Widget Manager Light

Widget Manager lets you control on which pages widgets appear via nice and easy interface. Show or hide widgets. Display relevant content on your page …

v1.18OTWthemesUpdated Added 600 installs76% rating
30
Score
233
Errors
83
Warnings
+0
Change

Category Scores

Security0
Repo83
Performance91
Maintainability43

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

316 findings

I18n

121

2 issue groups

Security

109

7 issue groups

Maintainability

70

14 issue groups

Performance

8

2 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'widget-manager-light' but got 'otw_wml'.103
Category
I18n
Occurrences
103
Severity
error

Sample message

Mismatched text domain. Expected 'widget-manager-light' but got 'otw_wml'.

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$attributes'.70
Category
Security
Occurrences
70
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$attributes'.

ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().18
Category
I18n
Occurrences
18
Severity
error

Sample message

Missing $domain parameter in function call to __().

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;13
Category
Maintainability
Occurrences
13
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

ERRORMaintainabilitywp function not compatible with requires wpFunction "_get_list_table()" requires WordPress 3.1.0, but your plugin minimum supported version is WordPress 3.0.0.12
Category
Maintainability
Occurrences
12
Severity
error

Sample message

Function "_get_list_table()" requires WordPress 3.1.0, but your plugin minimum supported version is WordPress 3.0.0.

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.11
Category
Security
Occurrences
11
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityDeprecated parameter: get_terms parameter 2The parameter "$args" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.9
Category
Maintainability
Occurrences
9
Severity
warning

Sample message

The parameter "$args" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.8
Category
Security
Occurrences
8
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WARNINGMaintainabilityMixed line endingsFile has mixed line endings; this may cause incorrect results7
Category
Maintainability
Occurrences
7
Severity
warning

Sample message

File has mixed line endings; this may cause incorrect results

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SERVER['DOCUMENT_ROOT']7
Category
Security
Occurrences
7
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER['DOCUMENT_ROOT']

Show 15 more
WARNINGSecurityRequest data is not unslashed7
Category
Security
Occurrences
7
Severity
warning

Sample message

$_SERVER['DOCUMENT_ROOT'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGMaintainabilityNot In Footer7
Category
Maintainability
Occurrences
7
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WARNINGMaintainabilityMissing Version6
Category
Maintainability
Occurrences
6
Severity
warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WARNINGPerformancePost Not In exclude5
Category
Performance
Occurrences
5
Severity
warning

Sample message

Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.

ERRORMaintainabilityForbidden PHP function found4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

The use of function eval() is forbidden

WARNINGSecurityNonce verification recommended4
Category
Security
Occurrences
4
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGPerformancePost Not In post not in3
Category
Performance
Occurrences
3
Severity
warning

Sample message

Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.

WARNINGMaintainabilityABSPATHDetected2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Writing files using ABSPATH may be problematic. Consider using wp_upload_dir() instead if storing user data or generated files.

ERRORSecurityUnsafe printing function2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

ERRORMaintainabilityfile system operations fclose2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

ERRORMaintainabilityfile system operations fopen2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

ERRORMaintainabilityfile system operations fwrite2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WARNINGMaintainabilityupdate modification detected2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins

WARNINGMaintainabilityDiscouraged PHP function1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The use of function ini_set() is discouraged

ERRORMaintainabilitydate date1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

External Connections

Potential connections found in static code analysis.

5 domains

Outbound calls

13

External assets

0

Incoming endpoints

2

Notable Domains

otwthemes.com7 · outbound
codecanyon.net2 · outbound
fontawesome.io2 · outbound
themeforest.net1 · outbound

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints2
wp_ajax_otw_wml_items_by_typeauthenticated

wp_ajax

wp_ajax_otw_wml_widget_dialogauthenticated

wp_ajax

Score History

First score snapshot

v1.18

30

Latest

Findings
316
Errors
233
Warnings
83
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

34 nodes

Related Plugins

Default Admin Color Scheme

800 active installs

100
PufferDesk

0 active installs

100
Redux Framework

900k+ active installs

100
Simply Show Hooks

2k+ active installs

100
Add Dashboard Columns

400 active installs

99
Admin Robots.txt Editor

400 active installs

99