PluginScore

QR Code PicPay for WooCommerce

Add PicPay E-Commerce as payment method in WooCommerce.

v1.2.0Deividson DamasioUpdated Added 600 installs100% rating
paymentpicpaywoocommerce
61
Score
15
Errors
25
Warnings
+0
Change

Category Scores

Security35
Repo94
Performance100
Maintainability88

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

40 findings

Maintainability

21

4 issue groups

Security

12

5 issue groups

I18n

6

3 issue groups

Repo Compliance

1

1 issue group

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$all_plugins".10
Category
Maintainability
Occurrences
10
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$all_plugins".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.9
Category
Maintainability
Occurrences
9
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.5
Category
Security
Occurrences
5
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.3
Category
Security
Occurrences
3
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunctionReference
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.3
Category
I18n
Occurrences
3
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.2
Category
Security
Occurrences
2
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
ERRORI18nUnordered Placeholders TextMultiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'Help us keep the %s plugin free making a donation or rate %s on WordPress.org. Thank you in advance!'.2
Category
I18n
Occurrences
2
Severity
error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'Help us keep the %s plugin free making a donation or rate %s on WordPress.org. Thank you in advance!'.

WordPress.WP.I18n.UnorderedPlaceholdersTextReference
WARNINGI18nDiscouraged text-domain loadingload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFoundReference
WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.1
Category
Security
Occurrences
1
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirectReference
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_X_SELLER_TOKEN']. Check that the array index exists before using it.1
Category
Security
Occurrences
1
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_X_SELLER_TOKEN']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
Show 3 more
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.0 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
WARNINGMaintainabilitytrademarked term1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The plugin slug includes a restricted term. Your plugin slug - "woo-picpay" - contains the restricted term "woo" and cannot be used to begin your plugin slug. We disallow the use of certain terms in ways that are abused, or potentially infringe on and/or are misleading with regards to trademarks. You may use the term "woo" elsewhere in your plugin slug, such as "... for woo".

trademarked_term
ERRORMaintainabilitywp function not compatible with requires wp1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Function "current_datetime()" requires WordPress 5.3.0, but your plugin minimum supported version is WordPress 5.0.0.

wp_function_not_compatible_with_requires_wpReference

External Connections

Potential connections found in static code analysis.

8 domains

Outbound calls

12

External assets

0

Incoming endpoints

0

Notable Domains

appws.picpay.com3 · outbound
app.picpay.com1 · outbound
docs.woocommerce.com1 · outbound
linkedin.com1 · outbound
lojista.picpay.com1 · outbound

Platform / Reference Domains

wordpress.org3 · platform/reference
github.com1 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

First score snapshot

v1.2.0

61

Latest

Findings
40
Errors
15
Warnings
25
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

32 nodes

Related Plugins

Automation Web Platform – Notifications and OTP for WooCommerce, Advanced Country Code

500 active installs

100
Crypto Payment Gateway with Instant Payouts

1k+ active installs

100
EU Withdrawal Compliance

800 active installs

100
Instant Approval Payment Gateway with Instant Payouts

2k+ active installs

100
Kitgenix CAPTCHA for Cloudflare Turnstile

500 active installs

100
Kliken: Ads + Pixel for Meta

40k+ active installs

100