Video gallery plugin for WordPress with a built-in HTML5 player. Embed YouTube, Vimeo, Dailymotion, Rumble, and self-hosted videos.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
2,415
15 issue groups
Security
1,206
8 issue groups
I18n
102
2 issue groups
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_sources".2,087
- Category
- Maintainability
- Occurrences
- 2,087
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_sources".
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" <a href='{$skip_url}' class='button button-small button-secondary'>{$use_plugin_anonymously_text}</a>"'.666
- Category
- Security
- Occurrences
- 666
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" <a href='{$skip_url}' class='button button-small button-secondary'>{$use_plugin_anonymously_text}</a>"'.
WARNINGSecurityRecommendedProcessing form data without nonce verification.244
- Category
- Security
- Occurrences
- 244
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityMissing Unslash$_COOKIE['aiovg_videos_dislikes'] not unslashed before sanitization. Use wp_unslash() or similar151
- Category
- Security
- Occurrences
- 151
- Severity
- warning
Sample message
$_COOKIE['aiovg_videos_dislikes'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_COOKIE['aiovg_videos_dislikes']105
- Category
- Security
- Occurrences
- 105
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_COOKIE['aiovg_videos_dislikes']
WARNINGMaintainabilityNon Prefixed Function FoundFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "_fs_text".99
- Category
- Maintainability
- Occurrences
- 99
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "_fs_text".
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.75
- Category
- I18n
- Occurrences
- 75
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGMaintainabilityNon Prefixed Class FoundClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "FS_Admin_Menu_Manager".55
- Category
- Maintainability
- Occurrences
- 55
- Severity
- warning
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "FS_Admin_Menu_Manager".
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;39
- Category
- Maintainability
- Occurrences
- 39
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORI18nUnordered Placeholders TextMultiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$d", but got "%d, %d" in '%d out of %d videos processed'.27
- Category
- I18n
- Occurrences
- 27
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$d, %2$d", but got "%d, %d" in '%d out of %d videos processed'.
Show 15 moreShow less
WARNINGMaintainabilityNon Prefixed Constant Found26
- Category
- Maintainability
- Occurrences
- 26
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "FS_API__ADDRESS".
WARNINGMaintainabilityDirect Query21
- Category
- Maintainability
- Occurrences
- 21
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo Caching19
- Category
- Maintainability
- Occurrences
- 19
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGSecurityInput Not Validated19
- Category
- Security
- Occurrences
- 19
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['chapter_label'][$key]. Check that the array index exists before using it.
WARNINGMaintainabilityNon Prefixed Hookname Found13
- Category
- Maintainability
- Occurrences
- 13
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".
ERRORMaintainabilityNon Enqueued Script13
- Category
- Maintainability
- Occurrences
- 13
- Severity
- error
Sample message
Scripts must be registered/enqueued via wp_enqueue_script()
ERRORMaintainabilityfile system operations fclose8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityparse url parse url8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
ERRORSecurityUnescaped DBParameter7
- Category
- Security
- Occurrences
- 7
- Severity
- error
Sample message
Unescaped parameter $query used in $wpdb->get_results()\n$query assigned unsafely at line 608.
ERRORSecurityNot Prepared7
- Category
- Security
- Occurrences
- 7
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $query
WARNINGMaintainabilityslow db query meta query7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- warning
Sample message
Detected usage of meta_query, possible slow query.
ERRORSecurityException Not Escaped7
- Category
- Security
- Occurrences
- 7
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$message'.
ERRORMaintainabilitycurl curl setopt7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilitystrip tags strip tags7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
WARNINGMaintainabilityDiscouraged6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
The use of function ini_set() is discouraged
Score History
First score snapshot
v4.8.5
22
Latest
- Findings
- 3,803
- Errors
- 911
- Warnings
- 2,892
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 22 | 3,803 | 911 | 2,892 | v4.8.5 | 2.0.0 |
Related Plugins
20k+ active installs
20k+ active installs
2k+ active installs
4k+ active installs
3k+ active installs
4k+ active installs