Oliver POS – WooCommerce POS for iPhone, iPad & Android

WooCommerce POS for iPhone, iPad & Android. Tap to Pay, Stripe Terminal, offline mode, multi-outlet stock — every WooCommerce payment gateway.

v4.8.3Oliver POSUpdated 2 days agoAdded 7 years ago800 installs86% rating

inventory point-of-sale pos retail woocommerce

Score

Errors

242

Warnings

Change

Category Scores

Security0

Repo97

Performance98

Maintainability64

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

257 findings

Maintainability

149

7 issue groups

Security

104

6 issue groups

I18n

2 issue groups

Performance

1 issue group

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable {$group_expr} at \t\t\t\t\tGROUP BY {$group_expr}\n66

Category: Security
Occurrences: 66
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable {$group_expr} at \t\t\t\t\tGROUP BY {$group_expr}\n

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().63

Category: Maintainability
Occurrences: 63
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.47

Category: Maintainability
Occurrences: 47
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $count_sql used in $wpdb->get_var()\n$count_sql assigned unsafely at line 251.23

Category: Security
Occurrences: 23
Severity: warning

Sample message

Unescaped parameter $count_sql used in $wpdb->get_var()\n$count_sql assigned unsafely at line 251.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$cap".16

Category: Maintainability
Occurrences: 16
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$cap".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGMaintainabilityupgrade notice limitThe upgrade notice for "4.5.10" exceeds the limit of 300 characters.11

Category: Maintainability
Occurrences: 11
Severity: warning

Sample message

The upgrade notice for "4.5.10" exceeds the limit of 300 characters.

upgrade_notice_limit

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;9

Category: Maintainability
Occurrences: 9
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['enabled_categories']7

Category: Security
Occurrences: 7
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['enabled_categories']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORSecurityDatabase parameter is not escapedUnescaped parameter $orders_table used in $wpdb->get_row()\n$orders_table assigned unsafely at line 484.4

Category: Security
Occurrences: 4
Severity: error

Sample message

Unescaped parameter $orders_table used in $wpdb->get_row()\n$orders_table assigned unsafely at line 484.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityUnfinished PrepareReplacement variables found, but no valid placeholders found in the query.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare

Show 7 more

WARNINGMaintainabilitytrademarked term2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "Oliver POS – WooCommerce POS for iPhone, iPad & Android" - contains the restricted term "woocommerce" which cannot be used within in your plugin name, unless your plugin name contains one of the allowed patterns: "for woocommerce", "with woocommerce", "using woocommerce", or "and woocommerce". The term must still not appear anywhere else in your name.

trademarked_term

WARNINGI18nDiscouraged text-domain loading1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

WARNINGSecurityRequest data is not unslashed1

Category: Security
Occurrences: 1
Severity: warning

Sample message

$_SERVER['REQUEST_METHOD'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORI18nMissing Translators Comment1

Category: I18n
Occurrences: 1
Severity: error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

WARNINGPerformancePost Not In exclude1

Category: Performance
Occurrences: 1
Severity: warning

Sample message

Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.

WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude

WARNINGRepo Compliancereadme parser warnings trimmed section changelog1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

The "Changelog" section is too long and was truncated. A maximum of 5000 characters is supported.

readme_parser_warnings_trimmed_section_changelog

ERRORMaintainabilitywp function not compatible with requires wp1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Function "array_is_list()" requires WordPress 6.5.0, but your plugin minimum supported version is WordPress 6.2.0.

wp_function_not_compatible_with_requires_wp Reference

External Connections

Potential connections found in static code analysis.

20 domains

Outbound calls

External assets

Incoming endpoints

Notable Domains

oliverpos.com10 · outbound

app.oliverpos.com5 · outbound

chartjs.org2 · outbound

help.oliverpos.com2 · outbound

jsdelivr.com2 · outbound

phoenix.oliverpos.com2 · outbound

Platform / Reference Domains

w3.org6 · platform/reference

schema.org4 · platform/reference

github.com2 · platform/reference

gnu.org1 · platform/reference

opensource.org1 · platform/reference

wordpress.org1 · platform/reference

External Asset Domains

connect-js.stripe.com2 · asset + outbound

Incoming Endpoints

/wp-json/oliver-pos/v1/billing/claimREST

register_rest_route

/wp-json/oliver-pos/v1/billing/currentREST

register_rest_route

/wp-json/oliver-pos/v1/billing/manage-linkREST

register_rest_route

Admin AJAX endpoints20

admin_post_oliver_pos_claimauthenticated

admin_post

admin_post_oliver_pos_cleanup_phantom_ordersauthenticated

admin_post

wp_ajax_oliver_pos_add_stationauthenticated

wp_ajax

wp_ajax_oliver_pos_billing_registerauthenticated

wp_ajax

wp_ajax_oliver_pos_dashboard_dataauthenticated

wp_ajax

wp_ajax_oliver_pos_dismiss_checklistauthenticated

wp_ajax

wp_ajax_oliver_pos_onboarding_completeauthenticated

wp_ajax

wp_ajax_oliver_pos_onboarding_pairing_statusauthenticated

wp_ajax

wp_ajax_oliver_pos_pay_connect_accountauthenticated

wp_ajax

wp_ajax_oliver_pos_pay_disconnectauthenticated

wp_ajax

wp_ajax_oliver_pos_pay_refresh_statusauthenticated

wp_ajax

wp_ajax_oliver_pos_pay_registerauthenticated

wp_ajax

8 more hidden

Score History

First score snapshot

today

v4.8.3

Latest

Findings: 257
Errors: 15
Warnings: 242
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
todayLatest	37	257	15	242	v4.8.3	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

2k+ active installs

Billbee – Auftragsabwicklung, Warenwirtschaft, Automatisierung

500 active installs

POS Entegratör – Gurmehub Ödeme Eklentisi

1k+ active installs

FooSales – Point of Sale (POS) for WooCommerce

700 active installs

wePOS – Point Of Sale (POS) for WooCommerce & Dokan

1k+ active installs

BjornTech PayPal POS integration for WooCommerce

700 active installs

Oliver POS – WooCommerce POS for iPhone, iPad & Android

Category Scores

Issues to Review

External Connections

Notable Domains

Platform / Reference Domains

External Asset Domains

Incoming Endpoints

Score History

Relationship Map

Plugin

Author

Category

Issue

Domain

Related

Plugin

Author

Category

Issue

Domain

Related

Related Plugins