Code WordPress Plugins That Need Review
36 indexed plugins
Plugins
36
Active Installs
4m+
Average Score
63
Audited
36
Needs Review
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1 | CSS & JavaScript Toolbox | 25 | 155 | 617 | 10k+ | Non-prefixed class | ||
| #2 | Foxtool All-in-One: Contact chat button, Custom login, Media optimize images | 27 | 1,629 | 360 | 7k+ | Unsafe printing function | ||
| #3 | Code Engine – PHP Snippets, AI Functions & Automation for WordPress | 28 | 124 | 101 | 700 | Non Singular String Literal Domain | ||
| #4 | Urvanov Syntax Highlighter | 30 | 221 | 87 | 3k+ | Output is not escaped | ||
| #5 | Pastacode | 33 | 77 | 66 | 400 | Non-prefixed global variable | ||
| #6 | Code Block Pro – Beautiful Syntax Highlighting | 35 | 7 | 4 | 10k+ | badly named files | ||
| #7 | Code Prettify | 35 | 7 | 3 | 1k+ | wp function not compatible with requires wp | ||
| #8 | Highlighting Code Block | 35 | 30 | 3 | 10k+ | Output is not escaped | ||
| #9 | WP-Markdown | 35 | 31 | 39 | 400 | Output is not escaped | ||
| #10 | Code Snippets | 36 | 34 | 203 | 1m+ | Nonce verification recommended | ||
| #11 | WP Coder – Insert & Manage Code Snippets | 36 | 53 | 280 | 10k+ | Nonce verification recommended | ||
| #12 | Shortcoder — Create Shortcodes for Anything | 37 | 25 | 70 | 100k+ | Non-prefixed global variable | ||
| #13 | Scripts n Styles | 39 | 150 | 92 | 30k+ | Output is not escaped | ||
| #14 | Prismatic | 42 | 61 | 29 | 2k+ | Output is not escaped | ||
| #15 | Code Widget | 44 | 60 | 33 | 4k+ | Text Domain Mismatch | ||
| #16 | SyntaxHighlighter Evolved | 45 | 33 | 46 | 20k+ | Not In Footer | ||
| #17 | 📷 Simple QR Code Generator Widget | 50 | 21 | 14 | 400 | Output is not escaped | ||
| #18 | CodeColorer | 64 | 65 | 266 | 1k+ | Non-prefixed global variable | ||
| #19 | Code Snippet DM | 74 | 21 | 2 | 500 | Output is not escaped | ||
| #20 | Advanced CSS Editor | 76 | 25 | 6 | 5k+ | Output is not escaped | ||
| #21 | AMS Google Webmaster Tools | 76 | 10 | 3 | 400 | Output is not escaped | ||
| #22 | Code Block Syntax Highlighter for Elementor | 78 | 344 | 3 | 600 | Non Singular String Literal Domain | ||
| #23 | CodePen Embed Block | 82 | 8 | 3 | 600 | Text Domain Mismatch | ||
| #24 | Head & Footer Code | 82 | 1 | 15 | 100k+ | Non-prefixed constant | ||
| #25 | Code Click to Copy | 83 | 12 | 9 | 700 | Non-prefixed function | ||
| #26 | Greenshift Smart Code AI | 86 | 9 | 9 | 1k+ | Request data is not unslashed | ||
| #27 | Nav Menu Manager | 88 | 9 | 17 | 800 | Request data is not unslashed | ||
| #28 | Simple Custom CSS Plugin | 88 | 17 | 5 | 100k+ | wp function not compatible with requires wp | ||
| #29 | WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager | 89 | 21 | 30 | 3m+ | wp function not compatible with requires wp | ||
| #30 | Validated | 91 | 7 | 3 | 600 | Missing direct file access protection | ||
| #31 | Add Code To Head | 92 | 2 | 8 | 3k+ | Non-prefixed global variable | ||
| #32 | WebberZone Snippetz – Header, Body and Footer manager | 96 | 1 | 53 | 2k+ | Dynamic hook name | ||
| #33 | Preserve Code Formatting | 99 | 1 | 1 | 400 | outdated tested upto header | ||
| #34 | Syntax-highlighting Code Block (with Server-side Rendering) | 99 | 1 | 1 | 1k+ | Missing direct file access protection | ||
| #35 | Advance Custom HTML – Show Live Code, Share Snippets, Embed Code, and Style Them Your Way. | 100 | 1 | 10k+ | mismatched plugin name | |||
| #36 | Code Embed | 100 | 0 | 10k+ | No open findings |
