PluginScore

WP Compress – Instant Performance & Speed Optimization

Everything you need for a faster website – smart optimization, advanced caching, adaptive images, WebP creation, script improvements, optional CDN del …

v7.00.08AresITUpdated Added 10k+ installs90% rating100% support resolved
cacheimage optimizationperformancespeedwpcompress
23
Score
3,053
Errors
2,384
Warnings
+0
Change

Category Scores

Security0
Repo86
Performance96
Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

5,437 findings

Security

3,202

8 issue groups

I18n

1,345

1 issue group

Maintainability

730

16 issue groups

ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: WPS_IC_TEXTDOMAIN1,345
Category
I18n
Occurrences
1,345
Severity
error

Sample message

The $domain parameter must be a single text string literal. Found: WPS_IC_TEXTDOMAIN

WordPress.WP.I18n.NonSingularStringLiteralDomainReference
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<div class=\"updated\"><p>{$message}</p></div>"'.1,228
Category
Security
Occurrences
1,228
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<div class=\"updated\"><p>{$message}</p></div>"'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGSecurityRecommendedProcessing form data without nonce verification.841
Category
Security
Occurrences
841
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityMissing Unslash$_COOKIE[$cookie_name] not unslashed before sanitization. Use wp_unslash() or similar437
Category
Security
Occurrences
437
Severity
warning

Sample message

$_COOKIE[$cookie_name] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_COOKIE[$cookie_name]284
Category
Security
Occurrences
284
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE[$cookie_name]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_GET[&#039;apikey&#039;]. Check that the array index exists before using it.277
Category
Security
Occurrences
277
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET[&#039;apikey&#039;]. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.140
Category
Maintainability
Occurrences
140
Severity
warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r
WARNINGSecurityMissingProcessing form data without nonce verification.99
Category
Security
Occurrences
99
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;90
Category
Maintainability
Occurrences
90
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORMaintainabilityunlink unlinkunlink() is discouraged. Use wp_delete_file() to delete a file.73
Category
Maintainability
Occurrences
73
Severity
error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink
Show 15 more
WARNINGMaintainabilityDirect Query59
Category
Maintainability
Occurrences
59
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo Caching59
Category
Maintainability
Occurrences
59
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
ERRORMaintainabilitydate date57
Category
Maintainability
Occurrences
57
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date
WARNINGMaintainabilityerror log error log56
Category
Maintainability
Occurrences
56
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_error_log
WARNINGMaintainabilityNot In Footer32
Category
Maintainability
Occurrences
32
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter
ERRORMaintainabilityparse url parse url29
Category
Maintainability
Occurrences
29
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
WARNINGMaintainabilityDiscouraged28
Category
Maintainability
Occurrences
28
Severity
warning

Sample message

The use of function ini_set() is discouraged

Squiz.PHP.DiscouragedFunctions.Discouraged
ERRORMaintainabilityfile system operations mkdir26
Category
Maintainability
Occurrences
26
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().

WordPress.WP.AlternativeFunctions.file_system_operations_mkdir
ERRORSecurityNot Prepared23
Category
Security
Occurrences
23
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $delete

WordPress.DB.PreparedSQL.NotPrepared
ERRORMaintainabilityfile system operations fwrite20
Category
Maintainability
Occurrences
20
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WordPress.WP.AlternativeFunctions.file_system_operations_fwrite
ERRORMaintainabilityfile system operations fopen18
Category
Maintainability
Occurrences
18
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WordPress.WP.AlternativeFunctions.file_system_operations_fopen
ERRORMaintainabilityrand mt rand15
Category
Maintainability
Occurrences
15
Severity
error

Sample message

mt_rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_mt_rand
WARNINGMaintainabilityMissing Version14
Category
Maintainability
Occurrences
14
Severity
warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion
ERRORMaintainabilityNon Enqueued Script14
Category
Maintainability
Occurrences
14
Severity
error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WordPress.WP.EnqueuedResources.NonEnqueuedScript
ERRORSecurityUnescaped DBParameter13
Category
Security
Occurrences
13
Severity
error

Sample message

Unescaped parameter $delete used in $wpdb->query()\n$delete assigned unsafely at line 146.

PluginCheck.Security.DirectDB.UnescapedDBParameter

Score History

First score snapshot

v7.00.08

23

Latest

Findings
5,437
Errors
3,053
Warnings
2,384
Check
2.0.0

Related Plugins

Automatic Cache Flusher for W3 Total Cache

4k+ active installs

100
DietPress

2k+ active installs

100
Disable Emojis (GDPR friendly)

60k+ active installs

100
Embed Optimizer

50k+ active installs

100
Image Placeholders

60k+ active installs

100
Modern Image Formats

100k+ active installs

100