Provides a secure connection between your SureFeedback parent and client sites, syncing identities for WordPress-based commenting.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
I18n
42
2 issue groups
Security
22
5 issue groups
Maintainability
4
4 issue groups
Repo Compliance
3
3 issue groups
ERRORI18nText Domain MismatchMismatched text domain. Expected 'projecthuddle-child-site' but got 'ph-child'.41
- Category
- I18n
- Occurrences
- 41
- Severity
- error
Sample message
Mismatched text domain. Expected 'projecthuddle-child-site' but got 'ph-child'.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.9
- Category
- Security
- Occurrences
- 9
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityRequest data is not unslashed$_COOKIE['ph_access_token'] not unslashed before sanitization. Use wp_unslash() or similar6
- Category
- Security
- Occurrences
- 6
- Severity
- warning
Sample message
$_COOKIE['ph_access_token'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_COOKIE['ph_access_token']3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_COOKIE['ph_access_token']
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
ERRORMaintainabilityNo Explicit VersionVersion parameter is not explicitly set or has been set to an equivalent of "false" for wp_register_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_register_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.
ERRORMaintainabilityapplication detectedApplication files are not permitted.1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Application files are not permitted.
WARNINGMaintainabilitygithub directoryGitHub workflow directory ".github" detected. This directory should not be included in production plugins.1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
GitHub workflow directory ".github" detected. This directory should not be included in production plugins.
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Show 4 moreShow less
WARNINGRepo Complianceplugin header invalid domain path1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
The "Domain Path" header in the plugin file must start with forward slash.
ERRORRepo Complianceplugin header no license1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.
WARNINGRepo Complianceplugin header nonexistent domain path1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
The "Domain Path" header in the plugin file must point to an existing folder. Found: "languages"
WARNINGI18ntextdomain mismatch1
- Category
- I18n
- Occurrences
- 1
- Severity
- warning
Sample message
The "Text Domain" header in the plugin file does not match the slug. Found "ph-child", expected "projecthuddle-child-site".
External Connections
Not analyzed yet.
Score History
First score snapshot
v1.2.12
59
Latest
- Findings
- 71
- Errors
- 47
- Warnings
- 24
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 59 | 71 | 47 | 24 | v1.2.12 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
9k+ active installs
5k+ active installs
200k+ active installs
2k+ active installs
10k+ active installs
1k+ active installs