Discussion Board – WordPress Forum Plugin

Discussion Board is a simple, effective way to add a forum or discussion board to your site, helping you build and engage an active community.

v2.5.9Marketing FireUpdated Added 2k+ installs92% rating
31
Score
105
Errors
153
Warnings
+0
Change

Category Scores

Security0
Repo94
Performance100
Maintainability33

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

258 findings

Security

167

9 issue groups

Maintainability

56

12 issue groups

I18n

20

4 issue groups

WARNINGSecurityRequest data is not unslashed$_GET['activate_code'] not unslashed before sanitization. Use wp_unslash() or similar39
Category
Security
Occurrences
39
Severity
warning

Sample message

$_GET['activate_code'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['activate_code']31
Category
Security
Occurrences
31
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['activate_code']

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<p>$notice</p>"'.30
Category
Security
Occurrences
30
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<p>$notice</p>"'.

WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_POST[&#039;confirm&#039;]. Check that the array index exists before using it.24
Category
Security
Occurrences
24
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST[&#039;confirm&#039;]. Check that the array index exists before using it.

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.17
Category
Security
Occurrences
17
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.10
Category
Security
Occurrences
10
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.10
Category
Security
Occurrences
10
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORI18nText Domain MismatchMismatched text domain. Expected 'wp-discussion-board' but got 'discussion-board-pro'.9
Category
I18n
Occurrences
9
Severity
error

Sample message

Mismatched text domain. Expected 'wp-discussion-board' but got 'discussion-board-pro'.

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;comment_form_submit_button&quot;.8
Category
Maintainability
Occurrences
8
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;comment_form_submit_button&quot;.

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$admin_components&quot;.8
Category
Maintainability
Occurrences
8
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$admin_components&quot;.

Show 15 more
ERRORMaintainabilityMissing direct file access protection8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

ERRORMaintainabilityShort PHP open tag found6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Short PHP opening tag used with echo; expected "<?php echo $recaptcha ..." but found "<?= $recaptcha ..."

ERRORMaintainabilitydate date6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

ERRORI18nMissing Translators Comment6
Category
I18n
Occurrences
6
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

ERRORMaintainabilitycurl curl setopt4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERRORMaintainabilitystrip tags strip tags4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

ERRORSecuritySetting is missing a sanitization callback3
Category
Security
Occurrences
3
Severity
error

Sample message

Sanitization missing for register_setting().

WARNINGMaintainabilityNon-prefixed constant3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;DB_PLUGIN_DIR&quot;.

WARNINGSecuritywp redirect wp redirect3
Category
Security
Occurrences
3
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the &quot;allowed_redirect_hosts&quot; filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

ERRORMaintainabilityNon Enqueued Script3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

ERRORI18nUnordered Placeholders Text3
Category
I18n
Occurrences
3
Severity
error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in '%sFuseWP%s Automatically Sync WordPress Users, customers, and members in ecommerce and membership plugins with your CRM and Email Marketing software.'.

WARNINGMaintainabilityDiscouraged PHP function2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

wp_reset_query() is discouraged. Use wp_reset_postdata() instead.

WARNINGMaintainabilityNot In Footer2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

ERRORI18nMissing Arg Domain2
Category
I18n
Occurrences
2
Severity
error

Sample message

Missing $domain parameter in function call to __().

WARNINGMaintainabilitytrademarked term2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "Discussion Board - WordPress Forum Plugin" - contains the restricted term "plugin" which cannot be used at all in your plugin name.

External Connections

Not analyzed yet.

Score History

First score snapshot

v2.5.9

31

Latest

Findings
258
Errors
105
Warnings
153
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Related Plugins