TopList.cz is a popular web analytics service in Czech Republic. This plugin is for easy integration of your WordPress blog into this service.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
115
5 issue groups
Maintainability
16
9 issue groups
I18n
11
4 issue groups
Repo Compliance
3
3 issue groups
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style type=\"text/css\">\n'.103
- Category
- Security
- Occurrences
- 103
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<style type=\"text/css\">\n'.
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.9
- Category
- Security
- Occurrences
- 9
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
ERRORMaintainabilityOffloaded ContentOffloading images, js, css, and other scripts to your servers or any remote service is disallowed.4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().4
- Category
- I18n
- Occurrences
- 4
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
ERRORI18nNon Singular String Literal TextThe $text parameter must be a single text string literal. Found: self::_not_found_string4
- Category
- I18n
- Occurrences
- 4
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: self::_not_found_string
ERRORMaintainabilityForbidden PHP function foundThe use of function create_function() is forbidden2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
The use of function create_function() is forbidden
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Show 11 moreShow less
WARNINGSecurityInput is not sanitized1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['password']
WARNINGSecurityInput is not validated1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['password']. Check that the array index exists before using it.
WARNINGSecurityRequest data is not unslashed1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
$_POST['password'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilitystrip tags strip tags1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
WARNINGMaintainabilityMissing Version1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.
ERRORMaintainabilityNo Explicit Version1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_register_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.
ERRORI18nUnordered Placeholders Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s, %3$s", but got "%s, %s, %s" in 'Your ID on <a href="https://www.%server%" target="_blank">www.%server%</a> server. If you don\'t have one yet, please <a href="https://www.%server%/edit/?a=e" target="_blank">register</a>.'.
ERRORMaintainabilityMissing direct file access protection1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORRepo Complianceno license1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.
ERRORRepo Complianceoutdated tested upto header1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Tested up to: 4.7 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
WARNINGRepo Compliancereadme parser warnings too many tags1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
One or more tags were ignored. Please limit your plugin to 5 tags.
External Connections
Potential connections found in static code analysis.
Outbound calls
3
External assets
4
Incoming endpoints
2
Notable Domains
Platform / Reference Domains
External Asset Domains
Incoming Endpoints
No public endpoints detected.
Admin AJAX endpoints2
wp_ajax
wp_ajax
Score History
First score snapshot
v4.2
38
Latest
- Findings
- 145
- Errors
- 138
- Warnings
- 7
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 38 | 145 | 138 | 7 | v4.2 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.