file manager provides you ability to edit, delete, upload, download, copy and paste files and folders.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
566
17 issue groups
Security
489
8 issue groups
ERRORSecurityUnsafe printing functionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.158
- Category
- Security
- Occurrences
- 158
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.84
- Category
- Maintainability
- Occurrences
- 84
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
WARNINGSecurityRequest data is not unslashed$_GET['code'] not unslashed before sanitization. Use wp_unslash() or similar80
- Category
- Security
- Occurrences
- 80
- Severity
- warning
Sample message
$_GET['code'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().63
- Category
- Maintainability
- Occurrences
- 63
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$access_folder".61
- Category
- Maintainability
- Occurrences
- 61
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$access_folder".
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.59
- Category
- Security
- Occurrences
- 59
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilitybadly named filesFile and folder names must not contain spaces or special characters.58
- Category
- Maintainability
- Occurrences
- 58
- Severity
- error
Sample message
File and folder names must not contain spaces or special characters.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_FILES['content']['tmp_name']57
- Category
- Security
- Occurrences
- 57
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_FILES['content']['tmp_name']
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$access_folder'.54
- Category
- Security
- Occurrences
- 54
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$access_folder'.
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_FILES['content']['tmp_name']. Check that the array index exists before using it.53
- Category
- Security
- Occurrences
- 53
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_FILES['content']['tmp_name']. Check that the array index exists before using it.
Show 15 moreShow less
ERRORMaintainabilityfile system operations fopen46
- Category
- Maintainability
- Occurrences
- 46
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilitywp function not compatible with requires wp36
- Category
- Maintainability
- Occurrences
- 36
- Severity
- error
Sample message
Function "register_rest_route()" requires WordPress 4.4.0, but your plugin minimum supported version is WordPress 4.0.0.
ERRORMaintainabilitycurl curl setopt34
- Category
- Maintainability
- Occurrences
- 34
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilityfile system operations fread28
- Category
- Maintainability
- Occurrences
- 28
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().
ERRORMaintainabilityfile system operations is writable27
- Category
- Maintainability
- Occurrences
- 27
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
WARNINGMaintainabilityprevent path disclosure error reporting19
- Category
- Maintainability
- Occurrences
- 19
- Severity
- warning
Sample message
error_reporting() can lead to full path disclosure.
ERRORMaintainabilityfile system operations mkdir19
- Category
- Maintainability
- Occurrences
- 19
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().
WARNINGMaintainabilityDirect Query16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
ERRORMaintainabilitycurl curl setopt array16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
WARNINGMaintainabilityNo Caching15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORMaintainabilitydate date15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilitycurl curl init15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
WARNINGMaintainabilityDiscouraged PHP function14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
The use of function ini_set() is discouraged
ERRORSecurityException output is not escaped14
- Category
- Security
- Occurrences
- 14
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$err'.
WARNINGSecurityMissing nonce verification14
- Category
- Security
- Occurrences
- 14
- Severity
- warning
Sample message
Processing form data without nonce verification.
External Connections
Not analyzed yet.
Score History
First score snapshot
v8.0.4
22
Latest
- Findings
- 1,260
- Errors
- 740
- Warnings
- 520
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 22 | 1,260 | 740 | 520 | v8.0.4 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Plugin
Author
Category
Issue
Related
Plugin
Author
Category
Issue
Related
Related Plugins
2k+ active installs
8k+ active installs
3k+ active installs
20k+ active installs
6k+ active installs
10k+ active installs