PluginScore

WPFront Notification Bar

Easily lets you create a bar on top or bottom to display a notification.

v3.5.1Syam MohanUpdated Added 50k+ installs90% rating
bottom barnotificationnotification bartop barwordpress notification bar
40
Score
222
Errors
44
Warnings
+0
Change

Category Scores

Security0
Repo97
Performance100
Maintainability75

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

266 findings

Security

227

7 issue groups

Maintainability

27

9 issue groups

I18n

11

3 issue groups

Repo Compliance

1

1 issue group

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" #wpfront-notification-bar-spacer$id_suffix { display:block; }"'.200
Category
Security
Occurrences
200
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" #wpfront-notification-bar-spacer$id_suffix { display:block; }"'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
WARNINGSecurityRecommendedProcessing form data without nonce verification.9
Category
Security
Occurrences
9
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['id']7
Category
Security
Occurrences
7
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['id']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityMissing Unslash$_GET['id'] not unslashed before sanitization. Use wp_unslash() or similar7
Category
Security
Occurrences
7
Severity
warning

Sample message

$_GET['id'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$blog_ids".5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$blog_ids".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter
ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: $this->controller->get_lang_domain()4
Category
I18n
Occurrences
4
Severity
error

Sample message

The $domain parameter must be a single text string literal. Found: $this->controller->get_lang_domain()

WordPress.WP.I18n.NonSingularStringLiteralDomainReference
ERRORI18nNon Singular String Literal TextThe $text parameter must be a single text string literal. Found: $button_text4
Category
I18n
Occurrences
4
Severity
error

Sample message

The $text parameter must be a single text string literal. Found: $button_text

WordPress.WP.I18n.NonSingularStringLiteralTextReference
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.3
Category
I18n
Occurrences
3
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
Show 10 more
WARNINGMaintainabilitytrademarked term3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "WPFront Notification Bar" - contains the restricted term "wp" which cannot be used at all in your plugin name.

trademarked_term
ERRORMaintainabilitywp function not compatible with requires wp3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

Function "is_taxonomy_viewable()" requires WordPress 5.1.0, but your plugin minimum supported version is WordPress 5.0.0.

wp_function_not_compatible_with_requires_wpReference
WARNINGMaintainabilityNon Prefixed Hookname Found2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "wpml_register_single_string".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
WARNINGSecurityInput Not Validated2
Category
Security
Occurrences
2
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['wpfront-notification-bar-options']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
ERRORMaintainabilityOffloaded Content1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Found call to wp_enqueue_style() with external resource. Offloading styles to your servers or any remote service is disallowed.

PluginCheck.CodeAnalysis.EnqueuedResourceOffloading.OffloadedContent
ERRORSecurityregister setting Missing1
Category
Security
Occurrences
1
Severity
error

Sample message

Sanitization missing for register_setting().

PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissingReference
WARNINGMaintainabilityDirect Query1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo Caching1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
WARNINGSecuritywp redirect wp redirect1
Category
Security
Occurrences
1
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirectReference
WARNINGRepo Compliancereadme parser warnings too many tags1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags

Score History

First score snapshot

v3.5.1

40

Latest

Findings
266
Errors
222
Warnings
44
Check
2.0.0

Related Plugins

WPC Added To Cart Notification for WooCommerce

3k+ active installs

98
Zoho Flow – No-Code Workflow Automation

5k+ active installs

98
Disable auto-update Email Notifications

30k+ active installs

97
Bottom Admin Toolbar

1k+ active installs

89
Easy Notification Bar

9k+ active installs

87
Storefront Top Bar

2k+ active installs

77