Create custom interactive maps with free Leaflet-based styles, no Google Maps API key, frontend marker submissions, search and filters.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
917
9 issue groups
Maintainability
898
12 issue groups
I18n
48
4 issue groups
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$absolute_audio".810
- Category
- Maintainability
- Occurrences
- 810
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$absolute_audio".
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<label class='pro-only label_marker_user_icon'><div class='marker_icon_preview' data-style='{$val}'></div>"'.800
- Category
- Security
- Occurrences
- 800
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<label class='pro-only label_marker_user_icon'><div class='marker_icon_preview' data-style='{$val}'></div>"'.
WARNINGSecurityMissing Unslash$_GET['tab'] not unslashed before sanitization. Use wp_unslash() or similar31
- Category
- Security
- Occurrences
- 31
- Severity
- warning
Sample message
$_GET['tab'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityRecommendedProcessing form data without nonce verification.25
- Category
- Security
- Occurrences
- 25
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.21
- Category
- I18n
- Occurrences
- 21
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_FILES['oum_location_images']['name']20
- Category
- Security
- Occurrences
- 20
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_FILES['oum_location_images']['name']
WARNINGSecurityMissingProcessing form data without nonce verification.19
- Category
- Security
- Occurrences
- 19
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityNon Prefixed Function FoundFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "clean_utf8".18
- Category
- Maintainability
- Occurrences
- 18
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "clean_utf8".
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "oum_default_location_content".14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "oum_default_location_content".
Show 15 moreShow less
ERRORI18nMissing Arg Domain14
- Category
- I18n
- Occurrences
- 14
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
WARNINGSecurityInput Not Validated10
- Category
- Security
- Occurrences
- 10
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_FILES['oum_location_audio']['size']. Check that the array index exists before using it.
ERRORI18nText Domain Mismatch9
- Category
- I18n
- Occurrences
- 9
- Severity
- error
Sample message
Mismatched text domain. Expected 'open-user-map' but got 'elementor-oum-addon'.
WARNINGMaintainabilityDirect Query8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilityNot In Footer7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORMaintainabilityparse url parse url6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
WARNINGSecurityInterpolated Not Prepared5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable {$postmeta_table} at "SELECT p.ID FROM {$posts_table} p INNER JOIN {$postmeta_table} pm ON p.ID = pm.post_id WHERE pm.meta_key = '_wp_attached_file' AND pm.meta_value = %s AND p.post_type = 'attachment' AND p.post_mime_type LIKE 'image/%' LIMIT 1"
ERRORSecurityNot Prepared4
- Category
- Security
- Occurrences
- 4
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $query
WARNINGMaintainabilityslow db query tax query4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of tax_query, possible slow query.
ERRORI18nUnordered Placeholders Text4
- Category
- I18n
- Occurrences
- 4
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$d", but got "%s, %d" in 'Image "%s" is too large. Maximum file size is %d MB.'.
ERRORSecurityLike Wildcards In Query3
- Category
- Security
- Occurrences
- 3
- Severity
- error
Sample message
SQL wildcards for a LIKE query should be passed in through a replacement parameter. Found: LIKE 'image/%'.
ERRORMaintainabilitydate date3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilitystrip tags strip tags3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
ERRORMaintainabilityFound2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
The use of function move_uploaded_file() is forbidden
Score History
First score snapshot
v1.4.43
26
Latest
- Findings
- 1,879
- Errors
- 893
- Warnings
- 986
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 26 | 1,879 | 893 | 986 | v1.4.43 | 2.0.0 |
Related Plugins
3k+ active installs
10k+ active installs
30k+ active installs
7k+ active installs
30k+ active installs
4k+ active installs