Enhance your website with UiCore Elements – a free plugin offering diverse widgets for effortless design enrichment.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
25
3 issue groups
Performance
15
2 issue groups
Maintainability
15
7 issue groups
I18n
4
2 issue groups
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$id'.21
- Category
- Security
- Occurrences
- 21
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$id'.
WARNINGPerformancePost Not In excludeUsing exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.14
- Category
- Performance
- Occurrences
- 14
- Severity
- warning
Sample message
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WARNINGMaintainabilityslow db query tax queryDetected usage of tax_query, possible slow query.6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
Detected usage of tax_query, possible slow query.
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "woocommerce_loop_add_to_cart_link".2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "woocommerce_loop_add_to_cart_link".
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET[$arg]2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET[$arg]
WARNINGSecurityRequest data is not unslashed$_GET[$arg] not unslashed before sanitization. Use wp_unslash() or similar2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
$_GET[$arg] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityDiscouraged PHP functionwp_reset_query() is discouraged. Use wp_reset_postdata() instead.2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
wp_reset_query() is discouraged. Use wp_reset_postdata() instead.
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
ERRORI18nText Domain MismatchMismatched text domain. Expected 'uicore-elements' but got 'textdomain'.2
- Category
- I18n
- Occurrences
- 2
- Severity
- error
Sample message
Mismatched text domain. Expected 'uicore-elements' but got 'textdomain'.
ERRORMaintainabilitywp function not compatible with requires wpFunction "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 4.6.0.2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Function "str_contains()" requires WordPress 5.9.0, but your plugin minimum supported version is WordPress 4.6.0.
Show 4 moreShow less
ERRORMaintainabilitydate date1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
WARNINGPerformancePost Not In post not in1
- Category
- Performance
- Occurrences
- 1
- Severity
- warning
Sample message
Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WARNINGMaintainabilitymismatched plugin name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Plugin name "UiCore Elements – Free widgets and templates for Elementor" is different from the name declared in plugin header "UiCore Elements".
ERRORMaintainabilityMissing direct file access protection1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
External Connections
Not analyzed yet.
Score History
First score snapshot
v1.3.15
58
Latest
- Findings
- 59
- Errors
- 29
- Warnings
- 30
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 58 | 59 | 29 | 30 | v1.3.15 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
1k+ active installs
20k+ active installs
400 active installs
700 active installs
800 active installs