WordPress阿里云对象存储插件(简称:WPOSS),基于阿里云OSS对象存储与WordPress实现静态资源到OSS存储。支持阿里云OSS图片编辑,水印、裁剪、压缩等。
Prioritized issue groups from the latest Plugin Check scan
Maintainability
453
20 issue groups
Security
106
4 issue groups
Supply Chain
3
1 issue group
Sample message
Namespaces declared by a theme/plugin should start with the theme/plugin prefix. Found: "OSS".
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$acl".
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '": initiateMultipartUpload, uploadPart - part#{$i} FAILED\n"'.
Sample message
Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "classLoader".
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$details'.
Sample message
var_dump() found. Debug code should not normally be used in production.
Sample message
error_log() found. Debug code should not normally be used in production.
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
Sample message
Detected usage of a non-sanitized input variable: $_GET['_wpnonce']
Sample message
$_GET['_wpnonce'] not unslashed before sanitization. Use wp_unslash() or similar
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
Sample message
rand() is discouraged. Use the far less predictable wp_rand() instead.
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
Sample message
Hidden files are not permitted.
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "WPOSS(阿里云对象存储)" - contains the restricted term "wp" which cannot be used at all in your plugin name.
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "Common".
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
Sample message
Stylesheets must be registered/enqueued via wp_enqueue_style()
Sample message
An error occurred during processing; checking has been aborted. The error message was: PHPCSUtils\Utils\PassedParameters::hasParameters(): Argument #2 ($stackPtr) must be of type function call, array, isset, unset or exit; T_THROW given.\nThe error originated in the WordPress.Security.EscapeOutput sniff on line 270.
Potential connections found in static code analysis.
Outbound calls
92
External assets
0
Incoming endpoints
0
No external asset domains detected.
No public endpoints detected.
First score snapshot
v5.0
19
Latest
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 19 | 584 | 269 | 315 | v5.0 | 2.0.0 |
Author, categories, issues, domains, and nearby plugins.