PluginScore

Text Hover

Add hover text (aka tooltips) to content in posts. Handy for providing explanations of names, terms, phrases, abbreviations, and acronyms.

v4.2Scott ReillyUpdated Added 1k+ installs90% rating
abbreviationsacronymshelptermstooltips
41
Score
44
Errors
13
Warnings
+0
Change

Category Scores

Security0
Repo91
Performance100
Maintainability85

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

57 findings

Security

42

7 issue groups

Maintainability

10

8 issue groups

I18n

3

2 issue groups

Repo Compliance

2

2 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<input type='checkbox' {$attribs} value='{$sopt}' "'.33
Category
Security
Occurrences
33
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<input type='checkbox' {$attribs} value='{$sopt}' "'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3
Category
Security
Occurrences
3
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

WordPress.Security.EscapeOutput.ExceptionNotEscapedReference
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.2
Category
I18n
Occurrences
2
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
ERRORMaintainabilityapplication detectedApplication files are not permitted.2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Application files are not permitted.

application_detected
WARNINGMaintainabilityunexpected markdown fileUnexpected markdown file "DEVELOPER-DOCS.md" detected in plugin root. Only specific markdown files are expected in production plugins.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Unexpected markdown file "DEVELOPER-DOCS.md" detected in plugin root. Only specific markdown files are expected in production plugins.

unexpected_markdown_file
WARNINGI18nDiscouraged text-domain loadingload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFoundReference
ERRORMaintainabilityNot AllowedUse of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead

PluginCheck.CodeAnalysis.Heredoc.NotAllowed
WARNINGMaintainabilityDiscouraged PHP functionThe use of function ini_set() is discouraged1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The use of function ini_set() is discouraged

Squiz.PHP.DiscouragedFunctions.Discouraged
WARNINGMaintainabilityprevent path disclosure error reportingerror_reporting() can lead to full path disclosure.1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

error_reporting() can lead to full path disclosure.

WordPress.PHP.DevelopmentFunctions.prevent_path_disclosure_error_reporting
Show 9 more
ERRORSecurityHeredoc Output Not Escaped1
Category
Security
Occurrences
1
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found interpolation in unescaped heredoc.

WordPress.Security.EscapeOutput.HeredocOutputNotEscapedReference
WARNINGSecurityInput is not sanitized1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER[&#039;PHP_SELF&#039;]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityInput is not validated1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER[&#039;PHP_SELF&#039;]. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGSecurityRequest data is not unslashed1
Category
Security
Occurrences
1
Severity
warning

Sample message

$_SERVER[&#039;PHP_SELF&#039;] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
WARNINGMaintainabilityDeprecated function: add_option_whitelist1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

add_option_whitelist() has been deprecated since WordPress version 5.5.0. Use add_allowed_options() instead.

WordPress.WP.DeprecatedFunctions.add_option_whitelistFound
ERRORMaintainabilityMissing direct file access protection1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 5.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
WARNINGRepo Compliancereadme parser warnings too many tags1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags
ERRORMaintainabilitywp function not compatible with requires wp1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Function "add_allowed_options()" requires WordPress 5.5.0, but your plugin minimum supported version is WordPress 4.9.0.

wp_function_not_compatible_with_requires_wpReference

External Connections

Not analyzed yet.

Score History

First score snapshot

v4.2

41

Latest

Findings
57
Errors
44
Warnings
13
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Related Plugins

Complianz – Terms and Conditions

300k+ active installs

94
Heroic Glossary – Block for building Glossaries, Dictionaries and more

3k+ active installs

86
WP101 Video Tutorial Plugin

10k+ active installs

86
Bulk Term Generator – Import multiple tags, categories, and taxonomies easily

2k+ active installs

66
Beautiful taxonomy filters

2k+ active installs

64
I Order Terms

1k+ active installs

44