Razorpay for Gravity Forms

Allows you to use Razorpay payment gateway with the gravity forms plugin.

v1.3.7RazorpayUpdated Added 600 installs20% rating
21
Score
411
Errors
47
Warnings
+0
Change

Category Scores

Security0
Repo72
Performance100
Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

458 findings

Maintainability

214

16 issue groups

Security

177

6 issue groups

I18n

13

2 issue groups

Supply Chain

5

1 issue group

ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$char'.145
Category
Security
Occurrences
145
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$char'.

ERRORMaintainabilitycurl curl setoptUsing cURL functions is highly discouraged. Use wp_remote_get() instead.114
Category
Maintainability
Occurrences
114
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$amount'.20
Category
Security
Occurrences
20
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$amount'.

ERRORMaintainabilitycurl curl errnoUsing cURL functions is highly discouraged. Use wp_remote_get() instead.12
Category
Maintainability
Occurrences
12
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().12
Category
Maintainability
Occurrences
12
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

ERRORMaintainabilityfile system operations fopenFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().9
Category
Maintainability
Occurrences
9
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

ERRORMaintainabilityfile system operations fwriteFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().9
Category
Maintainability
Occurrences
9
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.7
Category
Maintainability
Occurrences
7
Severity
warning

Sample message

Use of a direct database call is discouraged.

ERRORI18nText Domain MismatchMismatched text domain. Expected 'razorpay-gravity-forms' but got 'gravityforms'.7
Category
I18n
Occurrences
7
Severity
error

Sample message

Mismatched text domain. Expected 'razorpay-gravity-forms' but got 'gravityforms'.

Show 15 more
WARNINGMaintainabilityNo Caching6
Category
Maintainability
Occurrences
6
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORMaintainabilitycurl curl close6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilitycurl curl error6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilitycurl curl exec6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilityparse url parse url6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

ERRORI18nNon Singular String Literal Domain6
Category
I18n
Occurrences
6
Severity
error

Sample message

The $domain parameter must be a single text string literal. Found: $this->_slug

ERRORSupply ChainHidden files included5
Category
Supply Chain
Occurrences
5
Severity
error

Sample message

Hidden files are not permitted.

WARNINGMaintainabilityNon-prefixed function4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "createRzpCron".

WARNINGSecurityDatabase parameter is not escaped3
Category
Security
Occurrences
3
Severity
warning

Sample message

Unescaped parameter $tableName used in $wpdb->get_results()\n$tableName assigned unsafely at line 153.

WARNINGSecurityInterpolated SQL is not prepared3
Category
Security
Occurrences
3
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $tableName at "SELECT * FROM $tableName WHERE order_id="

ERRORSecuritySQL query is not prepared3
Category
Security
Occurrences
3
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $entry

WARNINGMaintainabilityNon-prefixed hook name3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "gform_razorpay_complete_payment".

WARNINGMaintainabilityerror log error log3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

WARNINGMaintainabilityerror log trigger error3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

trigger_error() found. Debug code should not normally be used in production.

WARNINGSecurityInput is not sanitized3
Category
Security
Occurrences
3
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE[self::RAZORPAY_ORDER_ID]

External Connections

Potential connections found in static code analysis.

21 domains

Outbound calls

138

External assets

2

Incoming endpoints

1

Notable Domains

tools.ietf.org66 · outbound
secure.php.net13 · outbound
php.net8 · outbound
semgrep.dev6 · outbound

Platform / Reference Domains

github.com11 · platform/reference
core.trac.wordpress.org6 · platform/reference
opensource.org6 · platform/reference
gnu.org1 · platform/reference
wordpress.org1 · platform/reference

External Asset Domains

checkout.razorpay.com2 · asset + outbound
razorpay.com2 · asset + outbound

Incoming Endpoints

admin_post_nopriv_gf_razorpay_webhookpublic

admin_post

Score History

First score snapshot

v1.3.7

21

Latest

Findings
458
Errors
411
Warnings
47
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related Plugins