Shortcode WordPress Plugins That Need Review
148 indexed plugins
Plugins
148
Active Installs
1m+
Average Score
68
Audited
148
Needs Review
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1 | oik | 22 | 489 | 180 | 2k+ | Non Singular String Literal Domain | ||
| #2 | Five-Star Ratings Shortcode | 23 | 604 | 1,317 | 600 | Non-prefixed global variable | ||
| #3 | Advanced iFrame | 24 | 887 | 1,120 | 40k+ | Non-prefixed global variable | ||
| #4 | Shortcodes Ultimate – Content Elements | 24 | 656 | 1,552 | 400k+ | Non-prefixed global variable | ||
| #5 | Coupon Creator | 25 | 698 | 412 | 1k+ | Output is not escaped | ||
| #6 | Post Snippets – Custom WordPress Code Snippets Customizer | 25 | 808 | 1,654 | 20k+ | Non-prefixed global variable | ||
| #7 | Webcomic | 25 | 593 | 308 | 600 | Output is not escaped | ||
| #8 | WP Spell Check | 25 | 6 | 4,390 | 2k+ | Direct Query | ||
| #9 | EZ SQL Reports Shortcode Widget and DB Backup | 27 | 165 | 158 | 500 | Output is not escaped | ||
| #10 | MW WP Form | 27 | 334 | 219 | 200k+ | Output is not escaped | ||
| #11 | WP GoToWebinar | 28 | 207 | 207 | 700 | Non-prefixed function | ||
| #12 | YITH WooCommerce Product Slider Carousel | 30 | 389 | 1,479 | 4k+ | Non-prefixed global variable | ||
| #13 | Copy Anything to Clipboard for WordPress – Copy Button, Copy Text & Copy Code | 31 | 525 | 131 | 10k+ | Text Domain Mismatch | ||
| #14 | Themify Store Locator | 31 | 244 | 125 | 500 | Text Domain Mismatch | ||
| #15 | Uix Shortcodes | 33 | 246 | 444 | 400 | Non-prefixed global variable | ||
| #16 | Blog-in-Blog | 34 | 64 | 93 | 800 | Non-prefixed function | ||
| #17 | BASE Item List | 35 | 4 | 13 | 800 | error log error log | ||
| #18 | Better Recent Comments | 35 | 127 | 29 | 2k+ | Text Domain Mismatch | ||
| #19 | Child Pages Shortcode | 35 | 5 | 6 | 5k+ | Non-prefixed hook name | ||
| #20 | Easy Panorama | 35 | 120 | 10 | 500 | Non Singular String Literal Domain | ||
| #21 | Extra Shortcodes | 35 | 35 | 3 | 1k+ | date date | ||
| #22 | Kaya QR Code Generator | 35 | 193 | 40 | 20k+ | Non Singular String Literal Domain | ||
| #23 | Post Content Shortcodes | 35 | 205 | 56 | 2k+ | Output is not escaped | ||
| #24 | sCode (Easy Shortcodes) | 35 | 157 | 97 | 400 | Text Domain Mismatch | ||
| #25 | Simple Map | 35 | 10 | 1 | 10k+ | Output is not escaped | ||
| #26 | Simple YouTube Responsive | 35 | 75 | 8 | 3k+ | wp function not compatible with requires wp | ||
| #27 | Super Cool Ad Inserter Plugin | 35 | 22 | 5 | 600 | Text Domain Mismatch | ||
| #28 | Themify Shortcodes | 35 | 36 | 16 | 7k+ | Output is not escaped | ||
| #29 | Ultimate Post List | 35 | 186 | 84 | 2k+ | Missing Arg Domain | ||
| #30 | W4 Post List | 35 | 50 | 138 | 3k+ | Non-prefixed global variable | ||
| #31 | Product Attributes Shortcode | 35 | 3 | 4 | 700 | Nonce verification recommended | ||
| #32 | xili-tidy-tags | 35 | 224 | 157 | 1k+ | Output is not escaped | ||
| #33 | The Events Calendar Shortcode & Block | 36 | 70 | 127 | 10k+ | Non-prefixed hook name | ||
| #34 | WP Coder – Insert & Manage Code Snippets | 36 | 53 | 280 | 10k+ | Nonce verification recommended | ||
| #35 | Get Custom Field Values | 37 | 40 | 44 | 1k+ | Output is not escaped | ||
| #36 | resmio button & widget | 37 | 99 | 36 | 400 | Text Domain Mismatch | ||
| #37 | Snippet Shortcodes | 37 | 359 | 133 | 4k+ | Non Singular String Literal Domain | ||
| #38 | Shortcoder — Create Shortcodes for Anything | 37 | 25 | 70 | 100k+ | Non-prefixed global variable | ||
| #39 | Yada Wiki | 37 | 207 | 45 | 2k+ | Text Domain Mismatch | ||
| #40 | Decent Comments | 38 | 93 | 28 | 2k+ | Output is not escaped | ||
| #41 | Responsive Pricing Table | 38 | 309 | 105 | 10k+ | Non Singular String Literal Domain | ||
| #42 | CC BMI Calculator | 40 | 135 | 7 | 800 | Output is not escaped | ||
| #43 | Links shortcode | 40 | 73 | 13 | 900 | Unsafe printing function | ||
| #44 | Donations via PayPal | 40 | 143 | 17 | 20k+ | Output is not escaped | ||
| #45 | Post Tiles | 40 | 46 | 5 | 400 | Output is not escaped | ||
| #46 | Shortcodes Finder | 40 | 22 | 188 | 4k+ | Nonce verification recommended | ||
| #47 | WP Date and Time Shortcode | 40 | 90 | 12 | 10k+ | Output is not escaped | ||
| #48 | QR code MeCard/vCard generator | 40 | 322 | 21 | 2k+ | Unsafe printing function | ||
| #49 | Checklist | 41 | 62 | 25 | 400 | Text Domain Mismatch | ||
| #50 | Meks Flexible Shortcodes | 41 | 133 | 1 | 10k+ | Unsafe printing function |
