Powered Cache is the most powerful caching and performance suite for WordPress. Easily Improve PageSpeed & Web Vitals Score.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
212
17 issue groups
Security
139
6 issue groups
Supply Chain
4
1 issue group
I18n
2
1 issue group
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not load file {$filePath}"'.59
- Category
- Security
- Occurrences
- 59
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not load file {$filePath}"'.
WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wp_cache_add".58
- Category
- Maintainability
- Occurrences
- 58
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wp_cache_add".
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$batch".46
- Category
- Maintainability
- Occurrences
- 46
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$batch".
WARNINGSecurityRequest data is not unslashed$_COOKIE[$key][$vary_sub_cookie] not unslashed before sanitization. Use wp_unslash() or similar28
- Category
- Security
- Occurrences
- 28
- Severity
- warning
Sample message
$_COOKIE[$key][$vary_sub_cookie] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_COOKIE[$key][$vary_sub_cookie]25
- Category
- Security
- Occurrences
- 25
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_COOKIE[$key][$vary_sub_cookie]
WARNINGMaintainabilityDynamic hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$this->cron_interval_identifier".20
- Category
- Maintainability
- Occurrences
- 20
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$this->cron_interval_identifier".
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;18
- Category
- Maintainability
- Occurrences
- 18
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilityunlink unlinkunlink() is discouraged. Use wp_delete_file() to delete a file.13
- Category
- Maintainability
- Occurrences
- 13
- Severity
- error
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "emoji_svg_url".12
- Category
- Maintainability
- Occurrences
- 12
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "emoji_svg_url".
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_USER_AGENT']. Check that the array index exists before using it.12
- Category
- Security
- Occurrences
- 12
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_USER_AGENT']. Check that the array index exists before using it.
Show 15 moreShow less
ERRORSecurityOutput is not escaped9
- Category
- Security
- Occurrences
- 9
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"' class='object-cache-stats-menu-target' $current>\n"'.
ERRORMaintainabilityPlugin Directory Write6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
Plugin folders are deleted when upgraded. Do not save data to the plugin folder using file_put_contents(). Detected usage of constant WP_CONTENT_DIR. Use wp_upload_dir() to get the uploads directory path or save to the database instead.
WARNINGMaintainabilityNon-prefixed constant6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "WP_APCU_KEY_SALT".
WARNINGSecurityNonce verification recommended6
- Category
- Security
- Occurrences
- 6
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilityfile system operations is writeable6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writeable().
ERRORMaintainabilityfile system operations mkdir5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().
ERRORMaintainabilityfile system operations touch4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: touch().
ERRORMaintainabilityparse url parse url4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
ERRORSupply ChainHidden files included4
- Category
- Supply Chain
- Occurrences
- 4
- Severity
- error
Sample message
Hidden files are not permitted.
WARNINGMaintainabilityDirect Query3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilityerror log print r3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
ERRORMaintainabilitywp function not compatible with requires wp3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Function "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 5.7.0.
ERRORMaintainabilityfile system operations rmdir2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().
ERRORI18nMissing Arg Domain2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
Score History
First score snapshot
v3.7.3
20
Latest
- Findings
- 378
- Errors
- 147
- Warnings
- 231
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 20 | 378 | 147 | 231 | v3.7.3 | 2.0.0 |
Related Plugins
4k+ active installs
2k+ active installs
60k+ active installs
50k+ active installs
60k+ active installs
1k+ active installs