
ERRORSecurityOutput Not Escaped2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'NJT_GDPR_URL'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGMaintainabilityMissing Version2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Resource version not set in call to wp_register_style(). This means new versions of the style may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion
ERRORMaintainabilityOffloaded Content1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.

PluginCheck.CodeAnalysis.Offloading.OffloadedContent
WARNINGSecurityInput Not Validated1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['type']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
ERRORMaintainabilityfile system operations mkdir1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().

WordPress.WP.AlternativeFunctions.file_system_operations_mkdir
ERRORI18nMissing Arg Domain1
Category
I18n
Occurrences
1
Severity
error

Sample message

Missing $domain parameter in function call to _e().

WordPress.WP.I18n.MissingArgDomainReference
ERRORI18nMissing Translators Comment1
Category
I18n
Occurrences
1
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
ERRORI18nText Domain Mismatch1
Category
I18n
Occurrences
1
Severity
error

Sample message

Mismatched text domain. Expected 'ninja-gdpr-compliance' but got 'ninjateam-whatsapp'.

WordPress.WP.I18n.TextDomainMismatchReference
ERRORMaintainabilityapplication detected1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Application files are not permitted.

application_detected
WARNINGMaintainabilitymissing composer json file1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The "/vendor" directory using composer exists, but "composer.json" file is missing.

missing_composer_json_fileReference
ERRORMaintainabilityphar files1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Phar files are not permitted.

phar_files
ERRORRepo Complianceplugin header no license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_licenseReference

Score History

First score snapshot

v2.7.5

33

Latest

Findings
709
Errors
622
Warnings
87
Check
2.0.0

Related Plugins

Disable Emojis (GDPR friendly)

60k+ active installs

100
WS Form LITE – Drag & Drop Contact Form Builder

10k+ active installs

100
Additional Terms for WooCommerce

2k+ active installs

98
consentmanager Cookie Banner

5k+ active installs

98
Simple Cookie Notice

2k+ active installs

98
Flexible Cookies

3k+ active installs

97