TrackShip for WooCommerce

TrackShip auto-tracks orders, adds a branded tracking experience to your store and handles all customer touchpoints from shipping to delivery

v2.0.4TrackShipUpdated 1 month agoAdded 5 years ago6k+ installs94% rating100% support resolved

order tracking parcel tracking tracking woocommerce woocommerce shipment tracking

Score

433

Errors

880

Warnings

Change

Category Scores

Security0

Repo100

Performance100

Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

1,313 findings

Maintainability

648

13 issue groups

I18n

341

3 issue groups

Security

298

9 issue groups

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a".307

Category: Maintainability
Occurrences: 307
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().166

Category: I18n
Occurrences: 166
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

ERRORI18nNon Singular String Literal TextThe $text parameter must be a single text string literal. Found: $array['class']164

Category: I18n
Occurrences: 164
Severity: error

Sample message

The $text parameter must be a single text string literal. Found: $array['class']

WordPress.WP.I18n.NonSingularStringLiteralText Reference

WARNINGSecurityMissing Unslash$_COOKIE['Notice'] not unslashed before sanitization. Use wp_unslash() or similar106

Category: Security
Occurrences: 106
Severity: warning

Sample message

$_COOKIE['Notice'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.95

Category: Maintainability
Occurrences: 95
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().91

Category: Maintainability
Occurrences: 91
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityRecommendedProcessing form data without nonce verification.71

Category: Security
Occurrences: 71
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "add_multiple_emails_to_shipment_email".59

Category: Maintainability
Occurrences: 59
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "add_multiple_emails_to_shipment_email".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

ERRORSecurityException Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$bodyArray['error']['message']'.42

Category: Security
Occurrences: 42
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$bodyArray['error']['message']'.

WordPress.Security.EscapeOutput.ExceptionNotEscaped Reference

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['order_id']39

Category: Security
Occurrences: 39
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['order_id']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

Show 15 more

WARNINGMaintainabilityNon Prefixed Class Found28

Category: Maintainability
Occurrences: 28
Severity: warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "TS4WC_Admin_Customizer".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound

ERRORMaintainabilityOffloaded Content14

Category: Maintainability
Occurrences: 14
Severity: error

Sample message

Found call to wp_enqueue_script() with external resource. Offloading scripts to your servers or any remote service is disallowed.

PluginCheck.CodeAnalysis.EnqueuedResourceOffloading.OffloadedContent

WARNINGSecurityInterpolated Not Prepared12

Category: Security
Occurrences: 12
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $column_name at "ALTER TABLE `{$wpdb->prefix}trackship_shipment_meta` ADD `$column_name` $type"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

ERRORSecurityNot Prepared11

Category: Security
Occurrences: 11
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $count_sql

WordPress.DB.PreparedSQL.NotPrepared

WARNINGMaintainabilityNon Prefixed Function Found11

Category: Maintainability
Occurrences: 11
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "WC_TrackShip_Email_Manager".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

ERRORI18nText Domain Mismatch11

Category: I18n
Occurrences: 11
Severity: error

Sample message

Mismatched text domain. Expected 'trackship-for-woocommerce' but got ''.

WordPress.WP.I18n.TextDomainMismatch Reference

WARNINGMaintainabilitySchema Change10

Category: Maintainability
Occurrences: 10
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

ERRORSecurityUnescaped DBParameter9

Category: Security
Occurrences: 9
Severity: error

Sample message

Unescaped parameter $count_sql used in $wpdb->get_var()\n$count_sql assigned unsafely at line 113.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGMaintainabilityerror log print r9

Category: Maintainability
Occurrences: 9
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

WARNINGMaintainabilityslow db query meta query7

Category: Maintainability
Occurrences: 7
Severity: warning

Sample message

Detected usage of meta_query, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_query

WARNINGMaintainabilityslow db query meta key6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key

WARNINGMaintainabilityslow db query meta value6

Category: Maintainability
Occurrences: 6
Severity: warning

Sample message

Detected usage of meta_value, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_value

ERRORMaintainabilitystrip tags strip tags5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags

WARNINGSecurityUnescaped DBParameter4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Unescaped parameter $column_name used in $wpdb->query()\n$column_name assigned unsafely at line 704.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityLike Without Wildcards4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Unless you are using SQL wildcards, using LIKE is inefficient. Use a straight compare instead. Found: LIKE 'delivered'.

WordPress.DB.PreparedSQLPlaceholders.LikeWithoutWildcards

Score History

First score snapshot

today

v2.0.4

Latest

Findings: 1,313
Errors: 433
Warnings: 880
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
todayLatest	25	1,313	433	880	v2.0.4	2.0.0

2k+ active installs

100

Kliken: Ads + Pixel for Meta

40k+ active installs

100

Magnify – Suggestive Search Plugin

3k+ active installs

100

No Shipping Message for WooCommerce

3k+ active installs

100

RY City Select for WooCommerce

2k+ active installs

100

Show only lowest prices in variable products for WooCommerce

7k+ active installs

100

TrackShip for WooCommerce

Category Scores

Issues to Review

Score History

Related Plugins