← Back to Leaderboard
WordPress Security Protection: Malware scanner, Firewall, Login Security, DB Backup, Anti-Spam...
1
Score
7114
Errors
2309
Warnings
30K
Installs
Security5719
Repo3342
General360
Performance2
Accessibility0
Top Issues by Category
Issues organized by category, type, and rule family
Top Issues by File
Files with the highest concentration of issues in the latest scan
Issues Details
9423 issues found in latest scan
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound | Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$text". | admin/core/core.php:430:249 | Plugin Repo |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. | admin/wizard/wizard.php:276:32 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$wpadminHtaccess'. | admin/wizard/wizard.php:276:73 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. | admin/wizard/wizard.php:276:90 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$successTextEnd'. | admin/wizard/wizard.php:276:139 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$successTextBegin'. | admin/wizard/wizard.php:394:14 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$Stable_name'. | admin/wizard/wizard.php:394:32 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$successMessage'. | admin/wizard/wizard.php:394:45 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$successTextEnd'. | admin/wizard/wizard.php:394:61 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$failTextBegin'. | admin/wizard/wizard.php:396:14 | Security |
9423 total row(s)
Scan History
2 scans recorded
| 06.12.2025, 22:31:37 | 1m 5s | 1 | 7114 | 2309 |
| 13.11.2025, 05:34:14 | 1m 36s | 1 | 7129 | 2310 |
2 total row(s)
Score Trend
Performance across 2 scans
Avg: 1
100
75
50
25
0
1.0
13.11
1.0
06.12
90-100
80-89
60-79
<60
Report an issue
Tell us if something in this report looks wrong or if you need a deeper audit for BulletProof Security. We read every submission and typically reply within a day.