Route ‑ Shipping Protection

One-Click Shipping Protection

v2.4.9RouteUpdated Added 500 installs86% rating
34
Score
66
Errors
150
Warnings
+0
Change

Category Scores

Security0
Repo94
Performance100
Maintainability49

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

216 findings

Security

144

11 issue groups

Maintainability

62

13 issue groups

I18n

2

1 issue group

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.32
Category
Security
Occurrences
32
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['filter_shop_order_route_protection']30
Category
Security
Occurrences
30
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['filter_shop_order_route_protection']

WARNINGSecurityRequest data is not unslashed$_GET['filter_shop_order_route_protection'] not unslashed before sanitization. Use wp_unslash() or similar30
Category
Security
Occurrences
30
Severity
warning

Sample message

$_GET['filter_shop_order_route_protection'] not unslashed before sanitization. Use wp_unslash() or similar

ERRORMaintainabilitywp function not compatible with requires wpFunction "get_rest_url()" requires WordPress 4.4.0, but your plugin minimum supported version is WordPress 4.0.0.22
Category
Maintainability
Occurrences
22
Severity
error

Sample message

Function "get_rest_url()" requires WordPress 4.4.0, but your plugin minimum supported version is WordPress 4.0.0.

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$class'.17
Category
Security
Occurrences
17
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$class'.

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.14
Category
Security
Occurrences
14
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['post_type']. Check that the array index exists before using it.14
Category
Security
Occurrences
14
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET['post_type']. Check that the array index exists before using it.

ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "activate_routeapp".5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "activate_routeapp".

WARNINGMaintainabilityNon-prefixed classClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "Route_Setup".4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "Route_Setup".

Show 15 more
WARNINGMaintainabilityNon-prefixed hook name4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'woocommerce_get_settings_' . $this->id".

ERRORMaintainabilitystrip tags strip tags4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WARNINGMaintainabilityerror log error log3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

WARNINGSecuritywp redirect wp redirect3
Category
Security
Occurrences
3
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

ERRORMaintainabilityMissing direct file access protection3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGMaintainabilityDirect Query2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo Caching2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WARNINGMaintainabilityslow db query meta query2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Detected usage of meta_query, possible slow query.

ERRORMaintainabilityNon Enqueued Stylesheet2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Stylesheets must be registered/enqueued via wp_enqueue_style()

ERRORI18nMissing Arg Domain2
Category
I18n
Occurrences
2
Severity
error

Sample message

Missing $domain parameter in function call to __().

ERRORSecurityDatabase parameter is not escaped1
Category
Security
Occurrences
1
Severity
error

Sample message

Unescaped parameter $query used in $wpdb->get_var()\n$query assigned unsafely at line 182.

WARNINGSecurityInterpolated SQL is not prepared1
Category
Security
Occurrences
1
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable {$orders_table} at FROM {$orders_table} AS orders\n

ERRORSecuritySQL query is not prepared1
Category
Security
Occurrences
1
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $query

ERRORSecurityLike Wildcards In Query1
Category
Security
Occurrences
1
Severity
error

Sample message

SQL wildcards for a LIKE query should be passed in through a replacement parameter. Found: LIKE '%ShippingEasy%'.

WARNINGMaintainabilityerror log debug backtrace1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

debug_backtrace() found. Debug code should not normally be used in production.

External Connections

Potential connections found in static code analysis.

20 domains

Outbound calls

41

External assets

4

Incoming endpoints

16

Notable Domains

route.com18 · outbound
dashboard.route.com4 · outbound
api-stage.route.com2 · outbound
api.route.com2 · outbound
routeapp.io2 · outbound

Platform / Reference Domains

developer.wordpress.org1 · platform/reference
github.com1 · platform/reference
gnu.org1 · platform/reference
w3.org1 · platform/reference

External Asset Domains

Incoming Endpoints

/wp-json/route/recreate_merchantREST

register_rest_route

/wp-json/route/recreate_userREST

register_rest_route

/wp-json/route/statusREST

register_rest_route

/wp-json/route/user_loginREST

register_rest_route

wp_ajax_nopriv_get_route_checkoutpublic

wp_ajax

wp_ajax_nopriv_routeapp_add_admin_feepublic

wp_ajax

Admin AJAX endpoints7
wp_ajax_get_route_checkoutauthenticated

wp_ajax

wp_ajax_routeapp_add_admin_feeauthenticated

wp_ajax

wp_ajax_routeapp_process_orders_batchauthenticated

wp_ajax

wp_ajax_routeapp_remove_admin_feeauthenticated

wp_ajax

wp_ajax_routeapp_save_ordersauthenticated

wp_ajax

wp_ajax_woo_check_widgetauthenticated

wp_ajax

wp_ajax_woo_get_ajax_dataauthenticated

wp_ajax

Score History

2 score snapshots

+0
1007550250Jun 25, 2026, 05:28 PM UTC Score 34/100 Plugin v2.4.8 Plugin Check 2.0.0 65 errors, 150 warningsJul 1, 2026, 08:59 PM UTC Score 34/100 Plugin v2.4.9 Plugin Check 2.0.0 66 errors, 150 warningsJun 25, 2026Jul 1, 2026

v2.4.9

34

Latest

Findings
216
Errors
66
Warnings
150
Check
2.0.0

v2.4.8

34

Score

Findings
215
Errors
65
Warnings
150
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

36 nodes

Related Plugins

99
Protect Uploads

30k+ active installs

99
Clixtell

1k+ active installs

98
Simple Analytics

1k+ active installs

97