WordPress.WP.AlternativeFunctions.file_system_operations_chmod

file system operations chmod

The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.

medium weight

Why It Shows Up

Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.

Why It Matters

WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.

How to Fix

Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
Never write PHP code from user input or remote responses.

References

WordPress Filesystem API

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	BulletProof Security	0	5,048	4,949	20k+	1 month ago	Output Not Escaped
#2	Intercom	0	60	71	6k+	1 year ago	Non Prefixed Function Found
#3	JetBackup – Backup, Restore & Migrate	10	1,559	145	100k+	2 months ago	Exception Not Escaped
#4	wpForo Forum	17	4,033	2,922	20k+	22 days ago	Unsafe Printing Function
#5	WP Import Export Lite	18	738	979	40k+	11 months ago	Non Prefixed Variable Found
#6	Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution	19	1,218	901	100k+	13 days ago	Exception Not Escaped
#7	Matomo Analytics – Powerful, Privacy-First Insights for WordPress	19	1,909	878	100k+	6 days ago	Exception Not Escaped
#8	Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization	19	1,295	2,679	9k+	7 days ago	Output Not Escaped
#9	Realtyna Organic IDX plugin + WPL Real Estate	19	947	3,653	2k+	1 month ago	Non Prefixed Variable Found
#10	Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)	19	541	385	3m+	5 days ago	Missing Translators Comment
#11	Membership Plugin – Kadence Memberships	19	5,082	2,982	9k+	27 days ago	Text Domain Mismatch
#12	BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot	20	508	1,406	30k+	4 days ago	Non Prefixed Variable Found
#13	Brizy – Page Builder	20	589	720	70k+	13 days ago	Output Not Escaped
#14	Filter Everything — WordPress & WooCommerce Filters	20	568	730	50k+	4 days ago	Output Not Escaped
#15	GiveWP – Donation Plugin and Fundraising Platform	20	3,435	3,580	100k+	7 days ago	Output Not Escaped
#16	MBE eShip	20	527	740	1k+	5 days ago	Non Prefixed Variable Found
#17	Microthemer Lite – Visual Editor to Customize CSS	20	1,004	1,699	10k+	2 months ago	Non Prefixed Variable Found
#18	Pix por Piggly (para Woocommerce)	20	547	195	4k+	2 years ago	Exception Not Escaped
#19	Robin Image Optimizer – Unlimited Image Optimization, WebP & AVIF	20	557	541	100k+	1 month ago	Output Not Escaped
#20	Backup Migration	21	981	1,093	80k+	17 days ago	Non Prefixed Variable Found
#21	Captcha Them All	21	300	323	6k+	3 years ago	Output Not Escaped
#22	Comet Cache	21	857	245	20k+	12 months ago	Output Not Escaped
#23	Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More	21	2,572	1,277	1m+	1 month ago	Output Not Escaped
#24	FileOrganizer – WordPress File Manager	21	536	241	200k+	12 days ago	unlink unlink
#25	Campaign Monitor for WordPress	21	386	461	2k+	2 months ago	Non Prefixed Variable Found
#26	Modular DS: Monitor, update, and backup multiple websites	21	161	81	40k+	1 month ago	Exception Not Escaped
#27	Packeta	21	802	333	8k+	8 months ago	Exception Not Escaped
#28	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction	21	1,918	5,065	10k+	20 days ago	Non Prefixed Hookname Found
#29	User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor	21	696	1,483	50k+	12 days ago	Recommended
#30	Royal Addons for Elementor – Addons and Templates Kit for Elementor	21	13,011	2,530	600k+	14 days ago	Text Domain Mismatch
#31	Smart Forms – when you need more than just a contact form	21	776	574	5k+	1 month ago	Output Not Escaped
#32	Buckaroo Woocommerce Payments Plugin	21	563	326	2k+	6 days ago	Exception Not Escaped
#33	WebP Express	21	160	427	300k+	3 days ago	Non Prefixed Variable Found
#34	Wordfence Security – Firewall, Malware Scan, and Login Security	21	1,592	2,973	5m+	1 month ago	Output Not Escaped
#35	wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin	21	1,354	1,140	70k+	14 days ago	Output Not Escaped
#36	All-in-One Video Gallery	22	911	2,892	20k+	1 month ago	Non Prefixed Variable Found
#37	Borderless – Addons and Templates for Elementor	22	438	1,388	5k+	7 months ago	Non Prefixed Variable Found
#38	Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer	22	2,858	1,270	50k+	2 months ago	Text Domain Mismatch
#39	Code Profiler – WordPress Performance Profiling and Debugging Made Easy	22	265	400	8k+	10 days ago	Non Prefixed Variable Found
#40	RegistrationMagic – User Registration Forms Plugin	22	3,654	5,062	8k+	2 days ago	Non Prefixed Variable Found
#41	WP Customer Area	22	3,308	941	10k+	2 months ago	Text Domain Mismatch
#42	Directorist: AI-Powered Business Directory, Listings & Classified Ads	22	443	2,129	20k+	13 days ago	Non Prefixed Variable Found
#43	Download Manager	22	2,290	1,301	100k+	6 days ago	Output Not Escaped
#44	E2Pdf – Export Pdf Tool for WordPress	22	1,075	836	10k+	6 days ago	Unsafe Printing Function
#45	File Manager Pro – Filester	22	565	391	100k+	1 month ago	Missing Unslash
#46	Anti-Malware Security and Brute-Force Firewall	22	544	965	100k+	4 months ago	Output Not Escaped
#47	InfiniteWP Client	22	2,286	1,812	200k+	4 months ago	Exception Not Escaped
#48	Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider	22	207	323	500k+	11 days ago	Non Prefixed Variable Found
#49	Modula Image Gallery – Photo Grid & Video Gallery	22	474	436	100k+	6 days ago	Text Domain Mismatch
#50	Motors – Car Dealership & Classified Listings Plugin	22	5,340	5,958	9k+	4 days ago	Text Domain Mismatch