Surge

Surge is a very simple and fast page caching plugin for WordPress.

v1.2.1Konstantin KovsheninUpdated 2 months agoAdded 5 years ago4k+ installs98% rating

cache caching performance

Score

Errors

Warnings

Change

Category Scores

Security47

Repo91

Performance100

Maintainability51

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

93 findings

Maintainability

13 issue groups

Security

4 issue groups

Repo Compliance

2 issue groups

I18n

1 issue group

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$anchor".29

Category: Maintainability
Occurrences: 29
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$anchor".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;10

Category: Maintainability
Occurrences: 10
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().8

Category: Maintainability
Occurrences: 8
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

WordPress.WP.AlternativeFunctions.file_system_operations_fclose

ERRORMaintainabilityunlink unlinkunlink() is discouraged. Use wp_delete_file() to delete a file.7

Category: Maintainability
Occurrences: 7
Severity: error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink

WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_METHOD']. Check that the array index exists before using it.6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_METHOD']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_SERVER['HTTP_HOST']5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_HOST']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityMissing Unslash$_SERVER['HTTP_HOST'] not unslashed before sanitization. Use wp_unslash() or similar5

Category: Security
Occurrences: 5
Severity: warning

Sample message

$_SERVER['HTTP_HOST'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORMaintainabilityfile system operations fwriteFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WordPress.WP.AlternativeFunctions.file_system_operations_fwrite

ERRORMaintainabilityfile system operations fopenFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WordPress.WP.AlternativeFunctions.file_system_operations_fopen

ERRORMaintainabilityfile system operations freadFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().

WordPress.WP.AlternativeFunctions.file_system_operations_fread

Show 10 more

WARNINGMaintainabilityABSPATHDetected1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Writing files using ABSPATH may be problematic. Consider using wp_upload_dir() instead if storing user data or generated files.

PluginCheck.CodeAnalysis.WriteFile.ABSPATHDetected

ERRORMaintainabilityPlugin Directory Write1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Plugin folders are deleted when upgraded. Do not save data to the plugin folder using copy(). Detected usage of constant WP_CONTENT_DIR. Use wp_upload_dir() to get the uploads directory path or save to the database instead.

PluginCheck.CodeAnalysis.WriteFile.PluginDirectoryWrite

ERRORSecurityOutput Not Escaped1

Category: Security
Occurrences: 1
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'stream_get_contents'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORMaintainabilityfile system operations is writable1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().

WordPress.WP.AlternativeFunctions.file_system_operations_is_writable

ERRORMaintainabilityfile system operations rmdir1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().

WordPress.WP.AlternativeFunctions.file_system_operations_rmdir

ERRORMaintainabilityparse url parse url1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url

ERRORMaintainabilityrename rename1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

rename() is discouraged. Use WP_Filesystem::move() to rename a file.

WordPress.WP.AlternativeFunctions.rename_rename

ERRORI18nMissing Arg Domain1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

ERRORRepo Complianceplugin header no license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_license Reference

WARNINGRepo Complianceplugin header nonexistent domain path1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

The "Domain Path" header in the plugin file must point to an existing folder. Found: "languages"

plugin_header_nonexistent_domain_path Reference

Score History

First score snapshot

yesterday

v1.2.1

Latest

Findings: 93
Errors: 46
Warnings: 47
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	60	93	46	47	v1.2.1	2.0.0

4k+ active installs

100

DietPress

2k+ active installs

100

Disable Emojis (GDPR friendly)

60k+ active installs

100

Embed Optimizer

50k+ active installs

100

Image Placeholders

60k+ active installs

100

Load Combined Core Block Assets

1k+ active installs

100

Surge

Category Scores

Issues to Review

Score History

Related Plugins