With Tamara Buy Now Pay Later, you can split your payments – totally interest-free. Accepts payments from Mada, Apple Pay, or Credit Cards.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
417
19 issue groups
Security
354
5 issue groups
I18n
6
1 issue group
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"$name not found on class"'.296
- Category
- Security
- Occurrences
- 296
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"$name not found on class"'.
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$alias".93
- Category
- Maintainability
- Occurrences
- 93
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$alias".
ERRORMaintainabilitywp function not compatible with requires wpFunction "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 5.0.0.53
- Category
- Maintainability
- Occurrences
- 53
- Severity
- error
Sample message
Function "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 5.0.0.
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;49
- Category
- Maintainability
- Occurrences
- 49
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilitymysql PDOAccessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: \PDO.47
- Category
- Maintainability
- Occurrences
- 47
- Severity
- error
Sample message
Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: \PDO.
WARNINGMaintainabilityerror log trigger errortrigger_error() found. Debug code should not normally be used in production.32
- Category
- Maintainability
- Occurrences
- 32
- Severity
- warning
Sample message
trigger_error() found. Debug code should not normally be used in production.
WARNINGMaintainabilityNon-prefixed constantGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "U_IDNA_ACE_PREFIX_ERROR".28
- Category
- Maintainability
- Occurrences
- 28
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "U_IDNA_ACE_PREFIX_ERROR".
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$class'.28
- Category
- Security
- Occurrences
- 28
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$class'.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.21
- Category
- Security
- Occurrences
- 21
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilitycurl curl setoptUsing cURL functions is highly discouraged. Use wp_remote_get() instead.19
- Category
- Maintainability
- Occurrences
- 19
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
Show 15 moreShow less
ERRORMaintainabilityfile system operations fopen15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
WARNINGMaintainabilityerror log print r14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
ERRORMaintainabilitydate date13
- Category
- Maintainability
- Occurrences
- 13
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilitystrip tags strip tags8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
ERRORMaintainabilityfile system operations fwrite7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
ERRORMaintainabilityForbidden PHP function found6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
The use of function move_uploaded_file() is forbidden
WARNINGMaintainabilityerror log set error handler6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
set_error_handler() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations fclose6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fread6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().
ERRORI18nMissing Translators Comment6
- Category
- I18n
- Occurrences
- 6
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityDiscouraged PHP function5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
The use of function ini_set() is discouraged
WARNINGSecurityMissing nonce verification5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilitycurl curl getinfo5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilityparse url parse url5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
WARNINGSecuritywp redirect wp redirect4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
Score History
First score snapshot
v1.9.9.20
25
Latest
- Findings
- 829
- Errors
- 601
- Warnings
- 228
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 25 | 829 | 601 | 228 | v1.9.9.20 | 2.0.0 |
Related Plugins
50k+ active installs
1k+ active installs
1k+ active installs
4k+ active installs
3k+ active installs
6k+ active installs