Async JavaScript

Async Javascript lets you add 'async' or 'defer' attribute to scripts to exclude to help increase the performance of your WordPress website.

v2.21.08.31David CloughUpdated 2023-06-22Added Dec 11, 201470k+ installs94% rating

async javascript pagespeed performance render blocking

Score

357

Errors

Warnings

Change

Category Scores

Security0

Repo91

Performance100

Maintainability68

Top Issues by Category

security396

1Unsafe Printing FunctionWordPress.Security.EscapeOutput.UnsafePrintingFunctionERROR223 2Output Not EscapedWordPress.Security.EscapeOutput.OutputNotEscapedERROR99 3Missing UnslashWordPress.Security.ValidatedSanitizedInput.MissingUnslashWARNING41 4Input Not ValidatedWordPress.Security.ValidatedSanitizedInput.InputNotValidatedWARNING25 5RecommendedWordPress.Security.NonceVerification.RecommendedWARNING8

maintainability31

1curl curl setoptWordPress.WP.AlternativeFunctions.curl_curl_setoptERROR16 2curl curl closeWordPress.WP.AlternativeFunctions.curl_curl_closeERROR2 3curl curl errorWordPress.WP.AlternativeFunctions.curl_curl_errorERROR2 4curl curl execWordPress.WP.AlternativeFunctions.curl_curl_execERROR2 5curl curl initWordPress.WP.AlternativeFunctions.curl_curl_initERROR2 6Missing VersionWordPress.WP.EnqueuedResourceParameters.MissingVersionWARNING2 7Direct QueryWordPress.DB.DirectDatabaseQuery.DirectQueryWARNING1 8No CachingWordPress.DB.DirectDatabaseQuery.NoCachingWARNING1 9file system operations fopenWordPress.WP.AlternativeFunctions.file_system_operations_fopenERROR1 10file system operations is writableWordPress.WP.AlternativeFunctions.file_system_operations_is_writableERROR1 11badly named filesbadly_named_filesERROR1

i18n7

1Non Singular String Literal TextWordPress.WP.I18n.NonSingularStringLiteralTextERROR5 2Missing Arg DomainWordPress.WP.I18n.MissingArgDomainERROR1 3Text Domain MismatchWordPress.WP.I18n.TextDomainMismatchERROR1

repo_compliance2

1outdated tested upto headeroutdated_tested_upto_headerERROR1 2readme invalid contributorsreadme_invalid_contributorsWARNING1

Issues Details

436 issues found in latest scan

ERROR223

WordPress.Security.EscapeOutput.UnsafePrintingFunction

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

ERROR99

WordPress.Security.EscapeOutput.OutputNotEscaped

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<div class=\"$class\">$message</div>"'.

WARNING41

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

$_GET['aj_simulate'] not unslashed before sanitization. Use wp_unslash() or similar

WARNING25

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

Detected usage of a possibly undefined superglobal array index: $_POST['aj_gtmetrix_api_key']. Check that the array index exists before using it.

ERROR16

WordPress.WP.AlternativeFunctions.curl_curl_setopt

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WARNING8

WordPress.Security.NonceVerification.Recommended

Processing form data without nonce verification.

ERROR5

WordPress.WP.I18n.NonSingularStringLiteralText

The $text parameter must be a single text string literal. Found: ' has detected that you do not have Autoptimize installed and active. Autoptimize can provide further optimization of JavaScript which can benefit the results of ' . AJ_TITLE . ' (and ' . AJ_TITLE . ' can also enhance Autoptimize results!)</p>'

ERROR2

WordPress.WP.AlternativeFunctions.curl_curl_close

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERROR2

WordPress.WP.AlternativeFunctions.curl_curl_error

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERROR2

WordPress.WP.AlternativeFunctions.curl_curl_exec

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

ERROR2

WordPress.WP.AlternativeFunctions.curl_curl_init

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WARNING2

WordPress.WP.EnqueuedResourceParameters.MissingVersion

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

WARNING1

WordPress.DB.DirectDatabaseQuery.DirectQuery

Use of a direct database call is discouraged.

WARNING1

WordPress.DB.DirectDatabaseQuery.NoCaching

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERROR1

WordPress.WP.AlternativeFunctions.file_system_operations_fopen

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

ERROR1

WordPress.WP.AlternativeFunctions.file_system_operations_is_writable

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().

ERROR1

WordPress.WP.I18n.MissingArgDomain

Missing $domain parameter in function call to __().

ERROR1

WordPress.WP.I18n.TextDomainMismatch

Mismatched text domain. Expected 'async-javascript' but got 'async-javasscript'.

ERROR1

badly_named_files

File and folder names must not contain spaces or special characters.

ERROR1

outdated_tested_upto_header

Tested up to: 6.2 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

WARNING1

readme_invalid_contributors

The "Contributors" header in the readme file must be a comma-separated list of WordPress.org-formatted usernames.

Code	Type	Message	Count
WordPress.Security.EscapeOutput.UnsafePrintingFunction	ERROR	All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.	223
WordPress.Security.EscapeOutput.OutputNotEscaped	ERROR	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<div class=\"$class\">$message</div>"'.	99
WordPress.Security.ValidatedSanitizedInput.MissingUnslash	WARNING	$_GET['aj_simulate'] not unslashed before sanitization. Use wp_unslash() or similar	41
WordPress.Security.ValidatedSanitizedInput.InputNotValidated	WARNING	Detected usage of a possibly undefined superglobal array index: $_POST['aj_gtmetrix_api_key']. Check that the array index exists before using it.	25
WordPress.WP.AlternativeFunctions.curl_curl_setopt	ERROR	Using cURL functions is highly discouraged. Use wp_remote_get() instead.	16
WordPress.Security.NonceVerification.Recommended	WARNING	Processing form data without nonce verification.	8
WordPress.WP.I18n.NonSingularStringLiteralText	ERROR	The $text parameter must be a single text string literal. Found: ' has detected that you do not have Autoptimize installed and active. Autoptimize can provide further optimization of JavaScript which can benefit the results of ' . AJ_TITLE . ' (and ' . AJ_TITLE . ' can also enhance Autoptimize results!)</p>'	5
WordPress.WP.AlternativeFunctions.curl_curl_close	ERROR	Using cURL functions is highly discouraged. Use wp_remote_get() instead.	2
WordPress.WP.AlternativeFunctions.curl_curl_error	ERROR	Using cURL functions is highly discouraged. Use wp_remote_get() instead.	2
WordPress.WP.AlternativeFunctions.curl_curl_exec	ERROR	Using cURL functions is highly discouraged. Use wp_remote_get() instead.	2
WordPress.WP.AlternativeFunctions.curl_curl_init	ERROR	Using cURL functions is highly discouraged. Use wp_remote_get() instead.	2
WordPress.WP.EnqueuedResourceParameters.MissingVersion	WARNING	Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.	2
WordPress.DB.DirectDatabaseQuery.DirectQuery	WARNING	Use of a direct database call is discouraged.	1
WordPress.DB.DirectDatabaseQuery.NoCaching	WARNING	Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().	1
WordPress.WP.AlternativeFunctions.file_system_operations_fopen	ERROR	File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().	1
WordPress.WP.AlternativeFunctions.file_system_operations_is_writable	ERROR	File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().	1
WordPress.WP.I18n.MissingArgDomain	ERROR	Missing $domain parameter in function call to __().	1
WordPress.WP.I18n.TextDomainMismatch	ERROR	Mismatched text domain. Expected 'async-javascript' but got 'async-javasscript'.	1
badly_named_files	ERROR	File and folder names must not contain spaces or special characters.	1
outdated_tested_upto_header	ERROR	Tested up to: 6.2 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.	1
readme_invalid_contributors	WARNING	The "Contributors" header in the readme file must be a comma-separated list of WordPress.org-formatted usernames.	1

Latest Snapshot

Findings

436

Errors

357

Warnings

Score History

First score snapshot

First scan completed Jun 20, 2026

v2.21.08.31 · Plugin Check 2.0.0 · Model 2026.06-mvp-static-v2

Jun 20, 2026

v2.21.08.31

Latest

Findings: 436
Errors: 357
Warnings: 79
Plugin Check: 2.0.0
Model: 2026.06-mvp-static-v2

Scan	Score	Findings	Errors	Warnings	Plugin	Plugin Check	Model
Jun 20, 2026Latest	37	436	357	79	v2.21.08.31	2.0.0	2026.06-mvp-static-v2

Related Plugins

Code Embed

10k+ active installs

code css embed

100

Disable Emojis (GDPR friendly)

60k+ active installs

GDPR disable emojis

100

Embed Optimizer

50k+ active installs

Embeds optimization-detective performance

100

Image Placeholders

60k+ active installs

dominant color images performance

100

Modern Image Formats

100k+ active installs

AVIF images modern image formats

100

Optimization Detective

60k+ active installs

optimization performance rum

100