Simple Client Dashboard

Restrict permissions with Simple Client Dashboard. Our new "Admin" user role between Administrator and Editor is perfect for clients and Webmasters.

v2.1.7.26TylerDigitalUpdated 2 months agoAdded 13 years ago2k+ installs90% rating

Client Restrict access admin role user

Score

Errors

Warnings

Change

Category Scores

Security16

Repo86

Performance100

Maintainability74

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

74 findings

Maintainability

10 issue groups

Security

6 issue groups

I18n

2 issue groups

Repo Compliance

3 issue groups

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;19

Category: Maintainability
Occurrences: 19
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.10

Category: Security
Occurrences: 10
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

ERRORMaintainabilitywp function not compatible with requires wpFunction "get_site_icon_url()" requires WordPress 4.3.0, but your plugin minimum supported version is WordPress 3.5.0.7

Category: Maintainability
Occurrences: 7
Severity: error

Sample message

Function "get_site_icon_url()" requires WordPress 4.3.0, but your plugin minimum supported version is WordPress 3.5.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.5

Category: Security
Occurrences: 5
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['page']4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['page']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityRequest data is not unslashed$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar4

Category: Security
Occurrences: 4
Severity: warning

Sample message

$_GET['page'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().4

Category: I18n
Occurrences: 4
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.3

Category: Security
Occurrences: 3
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORI18nText Domain MismatchMismatched text domain. Expected 'webmaster-user-role' but got 'invicta_dictionary'.3

Category: I18n
Occurrences: 3
Severity: error

Sample message

Mismatched text domain. Expected 'webmaster-user-role' but got 'invicta_dictionary'.

WordPress.WP.I18n.TextDomainMismatch Reference

WARNINGMaintainabilityNo PHP code foundNo PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.

Internal.NoCodeFound

Show 11 more

WARNINGSecurityInput is not validated2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_HOST']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGMaintainabilityMissing Version2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Resource version not set in call to wp_register_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

WARNINGMaintainabilityDirect Query1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo Caching1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGMaintainabilityerror log print r1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

WARNINGMaintainabilityNot In Footer1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

In footer ($in_footer) is not set explicitly wp_register_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter

WARNINGMaintainabilitymismatched plugin name1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Plugin name "Simple Client Dashboard" is different from the name declared in plugin header "Simple Client Dashboard - WP Limited Admin User Role".

mismatched_plugin_name Reference

ERRORRepo Complianceno license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License". Please update your readme with a valid GPLv2 (or later) compatible license.

no_license Reference

ERRORRepo Complianceplugin header no license1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_license Reference

WARNINGRepo Compliancereadme parser warnings too many tags1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags

WARNINGMaintainabilitytrademarked term1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "Simple Client Dashboard - WP Limited Admin User Role" - contains the restricted term "wp" which cannot be used at all in your plugin name.

trademarked_term

Score History

First score snapshot

2 days ago

v2.1.7.26

Latest

Findings: 74
Errors: 38
Warnings: 36
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	47	74	38	36	v2.1.7.26	2.0.0

Related Plugins

PufferDesk

0 active installs

100

Redux Framework

900k+ active installs

100

Simply Show Hooks

2k+ active installs

100

Hide WP Admin Notifications

1k+ active installs

One Click Close Comments

4k+ active installs

Plugin Report

1k+ active installs