POKY – Product Importer

POKY enables WooCommerce merchants to import products from 28+ platforms to your store

v2.2.0adspairUpdated Added 700 installs54% rating
73
Score
6
Errors
12
Warnings
+0
Change

Category Scores

Security56
Repo86
Performance100
Maintainability94

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

18 findings

Security

9

5 issue groups

Maintainability

4

3 issue groups

Repo Compliance

3

3 issue groups

I18n

2

1 issue group

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['pokyToken']. Check that the array index exists before using it.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['pokyToken']. Check that the array index exists before using it.

WARNINGMaintainabilityNon-prefixed global variableGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".

ERRORI18nText Domain MismatchMismatched text domain. Expected 'poky-product-importer' but got 'domain'.2
Category
I18n
Occurrences
2
Severity
error

Sample message

Mismatched text domain. Expected 'poky-product-importer' but got 'domain'.

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$permalink'.1
Category
Security
Occurrences
1
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$permalink'.

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['product']1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['product']

WARNINGSecurityRequest data is not unslashed$_POST['product'] not unslashed before sanitization. Use wp_unslash() or similar1
Category
Security
Occurrences
1
Severity
warning

Sample message

$_POST['product'] not unslashed before sanitization. Use wp_unslash() or similar

ERRORRepo Complianceplugin header no licenseMissing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

ERRORRepo Compliancereadme mismatched header requiresMismatched Requires at least: 2.9.1 != 4.4. "Requires at least" needs to be exactly the same with that in your main plugin file's header.1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Mismatched Requires at least: 2.9.1 != 4.4. "Requires at least" needs to be exactly the same with that in your main plugin file's header.

Show 2 more
WARNINGRepo Compliancereadme parser warnings too many tags1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

ERRORMaintainabilitytrunk stable tag1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Incorrect Stable Tag. It's recommended not to use "Stable Tag: trunk". Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.

External Connections

Potential connections found in static code analysis.

2 domains

Outbound calls

3

External assets

0

Incoming endpoints

4

Notable Domains

poky.app2 · outbound
woo.poky.app1 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

wp_ajax_nopriv_poky_create_productpublic

wp_ajax

wp_ajax_nopriv_poky_load_productspublic

wp_ajax

Admin AJAX endpoints2
wp_ajax_poky_create_productauthenticated

wp_ajax

wp_ajax_poky_load_productsauthenticated

wp_ajax

Score History

First score snapshot

v2.2.0

73

Latest

Findings
18
Errors
6
Warnings
12
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

31 nodes

Related Plugins