A powerful WooCommerce dynamic pricing plugin for bulk discounts, free gifts, BOGOs, customer role or groups based deals and much more.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
I18n
61
6 issue groups
Maintainability
39
11 issue groups
Security
31
8 issue groups
ERRORI18nText Domain MismatchMismatched text domain. Expected 'woo-advanced-discounts' but got 'cosh'.51
- Category
- I18n
- Occurrences
- 51
- Severity
- error
Sample message
Mismatched text domain. Expected 'woo-advanced-discounts' but got 'cosh'.
ERRORMaintainabilitywp function not compatible with requires wpFunction "has_shortcode()" requires WordPress 3.6.0, but your plugin minimum supported version is WordPress 3.5.0.15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
Function "has_shortcode()" requires WordPress 3.6.0, but your plugin minimum supported version is WordPress 3.5.0.
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$html'.8
- Category
- Security
- Occurrences
- 8
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$html'.
ERRORI18nMissing Translators CommentA function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.6
- Category
- I18n
- Occurrences
- 6
- Severity
- error
Sample message
A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SESSION['active_discounts']5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_SESSION['active_discounts']
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_SESSION['active_discounts']. Check that the array index exists before using it.4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_SESSION['active_discounts']. Check that the array index exists before using it.
ERRORSecurityDatabase parameter is not escapedUnescaped parameter $sql used in $wpdb->get_var()\n$sql assigned unsafely at line 261.3
- Category
- Security
- Occurrences
- 3
- Severity
- error
Sample message
Unescaped parameter $sql used in $wpdb->get_var()\n$sql assigned unsafely at line 261.
Show 15 moreShow less
ERRORMaintainabilitydate date3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilityMissing direct file access protection3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilitytrademarked term3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "Conditional Discounts for WooCommerce - A simple yet complete woocommerce dynamic pricing plugin" - contains the restricted term "plugin" which cannot be used at all in your plugin name.
WARNINGSecurityInterpolated SQL is not prepared2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $str at "select distinct id from $wpdb->posts where post_parent in($str) and post_type=%s"
ERRORSecuritySQL query is not prepared2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $sql
WARNINGSecurityNonce verification recommended2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityslow db query meta query1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
WARNINGMaintainabilityslow db query tax query1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Detected usage of tax_query, possible slow query.
ERRORMaintainabilityfile system operations fclose1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fopen1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityfile system operations fread1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().
ERRORI18nInterpolated Variable Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The $text parameter must not contain interpolated variables or expressions. Found: $total_max_normal
ERRORI18nMissing Arg Domain1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Missing $domain parameter in function call to _x().
ERRORI18nNon Singular String Literal Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: 'Enable/Disable this feature. %1sShortcode %2s[wad_product_pricing_table product_id="' . $product_id . '"]%3s'
ERRORI18nToo Many Function Args1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Too many parameters passed to function "esc_html__()". Expected: 2 parameters, received: 3
External Connections
Not analyzed yet.
Score History
First score snapshot
v2.32.3
37
Latest
- Findings
- 132
- Errors
- 99
- Warnings
- 33
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 37 | 132 | 99 | 33 | v2.32.3 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Category
Issue
Related
Author
Category
Issue
Related
Related Plugins
1k+ active installs
5k+ active installs
4k+ active installs