Booking Calendar

WP Booking Calendar plugin for full-day bookings, time-slot appointments, rentals & events. Accept bookings and inquiries with flexible contact forms

v11.1wpdevelopUpdated 1 month agoAdded 17 years ago50k+ installs94% rating80% support resolved

appointment booking booking calendar booking form contact form reservations

Score

Errors

Warnings

Change

Category Scores

Security28

Repo100

Performance100

Maintainability77

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

56 findings

Maintainability

8 issue groups

Security

7 issue groups

ERRORMaintainabilitywp function not compatible with requires wpFunction "get_block_templates()" requires WordPress 5.8.0, but your plugin minimum supported version is WordPress 5.3.0.11

Category: Maintainability
Occurrences: 11
Severity: error

Sample message

Function "get_block_templates()" requires WordPress 5.8.0, but your plugin minimum supported version is WordPress 5.3.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGMaintainabilityNon Prefixed Constant FoundGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "OBC_CHECK_URL".8

Category: Maintainability
Occurrences: 8
Severity: warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "OBC_CHECK_URL".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['ids']7

Category: Security
Occurrences: 7
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['ids']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityInterpolated Not PreparedUse placeholders and $wpdb->prepare(); found interpolated variable {$placeholders} at \t\t WHERE timeslot_id IN ({$placeholders})"6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable {$placeholders} at \t\t WHERE timeslot_id IN ({$placeholders})"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

ERRORMaintainabilityNot AllowedUse of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead

PluginCheck.CodeAnalysis.Heredoc.NotAllowed

WARNINGMaintainabilityNon Prefixed Class FoundClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "BookingWidget".4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "BookingWidget".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound

WARNINGMaintainabilityMixedFile has mixed line endings; this may cause incorrect results3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

File has mixed line endings; this may cause incorrect results

Internal.LineEndings.Mixed

WARNINGSecurityUnescaped DBParameterUnescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 300.3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Unescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 300.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityMissing Unslash$_REQUEST['date_end'] not unslashed before sanitization. Use wp_unslash() or similar3

Category: Security
Occurrences: 3
Severity: warning

Sample message

$_REQUEST['date_end'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityRecommendedProcessing form data without nonce verification.2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

Show 5 more

ERRORMaintainabilityPlugin Directory Write1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Plugin folders are deleted when upgraded. Do not save data to the plugin folder using fwrite(). Detected usage of constant WP_PLUGIN_DIR. Use wp_upload_dir() to get the uploads directory path or save to the database instead.

PluginCheck.CodeAnalysis.WriteFile.PluginDirectoryWrite

WARNINGMaintainabilityNo Caching1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

WARNINGSecurityReplacements Wrong Number1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Incorrect number of replacements passed to $wpdb->prepare(). Found 1 replacement parameters, expected 2.

WordPress.DB.PreparedSQLPlaceholders.ReplacementsWrongNumber

WARNINGSecurityUnfinished Prepare1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare

WARNINGMaintainabilityupgrade notice limit1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The upgrade notice for "11.0" exceeds the limit of 300 characters.

upgrade_notice_limit

Score History

First score snapshot

2 days ago

v11.1

Latest

Findings: 56
Errors: 16
Warnings: 40
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	56	56	16	40	v11.1	2.0.0

Related Plugins

Add Password Field for Contact Form 7

3k+ active installs

100

Contact Form Query

1k+ active installs

100

Style Contact Form 7

1k+ active installs

100

WS Form LITE – Drag & Drop Contact Form Builder

10k+ active installs

100

ACF Field For CF7

10k+ active installs

Cal.com

1k+ active installs