Sellsy

Créer des formulaires lié à votre compte Sellsy (prospect, opportunité, support ticket).

v2.4.0SellsyUpdated 1 year agoAdded 8 years ago400 installs60% rating

contact crm form sellsy

Score

586

Errors

490

Warnings

Change

Category Scores

Security0

Repo73

Performance100

Maintainability3

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

1,076 findings

I18n

444

1 issue group

Security

404

9 issue groups

Maintainability

207

15 issue groups

ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: PLUGIN_NOM_LANG444

Category: I18n
Occurrences: 444
Severity: error

Sample message

The $domain parameter must be a single text string literal. Found: PLUGIN_NOM_LANG

WordPress.WP.I18n.NonSingularStringLiteralDomain Reference

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.132

Category: Security
Occurrences: 132
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a".107

Category: Maintainability
Occurrences: 107
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityRequest data is not unslashed$_COOKIE[$this->name] not unslashed before sanitization. Use wp_unslash() or similar77

Category: Security
Occurrences: 77
Severity: warning

Sample message

$_COOKIE[$this->name] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_COOKIE[$this->name]53

Category: Security
Occurrences: 53
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE[$this->name]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$disp'.44

Category: Security
Occurrences: 44
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$disp'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $req33

Category: Security
Occurrences: 33
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $req

WordPress.DB.PreparedSQL.NotPrepared

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.31

Category: Maintainability
Occurrences: 31
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().25

Category: Maintainability
Occurrences: 25
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['contact_form_id']. Check that the array index exists before using it.25

Category: Security
Occurrences: 25
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET['contact_form_id']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

Show 15 more

WARNINGSecurityNonce verification recommended21

Category: Security
Occurrences: 21
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

ERRORSecurityDatabase parameter is not escaped16

Category: Security
Occurrences: 16
Severity: error

Sample message

Unescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 22.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORMaintainabilitycurl curl exec5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_exec

ERRORMaintainabilitycurl curl init5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_init

ERRORMaintainabilityNo Explicit Version5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_enqueue_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.

WordPress.WP.EnqueuedResourceParameters.NoExplicitVersion

WARNINGMaintainabilityNon-prefixed function4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "__".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

ERRORMaintainabilitycurl curl close4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_close

ERRORMaintainabilitycurl curl setopt4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_setopt

ERRORMaintainabilitycurl curl setopt array4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_setopt_array

WARNINGSecurityUnfinished Prepare3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare

ERRORMaintainabilitycurl curl errno3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_errno

ERRORMaintainabilitycurl curl error3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_error

ERRORMaintainabilityMissing direct file access protection3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGMaintainabilityNon-prefixed constant2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "PLUGIN_NOM_LANG".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound

WARNINGMaintainabilityerror log print r2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

External Connections

Potential connections found in static code analysis.

27 domains

Outbound calls

External assets

Incoming endpoints

Notable Domains

en.wikipedia.org6 · outbound

developers.google.com4 · outbound

apache.org3 · outbound

dashboard.clearbit.com3 · outbound

stackoverflow.com3 · outbound

twitter.com3 · outbound

Platform / Reference Domains

github.com9 · platform/reference

codex.wordpress.org3 · platform/reference

gnu.org1 · platform/reference

External Asset Domains

google.com10 · asset + outbound

ajax.googleapis.com1 · asset

Incoming Endpoints

wp_ajax_nopriv_mon_actionpublic

wp_ajax

wp_ajax_nopriv_sellsy_my_frontend_actionpublic

wp_ajax

Admin AJAX endpoints3

wp_ajax_mon_actionauthenticated

wp_ajax

wp_ajax_sellsy_my_backend_actionauthenticated

wp_ajax

wp_ajax_sellsy_my_frontend_actionauthenticated

wp_ajax

Score History

First score snapshot

yesterday

v2.4.0

Latest

Findings: 1,076
Errors: 586
Warnings: 490
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	22	1,076	586	490	v2.4.0	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

36 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

Related Plugins

Contact Form Query

1k+ active installs

100

LeadConnector

20k+ active installs

100

Improving Search Form Accessibility

700 active installs

Jobber

1k+ active installs

Masks Form Fields

9k+ active installs

SpreadsheetConverter Calculator

600 active installs