PluginScore

Show Pages URL List

Simple plugin that allow you view all the pages urls on your wordpress site

v2.4.2YYDevelopmentUpdated Added 1k+ installs88% rating
pagespages listspages urlshow
40
Score
29
Errors
234
Warnings
+0
Change

Category Scores

Security0
Repo94
Performance100
Maintainability78

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

263 findings

Maintainability

208

4 issue groups

Security

54

8 issue groups

Repo Compliance

1

1 issue group

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$active_search".197
Category
Maintainability
Occurrences
197
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$active_search".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$categories_count'.16
Category
Security
Occurrences
16
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$categories_count'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['nonce']11
Category
Security
Occurrences
11
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['nonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityRequest data is not unslashed$_POST['nonce'] not unslashed before sanitization. Use wp_unslash() or similar11
Category
Security
Occurrences
11
Severity
warning

Sample message

$_POST['nonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $notes_data_base_name8
Category
Security
Occurrences
8
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $notes_data_base_name

WordPress.DB.PreparedSQL.NotPrepared
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
ERRORSecurityDatabase parameter is not escapedUnescaped parameter $notes_data_base_name used in $wpdb->get_row()\n$notes_data_base_name assigned unsafely at line 301.4
Category
Security
Occurrences
4
Severity
error

Sample message

Unescaped parameter $notes_data_base_name used in $wpdb->get_row()\n$notes_data_base_name assigned unsafely at line 301.

PluginCheck.Security.DirectDB.UnescapedDBParameter
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST['pages_search_by']. Check that the array index exists before using it.2
Category
Security
Occurrences
2
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['pages_search_by']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $yydev_theme_db_name used in $wpdb->get_results()1
Category
Security
Occurrences
1
Severity
warning

Sample message

Unescaped parameter $yydev_theme_db_name used in $wpdb->get_results()

PluginCheck.Security.DirectDB.UnescapedDBParameter
Show 3 more
WARNINGSecurityInterpolated SQL is not prepared1
Category
Security
Occurrences
1
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $yydev_theme_db_name at "SELECT page_id FROM $yydev_theme_db_name WHERE page_display = 'blog_page'"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared
WARNINGMaintainabilitymismatched plugin name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "Show Pages URL List" is different from the name declared in plugin header "YYDevelopment - Show Pages URL List".

mismatched_plugin_nameReference
ERRORRepo Complianceplugin header no license1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_licenseReference

External Connections

Potential connections found in static code analysis.

2 domains

Outbound calls

14

External assets

0

Incoming endpoints

2

Notable Domains

yydevelopment.com10 · outbound

Platform / Reference Domains

wordpress.org4 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints2
wp_ajax_yyydev_show_all_pages_url_stop_notice_for_nowauthenticated

wp_ajax

wp_ajax_yyydev_show_all_pages_url_stop_notice_foreverauthenticated

wp_ajax

Score History

First score snapshot

v2.4.2

40

Latest

Findings
263
Errors
29
Warnings
234
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Related Plugins

Hide Drafts in Menus

1k+ active installs

100
Essential Widgets

10k+ active installs

99
Post Tags and Categories for Pages

20k+ active installs

99
Auto SEO

500 active installs

98
Auto Submenu

2k+ active installs

98
No Page Comment

10k+ active installs

98