PluginScore

Reseller Store

Design your own storefront for your Basic and Pro Reseller plan and have more control over your customers experience and business!

v3.0.0GoDaddyUpdated Added 1k+ installs74% rating
postsproductsprogramresellerstorefront
35
Score
56
Errors
34
Warnings
-5
Change

Category Scores

Security0
Repo82
Performance100
Maintainability80

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

90 findings

Security

53

5 issue groups

Maintainability

33

7 issue groups

Repo Compliance

2

2 issue groups

I18n

1

1 issue group

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<div class=\"$classes\" data-plid=\"$plid\""'.45
Category
Security
Occurrences
45
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<div class=\"$classes\" data-plid=\"$plid\""'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$args&quot;.12
Category
Maintainability
Occurrences
12
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$args&quot;.

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.6
Category
Maintainability
Occurrences
6
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.4
Category
Security
Occurrences
4
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;the_content&quot;.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;the_content&quot;.

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.2
Category
Security
Occurrences
2
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
ERRORMaintainabilityblock api version too lowEditor blocks must define "apiVersion" 3 or higher in block.json for WordPress 7.0+ iframe editor compatibility.2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Editor blocks must define "apiVersion" 3 or higher in block.json for WordPress 7.0+ iframe editor compatibility.

block_api_version_too_lowReference
WARNINGI18nDiscouraged text-domain loadingload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFoundReference
Show 6 more
ERRORSecuritySetting is missing a sanitization callback1
Category
Security
Occurrences
1
Severity
error

Sample message

Sanitization missing for register_setting().

PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissingReference
WARNINGSecurityInput is not validated1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_REQUEST[&#039;bulk_restore_posts&#039;]. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
ERRORSupply ChainHidden files included1
Category
Supply Chain
Occurrences
1
Severity
error

Sample message

Hidden files are not permitted.

hidden_files
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
WARNINGRepo Compliancereadme parser warnings too many tags1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags
WARNINGMaintainabilityunexpected markdown file1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Unexpected markdown file "CLAUDE.md" detected in plugin root. Only specific markdown files are expected in production plugins.

unexpected_markdown_file

External Connections

Potential connections found in static code analysis.

7 domains

Outbound calls

33

External assets

0

Incoming endpoints

4

Notable Domains

reseller.godaddy.com2 · outbound
reseller.secureserver.net2 · outbound
godaddy.com1 · outbound
schemas.wp.org1 · outbound

Platform / Reference Domains

w3.org25 · platform/reference
github.com1 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints4
wp_ajax_rstore_dismiss_admin_noticeauthenticated

wp_ajax

wp_ajax_rstore_installauthenticated

wp_ajax

wp_ajax_rstore_options_saveauthenticated

wp_ajax

wp_ajax_rstore_product_importauthenticated

wp_ajax

Score History

2 score snapshots

-5
1007550250Jun 21, 2026, 07:10 PM UTC Score 40/100 Plugin v2.2.17 Plugin Check 2.0.0 53 errors, 33 warningsJun 23, 2026, 01:42 PM UTC Score 35/100 Plugin v3.0.0 Plugin Check 2.0.0 56 errors, 34 warningsJun 21, 2026Jun 23, 2026

v3.0.0

35

Latest

Findings
90
Errors
56
Warnings
34
Check
2.0.0

v2.2.17

40

Score

Findings
86
Errors
53
Warnings
33
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

33 nodes

Related Plugins

Order Limit For WooCommerce ( Free Version )

800 active installs

100
Default Post Author

1k+ active installs

99
Essential Widgets

10k+ active installs

99
List all posts by Authors, nested Categories and Titles

700 active installs

99
MATE Recently Viewed Products – Cache Compatible for WooCommerce

400 active installs

99
Advanced Posts Listing – Show Post List Easily

3k+ active installs

98