Payment Gateway – nexi Alpha Bank for WooCommerce

This Plugin adds Alpha Bank paycenter as a payment gateway for WooCommerce.

v2.0.4Papaki (Enartia S.A.)Updated 2 years agoAdded 7 years ago1k+ installs86% rating0% support resolved

alpha alphabank ecommerce payment gateway woocommerce

Score

Errors

Warnings

Change

Category Scores

Security0

Repo91

Performance100

Maintainability83

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

73 findings

Security

7 issue groups

Maintainability

8 issue groups

I18n

3 issue groups

Repo Compliance

2 issue groups

WARNINGSecurityMissingProcessing form data without nonce verification.13

Category: Security
Occurrences: 13
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$doseis_field'.11

Category: Security
Occurrences: 11
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$doseis_field'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

ERRORI18nNon Singular String Literal TextThe $text parameter must be a single text string literal. Found: $client_message9

Category: I18n
Occurrences: 9
Severity: error

Sample message

The $text parameter must be a single text string literal. Found: $client_message

WordPress.WP.I18n.NonSingularStringLiteralText Reference

WARNINGMaintainabilityerror log error logerror_log() found. Debug code should not normally be used in production.7

Category: Maintainability
Occurrences: 7
Severity: warning

Sample message

error_log() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_error_log

WARNINGSecurityMissing Unslash$_POST[$field] not unslashed before sanitization. Use wp_unslash() or similar6

Category: Security
Occurrences: 6
Severity: warning

Sample message

$_POST[$field] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORSecurityException Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'mb_strlen'.4

Category: Security
Occurrences: 4
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'mb_strlen'.

WordPress.Security.EscapeOutput.ExceptionNotEscaped Reference

WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_POST['digest']. Check that the array index exists before using it.4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['digest']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

Show 10 more

WARNINGSecuritywp redirect wp redirect2

Category: Security
Occurrences: 2
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

WARNINGI18nload plugin textdomain Found1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

WARNINGMaintainabilitySchema Change1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

ERRORMaintainabilitydate date1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

WARNINGSecurityInput Not Sanitized1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST[$field]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORI18nMissing Arg Domain1

Category: I18n
Occurrences: 1
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

ERRORMaintainabilitymissing direct file access protection1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORRepo Compliancemissing readme header tested1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

The "Tested up to" header is missing in the readme file.

missing_readme_header_tested Reference

WARNINGRepo Compliancereadme parser warnings no short description present1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

The "Short Description" section is missing. An excerpt was generated from your main plugin description.

readme_parser_warnings_no_short_description_present

WARNINGMaintainabilitytrademarked term1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The plugin slug includes a restricted term. Your plugin slug - "woo-alpha-bank-payment-gateway" - contains the restricted term "woo" and cannot be used to begin your plugin slug. We disallow the use of certain terms in ways that are abused, or potentially infringe on and/or are misleading with regards to trademarks. You may use the term "woo" elsewhere in your plugin slug, such as "... for woo".

trademarked_term

Score History

First score snapshot

yesterday

v2.0.4

Latest

Findings: 73
Errors: 28
Warnings: 45
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	40	73	28	45	v2.0.4	2.0.0

Related Plugins

GetResponse Official

4k+ active installs

100

Paystack WooCommerce Payment Gateway

30k+ active installs

100

Fr Custom Payment Gateway Icon for WooCommerce

2k+ active installs

Payment Gateways by User Roles for WooCommerce

3k+ active installs

Quiz Builder for WooCommerce – Product Recommendations

2k+ active installs

toyyibPay for WooCommerce

6k+ active installs