Parcel Pro

Parcel Pro heeft een API koppeling ontwikkeld die gelinkt is aan de backoffice van WordPress/WooCommerce. Hiermee kunt u heel gemakkelijk orders inlad …

v1.9.0parcelproUpdated Added 600 installs0% rating
26
Score
171
Errors
220
Warnings
+0
Change

Category Scores

Security0
Repo75
Performance100
Maintainability26

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

391 findings

Security

226

7 issue groups

Maintainability

149

16 issue groups

I18n

8

2 issue groups

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$carrier[$service['id']]'.89
Category
Security
Occurrences
89
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$carrier[$service['id']]'.

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$Custom_services".74
Category
Maintainability
Occurrences
74
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$Custom_services".

WARNINGSecurityRequest data is not unslashed$_GET['id'] not unslashed before sanitization. Use wp_unslash() or similar44
Category
Security
Occurrences
44
Severity
warning

Sample message

$_GET['id'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['id']42
Category
Security
Occurrences
42
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['id']

ERRORMaintainabilityShort PHP open tag foundShort PHP opening tag used with echo; expected "<?php echo PARCELPRO_SHOPSUNITED ..." but found "<?= PARCELPRO_SHOPSUNITED ..."23
Category
Maintainability
Occurrences
23
Severity
error

Sample message

Short PHP opening tag used with echo; expected "<?php echo PARCELPRO_SHOPSUNITED ..." but found "<?= PARCELPRO_SHOPSUNITED ..."

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.23
Category
Security
Occurrences
23
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST[&#039;parcelpro_address_1&#039;]. Check that the array index exists before using it.21
Category
Security
Occurrences
21
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST[&#039;parcelpro_address_1&#039;]. Check that the array index exists before using it.

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;13
Category
Maintainability
Occurrences
13
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

ERRORMaintainabilitycurl curl setoptUsing cURL functions is highly discouraged. Use wp_remote_get() instead.9
Category
Maintainability
Occurrences
9
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORI18nText Domain MismatchMismatched text domain. Expected 'woo-parcel-pro' but got 'woocommerce'.7
Category
I18n
Occurrences
7
Severity
error

Sample message

Mismatched text domain. Expected 'woo-parcel-pro' but got 'woocommerce'.

Show 15 more
WARNINGSecuritywp redirect wp redirect6
Category
Security
Occurrences
6
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the &quot;allowed_redirect_hosts&quot; filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

ERRORMaintainabilitycurl curl close5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilitycurl curl exec5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilitywp function not compatible with requires wp4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

Function "get_current_screen()" requires WordPress 3.1.0, but your plugin minimum supported version is WordPress 3.0.1.

ERRORMaintainabilityOffloaded Content3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.

WARNINGMaintainabilityNon-prefixed hook name3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;admin_print_scripts&quot;.

ERRORMaintainabilitycurl curl getinfo2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilitycurl curl init2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilityNon Enqueued Script2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WARNINGI18nDiscouraged text-domain loading1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

ERRORMaintainabilityOffloaded Content1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Found call to wp_enqueue_style() with external resource. Offloading styles to your servers or any remote service is disallowed.

WARNINGMaintainabilityNon-prefixed function1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: &quot;run_parcelpro&quot;.

WARNINGSecurityNonce verification recommended1
Category
Security
Occurrences
1
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORMaintainabilitycurl curl setopt array1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WARNINGMaintainabilityMissing Version1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

External Connections

Potential connections found in static code analysis.

5 domains

Outbound calls

29

External assets

3

Incoming endpoints

0

Notable Domains

parcelpro.nl22 · outbound
login.parcelpro.nl4 · outbound

Platform / Reference Domains

wordpress.org2 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

code.jquery.com3 · asset

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v1.9.0

26

Latest

Findings
391
Errors
171
Warnings
220
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

27 nodes

Related Plugins

PostNL for WooCommerce

3k+ active installs

34