Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
9
5 issue groups
Maintainability
4
3 issue groups
Repo Compliance
3
3 issue groups
I18n
2
1 issue group
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['pokyToken']. Check that the array index exists before using it.3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['pokyToken']. Check that the array index exists before using it.
WARNINGMaintainabilityNon-prefixed global variableGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".
ERRORI18nText Domain MismatchMismatched text domain. Expected 'poky-product-importer' but got 'domain'.2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
Mismatched text domain. Expected 'poky-product-importer' but got 'domain'.
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$permalink'.1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$permalink'.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['product']1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['product']
WARNINGSecurityRequest data is not unslashed$_POST['product'] not unslashed before sanitization. Use wp_unslash() or similar1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
$_POST['product'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORRepo Complianceplugin header no licenseMissing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.
ERRORRepo Compliancereadme mismatched header requiresMismatched Requires at least: 2.9.1 != 4.4. "Requires at least" needs to be exactly the same with that in your main plugin file's header.1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Mismatched Requires at least: 2.9.1 != 4.4. "Requires at least" needs to be exactly the same with that in your main plugin file's header.
Show 2 moreShow less
WARNINGRepo Compliancereadme parser warnings too many tags1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
One or more tags were ignored. Please limit your plugin to 5 tags.
ERRORMaintainabilitytrunk stable tag1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Incorrect Stable Tag. It's recommended not to use "Stable Tag: trunk". Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.
External Connections
Potential connections found in static code analysis.
Outbound calls
3
External assets
0
Incoming endpoints
4
Notable Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
wp_ajax
wp_ajax
Admin AJAX endpoints2
wp_ajax
wp_ajax
Score History
First score snapshot
v2.2.0
73
Latest
- Findings
- 18
- Errors
- 6
- Warnings
- 12
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 73 | 18 | 6 | 12 | v2.2.0 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.