Add custom tooltip automatically for post's content/title/tag/excerpt/gallery/menu, easily add image / video / audio / social/link tooltips
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
363
9 issue groups
Maintainability
174
12 issue groups
I18n
18
4 issue groups
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$adminTip'.262
- Category
- Security
- Occurrences
- 262
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$adminTip'.
WARNINGSecurityRequest data is not unslashed$_GET['post_type'] not unslashed before sanitization. Use wp_unslash() or similar67
- Category
- Security
- Occurrences
- 67
- Severity
- warning
Sample message
$_GET['post_type'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "add_tooltips_post_type".63
- Category
- Maintainability
- Occurrences
- 63
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "add_tooltips_post_type".
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "action_after_showtooltips".33
- Category
- Maintainability
- Occurrences
- 33
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "action_after_showtooltips".
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$disableTooltipandEnableGlossary".26
- Category
- Maintainability
- Occurrences
- 26
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$disableTooltipandEnableGlossary".
WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.12
- Category
- Maintainability
- Occurrences
- 12
- Severity
- warning
Sample message
Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $limit_sql9
- Category
- Security
- Occurrences
- 9
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $limit_sql
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $limit_sql at ORDER BY wposts.post_title ASC $limit_sql \n6
- Category
- Security
- Occurrences
- 6
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $limit_sql at ORDER BY wposts.post_title ASC $limit_sql \n
Show 15 moreShow less
WARNINGMaintainabilityNot In Footer6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_register_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
ERRORI18nText Domain Mismatch6
- Category
- I18n
- Occurrences
- 6
- Severity
- error
Sample message
Mismatched text domain. Expected 'wordpress-tooltips' but got 'member-directory'.
ERRORMaintainabilityShort PHP open tag found5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Short PHP opening tag used with echo; expected "<?php echo $title ..." but found "<?= $title ..."
WARNINGSecurityInput is not validated5
- Category
- Security
- Occurrences
- 5
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['glossaryIndexPageTermFontSize']. Check that the array index exists before using it.
ERRORI18nNon Singular String Literal Text5
- Category
- I18n
- Occurrences
- 5
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: " <font color='gray'><i>(please check 'How to Use Language Addon to Custom Language of Your Glossary' in <a href='". esc_url($knowledgeBaseURL)."' target='_blank'>'Knowledge Base'</a> menu first )</i></font>"
ERRORMaintainabilitywp function not compatible with requires wp5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Function "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.8.0.
ERRORSecurityDatabase parameter is not escaped4
- Category
- Security
- Occurrences
- 4
- Severity
- error
Sample message
Unescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 1959.
WARNINGSecurityMissing nonce verification4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityNonce verification recommended4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORI18nMissing Arg Domain4
- Category
- I18n
- Occurrences
- 4
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
ERRORI18nInterpolated Variable Text3
- Category
- I18n
- Occurrences
- 3
- Severity
- error
Sample message
The $text parameter must not contain interpolated variables or expressions. Found: $checkImportedTooltipsURL
WARNINGSecurityInput is not sanitized2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_FILES['tooltips_csv_upload_file']
ERRORMaintainabilityrand mt rand2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
mt_rand() is discouraged. Use the far less predictable wp_rand() instead.
ERRORMaintainabilitylibrary core files2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Library files that are already in the WordPress core are not permitted.
WARNINGMaintainabilitytrademarked term2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "Tooltips for Wordpress" - contains the restricted term "wordpress" which cannot be used at all in your plugin name.
Score History
First score snapshot
v10.9.3
31
Latest
- Findings
- 564
- Errors
- 312
- Warnings
- 252
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 31 | 564 | 312 | 252 | v10.9.3 | 2.0.0 |
Related Plugins
3k+ active installs
1k+ active installs
2k+ active installs
3k+ active installs
2k+ active installs
8k+ active installs