WordPress.PHP.DevelopmentFunctions.prevent_path_disclosure_error_reporting

prevent path disclosure error reporting

Development or debugging behavior appears in code that may run in production.

medium weight

Why It Shows Up

The scan found logging, debugging, path disclosure, `phpinfo()`, error-reporting changes, or similar development-oriented functions.

Why It Matters

Debug output can leak paths, configuration, request data, stack details, or sensitive runtime information.

How to Fix

Remove temporary debugging calls before release.
If logging is required, guard it with `WP_DEBUG` or a plugin setting intended for administrators.
Never show debug details to unauthenticated visitors or normal front-end users.

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	BulletProof Security	0	5,048	4,949	20k+	2026-05-20	Output Not Escaped
#2	JetBackup – Backup, Restore & Migrate	10	1,559	145	100k+	2026-05-03	Exception Not Escaped
#3	Prime Slider Addons for Elementor	18	3,500	230	100k+	2026-06-15	Text Domain Mismatch
#4	Download Monitor	19	425	1,364	80k+	2026-06-16	Non Prefixed Hookname Found
#5	Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution	19	1,218	901	100k+	2026-06-09	Exception Not Escaped
#6	Matomo Analytics – Powerful, Privacy-First Insights for WordPress	19	1,909	878	100k+	2026-06-16	Exception Not Escaped
#7	GiveWP – Donation Plugin and Fundraising Platform	20	3,435	3,580	100k+	2026-06-15	Output Not Escaped
#8	Microthemer Lite – Visual Editor to Customize CSS	20	1,004	1,699	10k+	2026-04-15	Non Prefixed Variable Found
#9	Razorpay for WooCommerce	20	974	855	100k+	2026-06-19	Non Prefixed Function Found
#10	Store Locator WordPress	21	2,372	1,572	10k+	2026-06-03	Text Domain Mismatch
#11	Backup Migration	21	981	1,093	80k+	2026-06-05	Non Prefixed Variable Found
#12	Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More	21	2,572	1,277	1m+	2026-05-22	Output Not Escaped
#13	FileOrganizer – WordPress File Manager	21	536	241	200k+	2026-06-10	unlink unlink
#14	Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages	21	1,173	2,983	9k+	2026-06-02	Non Prefixed Variable Found
#15	Wordfence Security – Firewall, Malware Scan, and Login Security	21	1,592	2,973	5m+	2026-05-13	Output Not Escaped
#16	WP phpMyAdmin	21	4,528	6,435	50k+	2025-10-17	Missing Arg Domain
#17	Booking for Appointments and Events Calendar – Amelia	22	1,489	480	90k+	2026-06-18	Exception Not Escaped
#18	Better Messages – Chat Rooms, Group Chat, Private Messages & AI Chat Bots	22	1,604	2,019	10k+	2026-06-10	Direct Query
#19	Directorist: AI-Powered Business Directory, Listings & Classified Ads	22	443	2,129	20k+	2026-06-09	Non Prefixed Variable Found
#20	Download Manager	22	2,290	1,301	100k+	2026-06-16	Output Not Escaped
#21	File Manager Pro – Filester	22	565	391	100k+	2026-05-23	Missing Unslash
#22	GeoDirectory – WP Business Directory Plugin and Classified Listings Directory	22	4,462	3,972	10k+	2026-06-10	Output Not Escaped
#23	Anti-Malware Security and Brute-Force Firewall	22	544	965	100k+	2026-03-09	Output Not Escaped
#24	InfiniteWP Client	22	2,286	1,812	200k+	2026-02-26	Exception Not Escaped
#25	Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress	22	919	1,230	10k+	2026-02-16	Output Not Escaped
#26	NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall	22	1,265	2,065	100k+	2026-06-07	Non Prefixed Variable Found
#27	Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App	22	1,581	2,326	300k+	2026-06-03	Non Prefixed Variable Found
#28	Seraphinite Accelerator	22	594	255	50k+	2026-06-19	Output Not Escaped
#29	NextScripts: Social Networks Auto-Poster	22	2,408	1,133	30k+	2026-02-26	Output Not Escaped
#30	Search & Replace Everything – Quick and Easy Way to Find and Replace Text, Links	22	1,044	1,797	20k+	2026-05-27	Non Prefixed Variable Found
#31	URL Shortify – Simple and Easy URL Shortener	22	1,520	2,689	10k+	2026-06-04	Non Prefixed Variable Found
#32	ManageWP Worker	22	507	565	1m+	2026-05-11	Non Prefixed Class Found
#33	File Manager	22	740	520	1m+	2026-04-21	Unsafe Printing Function
#34	WP Umbrella: Update Backup Restore & Monitoring	22	915	905	70k+	2026-06-10	Exception Not Escaped
#35	WP Super Minify • Minify, Compress and Cache HTML, CSS & JavaScript	22	164	257	9k+	2026-05-24	Non Prefixed Constant Found
#36	YaySMTP – WP Mail SMTP with Email Logs, Tracking & Reports	22	654	435	10k+	2026-06-16	Exception Not Escaped
#37	Advanced Contact form 7 DB	23	761	1,959	70k+	2026-04-20	Non Prefixed Variable Found
#38	Business Directory Plugin – Easy Listing Directories for WordPress	23	611	1,058	10k+	2026-05-19	Non Prefixed Variable Found
#39	IP Geo Block	23	399	589	9k+	2019-01-22	Output Not Escaped
#40	MailPoet – Newsletters, Email Marketing, and Automation	23	858	711	500k+	2026-06-17	Exception Not Escaped
#41	MaxButtons – Create buttons	23	655	409	70k+	2025-09-15	Output Not Escaped
#42	Media Library Assistant	23	1,144	3,943	70k+	2026-06-08	Recommended
#43	ND Shortcodes	23	621	2,426	20k+	2025-03-18	Non Prefixed Variable Found
#44	Postie	23	407	261	10k+	2026-01-29	Output Not Escaped
#45	PowerPress Podcasting plugin by Blubrry	23	4,807	2,394	20k+	2026-06-17	Output Not Escaped
#46	Seriously Simple Podcasting	23	548	627	30k+	2026-05-21	Non Prefixed Hookname Found
#47	UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP	23	695	2,434	20k+	2026-06-12	Non Prefixed Hookname Found
#48	Clone	23	244	262	40k+	2025-10-30	Output Not Escaped
#49	WP Compress – Instant Performance & Speed Optimization	23	3,053	2,384	10k+	2026-04-15	Non Singular String Literal Domain
#50	404 Solution	24	483	1,087	10k+	2026-05-24	Missing Unslash