Allows AJAX requests from other sites to integrate content from your site using the CORS standard.
Prioritized issue groups from the latest Plugin Check scan
Maintainability
15
4 issue groups
Security
13
6 issue groups
I18n
1
1 issue group
Repo Compliance
1
1 issue group
Sample message
error_log() found. Debug code should not normally be used in production.
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$st'.
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['cors_domains']. Check that the array index exists before using it.
Sample message
$_POST['cors_domains'] not unslashed before sanitization. Use wp_unslash() or similar
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "WP-CORS" - contains the restricted term "wp" which cannot be used at all in your plugin name.
Sample message
Detected usage of a non-sanitized input variable: $_SERVER['HTTP_ORIGIN']
Sample message
Sanitization missing for register_setting().
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "register_cors_admin_settings".
Sample message
Processing form data without nonce verification.
Sample message
Missing $domain parameter in function call to __().
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Sample message
Tested up to: 6.2 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.
Not analyzed yet.
First score snapshot
v0.2.2
61
Latest
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 61 | 30 | 7 | 23 | v0.2.2 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.