Supplier Order Email

Sends an automatic order emails to the suppliers to send the corresponding products to the customer.

v3.6.16MCI DesarrolloUpdated 9 days agoAdded 6 years ago400 installs98% rating100% support resolved

emails order order email order supplier suppliers

Score

Errors

105

Warnings

Change

Category Scores

Security0

Repo91

Performance100

Maintainability61

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

159 findings

Security

10 issue groups

Maintainability

14 issue groups

Repo Compliance

1 issue group

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<select name='$taxonomy' id='$taxonomy' class='postform'>"'.29

Category: Security
Occurrences: 29
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<select name='$taxonomy' id='$taxonomy' class='postform'>"'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGSecurityRequest data is not unslashed$_GET[$taxonomy] not unslashed before sanitization. Use wp_unslash() or similar22

Category: Security
Occurrences: 22
Severity: warning

Sample message

$_GET[$taxonomy] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.17

Category: Security
Occurrences: 17
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

ERRORMaintainabilitywp function not compatible with requires wpFunction "determine_locale()" requires WordPress 5.0.0, but your plugin minimum supported version is WordPress 4.6.0.14

Category: Maintainability
Occurrences: 14
Severity: error

Sample message

Function "determine_locale()" requires WordPress 5.0.0, but your plugin minimum supported version is WordPress 4.6.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.10

Category: Maintainability
Occurrences: 10
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().10

Category: Maintainability
Occurrences: 10
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET[$taxonomy]9

Category: Security
Occurrences: 9
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET[$taxonomy]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $tabla_mcisoe_options used in $wpdb->get_var()\n$tabla_mcisoe_options assigned unsafely at line 135.6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Unescaped parameter $tabla_mcisoe_options used in $wpdb->get_var()\n$tabla_mcisoe_options assigned unsafely at line 135.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $tabla_mcisoe_options at "SHOW TABLES LIKE '$tabla_mcisoe_options'"6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $tabla_mcisoe_options at "SHOW TABLES LIKE '$tabla_mcisoe_options'"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".5

Category: Maintainability
Occurrences: 5
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

Show 15 more

WARNINGSecurityNonce verification recommended5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilityNon-prefixed class3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "CheckLicenseLemonMci".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound

WARNINGSecurityInput is not validated3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET['soe_nonce']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

ERRORMaintainabilityparse url parse url3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url

WARNINGMaintainabilityMissing Version3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

WARNINGMaintainabilitySchema Change2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

ERRORMaintainabilityfile system operations rmdir2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().

WordPress.WP.AlternativeFunctions.file_system_operations_rmdir

ERRORMaintainabilityunlink unlink2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink

ERRORSecuritySQL query is not prepared1

Category: Security
Occurrences: 1
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $term_id_list

WordPress.DB.PreparedSQL.NotPrepared

WARNINGMaintainabilityNon-prefixed constant1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "MCI_API_KEY".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound

WARNINGMaintainabilityNon-prefixed global variable1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$supplier".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecuritywp redirect wp redirect1

Category: Security
Occurrences: 1
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

ERRORMaintainabilityfile system operations mkdir1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().

WordPress.WP.AlternativeFunctions.file_system_operations_mkdir

ERRORMaintainabilityNon Enqueued Stylesheet1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Stylesheets must be registered/enqueued via wp_enqueue_style()

WordPress.WP.EnqueuedResources.NonEnqueuedStylesheet

ERRORRepo Complianceplugin header no license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_license Reference

External Connections

Potential connections found in static code analysis.

31 domains

Outbound calls

300

External assets

Incoming endpoints

Notable Domains

mci-desarrollo.es7 · outbound

api.lemonsqueezy.com4 · outbound

api.mci-desarrollo.es4 · outbound

php.net3 · outbound

drafts.csswg.org2 · outbound

en.wikipedia.org2 · outbound

Platform / Reference Domains

w3.org152 · platform/reference

github.com48 · platform/reference

gnu.org47 · platform/reference

wordpress.org2 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

today

v3.6.16

Latest

Findings: 159
Errors: 54
Warnings: 105
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
todayLatest	36	159	54	105	v3.6.16	2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Loading map

PluginAuthorCategoryIssueDomainRelated

Relationship links

Issue

Domain

900 active installs

WP Taxonomy Order

1k+ active installs

Categories in Hierarchical Order

2k+ active installs

Zone Manager (Zoninator)

1k+ active installs

Default Sort Ascend

500 active installs

WC Minimum Order Amount

3k+ active installs

Supplier Order Email

Category Scores

Issues to Review

External Connections

Notable Domains

Platform / Reference Domains

External Asset Domains

Incoming Endpoints

Score History

Relationship Map

Plugin

Author

Category

Issue

Domain

Related

Plugin

Author

Category

Issue

Domain

Related

Related Plugins