WordPress.WP.AlternativeFunctions.file_system_operations_fopen

file system operations fopen

The plugin performs filesystem work with raw PHP functions where WordPress expects safer filesystem handling.

medium weight

Why It Shows Up

Plugin Check found functions such as `fopen`, `fwrite`, `chmod`, `mkdir`, `readfile`, or related operations.

Why It Matters

WordPress sites can use different filesystem permissions and transports. Raw filesystem calls can fail on common hosts or write to unsafe locations.

How to Fix

Use WordPress filesystem helpers when writing, reading, or changing files in plugin-managed paths.
Validate paths and keep writes inside directories owned by the plugin or WordPress uploads.
Never write PHP code from user input or remote responses.

References

WordPress Filesystem API

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	BulletProof Security	0	5,048	4,949	20k+	1 month ago	Output Not Escaped
#2	Intercom	0	60	71	6k+	1 year ago	Non Prefixed Function Found
#3	Plugin Check (PCP)	0	128	132	10k+	23 days ago	Exception Not Escaped
#4	Themify Builder	9	5,195	2,096	5k+	5 days ago	Text Domain Mismatch
#5	JetBackup – Backup, Restore & Migrate	10	1,559	145	100k+	2 months ago	Exception Not Escaped
#6	AnyComment	17	445	449	5k+	4 years ago	Output Not Escaped
#7	wpForo Forum	17	4,033	2,922	20k+	21 days ago	Unsafe Printing Function
#8	WPtouch – Make your WordPress Website Mobile-Friendly	17	1,466	325	50k+	7 months ago	Text Domain Mismatch
#9	Shopping Cart & eCommerce Store	18	5,459	17,298	4k+	9 days ago	Non Prefixed Variable Found
#10	WP Import Export Lite	18	738	979	40k+	11 months ago	Non Prefixed Variable Found
#11	Download Monitor	19	425	1,364	80k+	5 days ago	Non Prefixed Hookname Found
#12	Event Organiser	19	1,106	544	20k+	2 years ago	Text Domain Mismatch
#13	Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution	19	1,218	901	100k+	12 days ago	Exception Not Escaped
#14	Matomo Analytics – Powerful, Privacy-First Insights for WordPress	19	1,909	878	100k+	5 days ago	Exception Not Escaped
#15	Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization	19	1,295	2,679	9k+	6 days ago	Output Not Escaped
#16	Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)	19	541	385	3m+	4 days ago	Missing Translators Comment
#17	Membership Plugin – Kadence Memberships	19	5,082	2,982	9k+	26 days ago	Text Domain Mismatch
#18	BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot	20	508	1,406	30k+	3 days ago	Non Prefixed Variable Found
#19	Brizy – Page Builder	20	589	720	70k+	12 days ago	Output Not Escaped
#20	GiveWP – Donation Plugin and Fundraising Platform	20	3,435	3,580	100k+	6 days ago	Output Not Escaped
#21	Link Library	20	1,941	1,397	10k+	2 months ago	Unsafe Printing Function
#22	Microthemer Lite – Visual Editor to Customize CSS	20	1,004	1,699	10k+	2 months ago	Non Prefixed Variable Found
#23	Pix por Piggly (para Woocommerce)	20	547	195	4k+	2 years ago	Exception Not Escaped
#24	Robin Image Optimizer – Unlimited Image Optimization, WebP & AVIF	20	557	541	100k+	1 month ago	Output Not Escaped
#25	Razorpay for WooCommerce	20	974	855	100k+	2 days ago	Non Prefixed Function Found
#26	WPJAM Basic	20	328	356	4k+	5 days ago	Output Not Escaped
#27	Backup Migration	21	981	1,093	80k+	16 days ago	Non Prefixed Variable Found
#28	rtMedia for WordPress, BuddyPress and bbPress	21	363	633	8k+	3 months ago	Non Prefixed Constant Found
#29	Captcha Them All	21	300	323	6k+	3 years ago	Output Not Escaped
#30	CartFlows – Funnel Builder & Checkout Plugin for WooCommerce	21	461	614	200k+	19 days ago	Text Domain Mismatch
#31	Smart Grid-Layout Design for Contact Form 7	21	1,126	734	10k+	1 month ago	Output Not Escaped
#32	Comet Cache	21	857	245	20k+	12 months ago	Output Not Escaped
#33	Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More	21	2,572	1,277	1m+	1 month ago	Output Not Escaped
#34	Envo Extra	21	878	600	20k+	25 days ago	Text Domain Mismatch
#35	EventPrime – Events Calendar, Bookings and Tickets	21	872	4,297	7k+	yesterday	Non Prefixed Variable Found
#36	Feeds for YouTube (YouTube video, channel, and gallery plugin)	21	558	978	100k+	11 days ago	Output Not Escaped
#37	FileOrganizer – WordPress File Manager	21	536	241	200k+	11 days ago	unlink unlink
#38	Formidable Forms – WordPress Form Builder for Contact Forms, Calculators, Quizzes & More	21	52	1,959	300k+	5 days ago	Non Prefixed Variable Found
#39	Modular DS: Monitor, update, and backup multiple websites	21	161	81	40k+	1 month ago	Exception Not Escaped
#40	MotoPress Hotel Booking	21	3,061	1,037	10k+	6 days ago	Text Domain Mismatch
#41	Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred	21	1,469	3,333	10k+	3 days ago	Non Prefixed Variable Found
#42	Packeta	21	802	333	8k+	8 months ago	Exception Not Escaped
#43	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction	21	1,918	5,065	10k+	19 days ago	Non Prefixed Hookname Found
#44	User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor	21	696	1,483	50k+	11 days ago	Recommended
#45	Five Star Restaurant Reservations – WordPress Booking Plugin	21	1,099	1,147	10k+	2 days ago	Output Not Escaped
#46	Royal Addons for Elementor – Addons and Templates Kit for Elementor	21	13,011	2,530	600k+	13 days ago	Text Domain Mismatch
#47	Smart Forms – when you need more than just a contact form	21	776	574	5k+	1 month ago	Output Not Escaped
#48	Accept Stripe Payments	21	373	882	20k+	2 months ago	Missing
#49	Revive Social – Social Media Auto Post and Scheduling Automation Plugin	21	255	425	20k+	1 month ago	Non Prefixed Hookname Found
#50	WCFM – Frontend Manager for WooCommerce	21	4,721	5,067	20k+	2 months ago	Non Prefixed Variable Found