The #1 WooCommerce shipment tracking plugin. Add tracking, auto-update order status, send branded emails. 950+ carriers. Trusted by 60,000+ stores.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
I18n
604
5 issue groups
Maintainability
415
15 issue groups
Security
273
5 issue groups
ERRORI18nMissing Arg DomainMissing $domain parameter in function call to __().230
- Category
- I18n
- Occurrences
- 230
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
ERRORI18nNon Singular String Literal TextThe $text parameter must be a single text string literal. Found: $added['provider_name']225
- Category
- I18n
- Occurrences
- 225
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: $added['provider_name']
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$addon".119
- Category
- Maintainability
- Occurrences
- 119
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$addon".
WARNINGSecurityRequest data is not unslashed$_GET['_shop_order_shipping_provider'] not unslashed before sanitization. Use wp_unslash() or similar87
- Category
- Security
- Occurrences
- 87
- Severity
- warning
Sample message
$_GET['_shop_order_shipping_provider'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORI18nText Domain MismatchMismatched text domain. Expected 'woo-advanced-shipment-tracking' but got ''.82
- Category
- I18n
- Occurrences
- 82
- Severity
- error
Sample message
Mismatched text domain. Expected 'woo-advanced-shipment-tracking' but got ''.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['_shop_order_shipping_provider']80
- Category
- Security
- Occurrences
- 80
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['_shop_order_shipping_provider']
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.75
- Category
- Maintainability
- Occurrences
- 75
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().72
- Category
- Maintainability
- Occurrences
- 72
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: $text_domin63
- Category
- I18n
- Occurrences
- 63
- Severity
- error
Sample message
The $domain parameter must be a single text string literal. Found: $text_domin
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.53
- Category
- Security
- Occurrences
- 53
- Severity
- warning
Sample message
Processing form data without nonce verification.
Show 15 moreShow less
WARNINGMaintainabilityNon-prefixed hook name52
- Category
- Maintainability
- Occurrences
- 52
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "ast_addon_license_form".
WARNINGSecurityUnquoted Complex Placeholder45
- Category
- Security
- Occurrences
- 45
- Severity
- warning
Sample message
Complex placeholders used for values in the query string in $wpdb->prepare() will NOT be quoted automagically. Found: %1s.
ERRORMaintainabilityMissing direct file access protection20
- Category
- Maintainability
- Occurrences
- 20
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilityNon-prefixed class15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- warning
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "AST_Integration".
WARNINGMaintainabilitySchema Change14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
Attempting a database schema change is discouraged.
WARNINGMaintainabilityNon-prefixed function10
- Category
- Maintainability
- Occurrences
- 10
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "ast_add_tracking_number".
WARNINGMaintainabilityNot In Footer9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORSecurityOutput is not escaped8
- Category
- Security
- Occurrences
- 8
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
ERRORMaintainabilityfile system operations is writable8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
WARNINGMaintainabilityslow db query meta key6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
Detected usage of meta_key, possible slow query.
WARNINGMaintainabilityslow db query meta value5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Detected usage of meta_value, possible slow query.
ERRORMaintainabilitystrip tags strip tags5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
ERRORI18nMissing Translators Comment4
- Category
- I18n
- Occurrences
- 4
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityNon-prefixed constant3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "AST_FREE_PLUGIN_ACCESS".
WARNINGMaintainabilityslow db query meta query2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
Score History
First score snapshot
v3.9.2
24
Latest
- Findings
- 1,305
- Errors
- 654
- Warnings
- 651
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 24 | 1,305 | 654 | 651 | v3.9.2 | 2.0.0 |
Related Plugins
1k+ active installs
10k+ active installs
1k+ active installs
5k+ active installs
3k+ active installs