Redirect to any page or URL, execute scripts after submission, save data to the database, and unlock additional submission actions for Contact Form 7.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
237
19 issue groups
Security
158
5 issue groups
I18n
1
1 issue group
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$action_category".132
- Category
- Maintainability
- Occurrences
- 132
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$action_category".
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.55
- Category
- Security
- Occurrences
- 55
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'themeisle_sdk_license_process_' . $slug".41
- Category
- Maintainability
- Occurrences
- 41
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'themeisle_sdk_license_process_' . $slug".
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.41
- Category
- Security
- Occurrences
- 41
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityRequest data is not unslashed$_GET[$attrs['param']] not unslashed before sanitization. Use wp_unslash() or similar37
- Category
- Security
- Occurrences
- 37
- Severity
- warning
Sample message
$_GET[$attrs['param']] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET[$attrs['param']]22
- Category
- Security
- Occurrences
- 22
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET[$attrs['param']]
ERRORMaintainabilityfile system operations fwriteFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().11
- Category
- Maintainability
- Occurrences
- 11
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
WARNINGMaintainabilityNo PHP code foundNo PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- warning
Sample message
No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.
WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
WARNINGMaintainabilityslow db query meta queryDetected usage of meta_query, possible slow query.5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
Show 15 moreShow less
WARNINGMaintainabilityNon-prefixed function5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "cf7r_tooltip".
ERRORMaintainabilityrand rand4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
rand() is discouraged. Use the far less predictable wp_rand() instead.
WARNINGMaintainabilityDirect Query3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecuritywp redirect wp redirect3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.
ERRORMaintainabilityfile system operations fclose3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityMissing direct file access protection3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGMaintainabilityNon-prefixed class2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "Ext_Accessibe".
WARNINGMaintainabilityNon-prefixed constant2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "CF7_REDIRECT_DEBUG".
ERRORMaintainabilityfile system operations fopen2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
WARNINGMaintainabilityupdate modification detected2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins
ERRORMaintainabilitywp function not compatible with requires wp2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Function "utf8_encode()" requires WordPress 6.9.0, but your plugin minimum supported version is WordPress 5.1.0.
WARNINGI18nDiscouraged text-domain loading1
- Category
- I18n
- Occurrences
- 1
- Severity
- warning
Sample message
load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.
WARNINGMaintainabilityDynamic hook name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$loaded_hook".
ERRORMaintainabilityfile system operations is writable1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
External Connections
Not analyzed yet.
Score History
First score snapshot
v3.2.10
27
Latest
- Findings
- 408
- Errors
- 34
- Warnings
- 374
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 27 | 408 | 34 | 374 | v3.2.10 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Issue
Related
Author
Issue
Related
Related Plugins
2k+ active installs
10k+ active installs
1k+ active installs
10k+ active installs
10k+ active installs
1k+ active installs