Stream

With Stream, you’re never left in the dark about changes to your WordPress site.

v4.2.0XWPUpdated 28 days agoAdded 13 years ago80k+ installs86% rating0% support resolved

activity logs stream track wp stream

Score

Errors

Warnings

Change

Category Scores

Security43

Repo100

Performance97

Maintainability57

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

123 findings

Maintainability

14 issue groups

Security

4 issue groups

I18n

3 issue groups

Performance

1 issue group

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.21

Category: Maintainability
Occurrences: 21
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().18

Category: Maintainability
Occurrences: 18
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'jetpack_module_configurable_' . $slug".11

Category: Maintainability
Occurrences: 11
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'jetpack_module_configurable_' . $slug".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().10

Category: I18n
Occurrences: 10
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$author".9

Category: Maintainability
Occurrences: 9
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$author".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['order']9

Category: Security
Occurrences: 9
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['order']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityRequest data is not unslashed$_GET['order'] not unslashed before sanitization. Use wp_unslash() or similar9

Category: Security
Occurrences: 9
Severity: warning

Sample message

$_GET['order'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $column used in $wpdb->get_results()\n$column used without escaping.6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Unescaped parameter $column used in $wpdb->get_results()\n$column used without escaping.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;6

Category: Maintainability
Occurrences: 6
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORMaintainabilitywp function not compatible with requires wpFunction "str_starts_with()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 4.6.0.5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Function "str_starts_with()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 4.6.0.

wp_function_not_compatible_with_requires_wp Reference

Show 12 more

WARNINGMaintainabilityslow db query meta value4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Detected usage of meta_value, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_value

WARNINGMaintainabilityslow db query meta key3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key

WARNINGPerformancePost Not In exclude2

Category: Performance
Occurrences: 2
Severity: warning

Sample message

Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.

WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude

WARNINGMaintainabilityupdate modification detected2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_themes

update_modification_detected Reference

ERRORMaintainabilityForbidden PHP function found1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

The use of function get_post_type_labels() is forbidden

Generic.PHP.ForbiddenFunctions.Found

WARNINGMaintainabilitySchema Change1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

WARNINGMaintainabilityNon-prefixed constant1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "WP_NETWORK_ADMIN".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound

WARNINGSecurityInput is not validated1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_REFERER']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

ERRORI18nText Domain Mismatch1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Mismatched text domain. Expected 'stream' but got 'wp_stream'.

WordPress.WP.I18n.TextDomainMismatch Reference

WARNINGI18nText Domain Mismatch1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

Mismatched text domain. Expected 'stream' but got 'default'.

WordPress.WP.I18n.TextDomainMismatch Reference

ERRORMaintainabilityplugin updater detected1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Plugin Updater detected. These are not permitted in WordPress.org hosted plugins. Detected: site_transient_update_plugins

plugin_updater_detected

WARNINGMaintainabilityunexpected markdown file1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Unexpected markdown file "connectors.md" detected in plugin root. Only specific markdown files are expected in production plugins.

unexpected_markdown_file

External Connections

Not analyzed yet.

Score History

First score snapshot

5 days ago

v4.2.0

Latest

Findings: 123
Errors: 24
Warnings: 99
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
5 days agoLatest	60	123	24	99	v4.2.0	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Loading map

PluginAuthorCategoryIssueRelated

Relationship links

Issue

Related Plugins

Counter-Hits

1k+ active installs

Wbcom Designs – Shortcodes & Elementor Widgets For BuddyPress

700 active installs

Waymark

900 active installs

GPX Viewer

900 active installs

WebinarPress – Webinar System for WordPress

900 active installs

Log Emails

6k+ active installs