PluginScore

Rollbar

Official Rollbar full-stack error tracking for WordPress supported by Rollbar, Inc.

v3.2.0rollbarUpdated Added 400 installs80% rating
errorerror trackingfull stackrollbartracking
39
Score
75
Errors
14
Warnings
+1
Change

Category Scores

Security0
Repo80
Performance100
Maintainability83

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

89 findings

Security

66

4 issue groups

Maintainability

19

7 issue groups

Repo Compliance

4

4 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$default'.61
Category
Security
Occurrences
61
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$default'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$default".8
Category
Maintainability
Occurrences
8
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$default".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$muPluginFilepath'.3
Category
Security
Occurrences
3
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$muPluginFilepath'.

WordPress.Security.EscapeOutput.ExceptionNotEscapedReference
WARNINGMaintainabilityupgrade notice limitThe upgrade notice for "Version 2.0.0 (9th September 2017)" exceeds the limit of 300 characters.3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

The upgrade notice for "Version 2.0.0 (9th September 2017)" exceeds the limit of 300 characters.

upgrade_notice_limit
ERRORSecuritySetting is missing a sanitization callbackSanitization missing for register_setting().1
Category
Security
Occurrences
1
Severity
error

Sample message

Sanitization missing for register_setting().

PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissingReference
ERRORMaintainabilityPlugin Directory WritePlugin folders are deleted when upgraded. Do not save data to the plugin folder using copy(). Detected usage of function plugin_dir_path(). Use wp_upload_dir() to get the uploads directory path or save to the database instead.1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Plugin folders are deleted when upgraded. Do not save data to the plugin folder using copy(). Detected usage of function plugin_dir_path(). Use wp_upload_dir() to get the uploads directory path or save to the database instead.

PluginCheck.CodeAnalysis.WriteFile.PluginDirectoryWrite
WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.1
Category
Security
Occurrences
1
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirectReference
ERRORMaintainabilityfile system operations mkdirFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().

WordPress.WP.AlternativeFunctions.file_system_operations_mkdir
ERRORMaintainabilityunlink unlinkunlink() is discouraged. Use wp_delete_file() to delete a file.1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink
Show 5 more
WARNINGMaintainabilityNot In Footer1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter
ERRORRepo Compliancelicense mismatch1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Your plugin has a different license declared in the readme file and plugin header. Please update your readme with a valid GPL license identifier.

license_mismatchReference
ERRORRepo Complianceplugin header invalid license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Invalid License: Proprietary. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_invalid_licenseReference
ERRORRepo Compliancereadme mismatched header requires1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Mismatched Requires at least: 6.6.0 != 6.6. "Requires at least" needs to be exactly the same with that in your main plugin file's header.

readme_mismatched_header_requiresReference
WARNINGRepo Compliancereadme parser warnings too many tags1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags

External Connections

Potential connections found in static code analysis.

38 domains

Outbound calls

95

External assets

0

Incoming endpoints

1

Notable Domains

php.net9 · outbound
rollbar.com9 · outbound
php-fig.org6 · outbound
api.rollbar.com5 · outbound
api.slack.com4 · outbound
docs.rollbar.com3 · outbound

Platform / Reference Domains

github.com16 · platform/reference
developer.wordpress.org2 · platform/reference
wordpress.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints1
admin_post_rollbar_wp_restore_defaultsauthenticated

admin_post

Score History

2 score snapshots

+1
1007550250Jun 25, 2026, 11:04 PM UTC Score 38/100 Plugin v3.1.3 Plugin Check 2.0.0 76 errors, 14 warningsJun 26, 2026, 10:22 PM UTC Score 39/100 Plugin v3.2.0 Plugin Check 2.0.0 75 errors, 14 warningsJun 25, 2026Jun 26, 2026

v3.2.0

39

Latest

Findings
89
Errors
75
Warnings
14
Check
2.0.0

v3.1.3

38

Score

Findings
90
Errors
76
Warnings
14
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related Plugins

HTTP 410 (Gone) responses

4k+ active installs

100
Enable CORS

6k+ active installs

98
WP Maximum Execution Time Exceeded

20k+ active installs

97
404 to Home

1k+ active installs

94
Better 404 Redirect To Homepage

600 active installs

94
Link Juice Keeper

10k+ active installs

91