RSS Feed Widget

RSS Feed Widget with customizable slider. Feed title, description, image, censorship and a few other features which you can use.

v3.0.3Fahad MahmoodUpdated 6 months agoAdded 12 years ago2k+ installs78% rating

chameleon custom feed feed widget rss social feed

Score

207

Errors

Warnings

Change

Category Scores

Security0

Repo91

Performance100

Maintainability72

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

296 findings

Security

256

8 issue groups

Maintainability

8 issue groups

I18n

2 issue groups

Repo Compliance

2 issue groups

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.149

Category: Security
Occurrences: 149
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

WARNINGSecurityRequest data is not unslashed$_GET['t'] not unslashed before sanitization. Use wp_unslash() or similar29

Category: Security
Occurrences: 29
Severity: warning

Sample message

$_GET['t'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<tr>\r\n'.26

Category: Security
Occurrences: 26
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<tr>\r\n'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['t']25

Category: Security
Occurrences: 25
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['t']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.17

Category: Security
Occurrences: 17
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.10

Category: Maintainability
Occurrences: 10
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

ERRORMaintainabilitystrip tags strip tagsstrip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.10

Category: Maintainability
Occurrences: 10
Severity: error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags

ERRORMaintainabilitywp function not compatible with requires wpFunction "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.0.0.7

Category: Maintainability
Occurrences: 7
Severity: error

Sample message

Function "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.0.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['rfw_sc_google_api_key']. Check that the array index exists before using it.6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['rfw_sc_google_api_key']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

Show 10 more

WARNINGMaintainabilityMissing Version3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

WARNINGMaintainabilityNot In Footer3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter

ERRORSecuritySetting is missing a sanitization callback1

Category: Security
Occurrences: 1
Severity: error

Sample message

Sanitization missing for register_setting().

PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissing Reference

WARNINGMaintainabilityerror log print r1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

ERRORMaintainabilityrand rand1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_rand

ERRORI18nMissing Arg Domain1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Missing $domain parameter in function call to _e().

WordPress.WP.I18n.MissingArgDomain Reference

ERRORI18nText Domain Mismatch1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Mismatched text domain. Expected 'rss-feed-widget' but got 'wcdp'.

WordPress.WP.I18n.TextDomainMismatch Reference

ERRORRepo Complianceoutdated tested upto header1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

WARNINGRepo Complianceplugin header nonexistent domain path1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

The "Domain Path" header in the plugin file must point to an existing folder. Found: "languages"

plugin_header_nonexistent_domain_path Reference

WARNINGMaintainabilityupgrade notice limit1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The upgrade notice for "Upgrades" exceeds the limit of 300 characters.

upgrade_notice_limit

External Connections

Not analyzed yet.

Score History

First score snapshot

3 days ago

v3.0.3

Latest

Findings: 296
Errors: 207
Warnings: 89
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
3 days agoLatest	38	296	207	89	v3.0.3	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Loading map

PluginAuthorCategoryIssueRelated

Relationship links

Issue

Related Plugins

Disable Feeds WP

10k+ active installs

100

Send Images to RSS

3k+ active installs

RSS Featured Image

2k+ active installs

GN Publisher: Google News Compatible RSS Feeds

20k+ active installs

RSS Includes Pages

10k+ active installs

Super RSS Reader – Add attractive RSS Feed Widget

10k+ active installs