Prevent XSS Vulnerability

This WP plugin blocks XSS by encoding harmful URL characters & safely handling HTML in $_GET. Customizable settings for enhanced website security.

v2.1.0Sami Ahmed SiddiquiUpdated 11 months agoAdded 9 years ago6k+ installs100% rating

attack cross-site scripting security vulnerability xss

Score

Errors

Warnings

Change

Category Scores

Security100

Repo94

Performance100

Maintainability95

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

11 findings

I18n

1 issue group

Maintainability

2 issue groups

Repo Compliance

1 issue group

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to esc_html_e().8

Category: I18n
Occurrences: 8
Severity: error

Sample message

Missing $domain parameter in function call to esc_html_e().

WordPress.WP.I18n.MissingArgDomain Reference

WARNINGMaintainabilityVariable Constant Name FoundGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".

WordPress.NamingConventions.PrefixAllGlobals.VariableConstantNameFound

ERRORRepo Complianceoutdated tested upto headerTested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

ERRORMaintainabilitywp function not compatible with requires wpFunction "wp_unslash()" requires WordPress 3.6.0, but your plugin minimum supported version is WordPress 3.5.0.1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Function "wp_unslash()" requires WordPress 3.6.0, but your plugin minimum supported version is WordPress 3.5.0.

wp_function_not_compatible_with_requires_wp Reference

Score History

First score snapshot

First scan

Jun 21, 2026, 01:20 AM UTC

Plugin version

v2.1.0

Plugin Check

2.0.0

Scoring model

2026.06-mvp-static-v2

Scan records1

today

v2.1.0

Latest

Findings: 11
Errors: 10
Warnings: 1
Plugin Check: 2.0.0
Model: 2026.06-mvp-static-v2

Scan	Score	Findings	Errors	Warnings	Plugin	Plugin Check	Model
todayLatest	98	11	10	1	v2.1.0	2.0.0	2026.06-mvp-static-v2

Related Plugins

10k+ active installs

100

Stop XML-RPC Attacks

6k+ active installs

Brute Force ddos jetpack

100

AntiVirus

30k+ active installs

antivirus malware safe browsing

Protect Uploads

40k+ active installs

password protection protection security

Stop User Enumeration

50k+ active installs

fail2ban security user enumeration

WPMasterToolKit (WPMTK) – All in one plugin

4k+ active installs

Easy to use admin all in one plugin