Post WordPress Plugins with Most Issues
143 indexed plugins
Plugins
143
Active Installs
1m+
Average Score
59
Audited
142
Most Issues
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1 | Post Status Notifier Lite | 24 | 984 | 451 | 700 | Missing direct file access protection | ||
| #2 | HeadSpace2 SEO | 22 | 940 | 360 | 3k+ | Text Domain Mismatch | ||
| #3 | AI WP Writer – SEO content generator, chatGPT, Gemini | 34 | 581 | 509 | 3k+ | Text Domain Mismatch | ||
| #4 | FV Simpler SEO | 24 | 766 | 308 | 2k+ | Text Domain Mismatch | ||
| #5 | WP Admin UI Customize | 30 | 629 | 390 | 30k+ | Non-prefixed global variable | ||
| #6 | Automatic Post Tagger | 38 | 592 | 307 | 2k+ | Output is not escaped | ||
| #7 | Terms descriptions | 28 | 222 | 423 | 1k+ | Non-prefixed function | ||
| #8 | Post Lists View Custom | 33 | 462 | 150 | 2k+ | Missing Arg Domain | ||
| #9 | Themify Event Post | 25 | 397 | 143 | 3k+ | Output is not escaped | ||
| #10 | Advanced Category Excluder | 31 | 349 | 160 | 700 | Output is not escaped | ||
| #11 | Custom Post Type Maker | 35 | 240 | 86 | 6k+ | Unsafe printing function | ||
| #12 | Peter’s Post Notes | 36 | 224 | 102 | 3k+ | Output is not escaped | ||
| #13 | Themify Portfolio Post | 30 | 214 | 102 | 30k+ | Text Domain Mismatch | ||
| #14 | Excerpt Editor | 37 | 170 | 142 | 500 | Unsafe printing function | ||
| #15 | SEO Friendly Images | 39 | 292 | 20 | 20k+ | Output is not escaped | ||
| #16 | Attachments | 38 | 238 | 66 | 8k+ | Unsafe printing function | ||
| #17 | Tilda-publishing | 29 | 219 | 78 | 700 | Output is not escaped | ||
| #18 | Featured Post with thumbnail | 24 | 158 | 122 | 400 | Output is not escaped | ||
| #19 | sCode (Easy Shortcodes) | 35 | 157 | 97 | 400 | Text Domain Mismatch | ||
| #20 | Tools for Twitter | 34 | 135 | 87 | 1k+ | Output is not escaped | ||
| #21 | Featured Video Plus | 34 | 99 | 105 | 10k+ | Non-prefixed global variable | ||
| #22 | VK Post Author Display | 35 | 87 | 111 | 10k+ | Non-prefixed function | ||
| #23 | Posts Like Dislike | 42 | 157 | 39 | 6k+ | Non Singular String Literal Domain | ||
| #24 | Post Ratings | 40 | 160 | 32 | 600 | Output is not escaped | ||
| #25 | W4 Post List | 35 | 50 | 138 | 3k+ | Non-prefixed global variable | ||
| #26 | Post Password Token | 35 | 132 | 38 | 600 | Text Domain Mismatch | ||
| #27 | WP Emmet | 37 | 154 | 8 | 3k+ | Output is not escaped | ||
| #28 | SEO Auto Linker | 39 | 97 | 62 | 3k+ | Unsafe printing function | ||
| #29 | Page List Widget | 39 | 150 | 6 | 400 | Output is not escaped | ||
| #30 | Most And Least Read Posts Widget | 38 | 130 | 24 | 1k+ | Output is not escaped | ||
| #31 | WP Discord Post Plus – Supports Unlimited Channels | 38 | 116 | 34 | 700 | Text Domain Mismatch | ||
| #32 | Background Per Page | 33 | 80 | 56 | 700 | Text Domain Mismatch | ||
| #33 | Bulk Move | 40 | 85 | 44 | 9k+ | Unsafe printing function | ||
| #34 | Better Random Redirect | 39 | 88 | 40 | 700 | Text Domain Mismatch | ||
| #35 | Korea SNS | 39 | 88 | 30 | 4k+ | Unsafe printing function | ||
| #36 | PostLinks | 38 | 107 | 10 | 700 | Output is not escaped | ||
| #37 | Advanced Excerpt | 41 | 69 | 43 | 70k+ | Unsafe printing function | ||
| #38 | Tabify Edit Screen | 39 | 83 | 27 | 500 | Output is not escaped | ||
| #39 | User Posts Limit | 44 | 82 | 22 | 2k+ | Output is not escaped | ||
| #40 | Custom Post Type Parents | 39 | 75 | 18 | 900 | Output is not escaped | ||
| #41 | Rename default post Labels | 40 | 54 | 36 | 600 | Text Domain Mismatch | ||
| #42 | Sticky Posts – Switch | 41 | 84 | 5 | 6k+ | Output is not escaped | ||
| #43 | Revision Control | 41 | 60 | 28 | 40k+ | Output is not escaped | ||
| #44 | Bitly URL Shortener | 79 | 65 | 22 | 600 | Text Domain Mismatch | ||
| #45 | Insert JavaScript and CSS | 41 | 64 | 19 | 400 | Text Domain Mismatch | ||
| #46 | Simple Export Import for ACF Data | 35 | 19 | 64 | 1k+ | Request data is not unslashed | ||
| #47 | Content Widget | 41 | 72 | 9 | 400 | Output is not escaped | ||
| #48 | Custom Post Template | 37 | 48 | 30 | 10k+ | Output is not escaped | ||
| #49 | Permalink Editor | 40 | 50 | 28 | 1k+ | Output is not escaped | ||
| #50 | Like This | 38 | 60 | 17 | 1k+ | Output is not escaped |