PluginScore

Conditional Menus

This plugin enables you to set conditional menus per posts, pages, categories, archive pages, etc.

v1.2.7themifymeUpdated Added 60k+ installs88% rating
adminconditional-tagscontextmenumenu items
35
Score
92
Errors
28
Warnings
+0
Change

Category Scores

Security0
Repo81
Performance100
Maintainability89

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

120 findings

Security

63

7 issue groups

I18n

39

3 issue groups

Maintainability

15

3 issue groups

Supply Chain

2

1 issue group

ERRORI18nText Domain MismatchMismatched text domain. Expected 'conditional-menus' but got 'themify-cm'.35
Category
I18n
Occurrences
35
Severity
error

Sample message

Mismatched text domain. Expected 'conditional-menus' but got 'themify-cm'.

WordPress.WP.I18n.TextDomainMismatchReference
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$key'.27
Category
Security
Occurrences
27
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$key'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.23
Category
Security
Occurrences
23
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunctionReference
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$key".13
Category
Maintainability
Occurrences
13
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$key".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
WARNINGSecurityRecommendedProcessing form data without nonce verification.5
Category
Security
Occurrences
5
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['themify_cm']3
Category
Security
Occurrences
3
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['themify_cm']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityMissing Unslash$_POST['themify_cm'] not unslashed before sanitization. Use wp_unslash() or similar3
Category
Security
Occurrences
3
Severity
warning

Sample message

$_POST['themify_cm'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.3
Category
I18n
Occurrences
3
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
ERRORSupply Chaincompressed filesCompressed files are not permitted.2
Category
Supply Chain
Occurrences
2
Severity
error

Sample message

Compressed files are not permitted.

compressed_files
WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "conditional_menus_theme_location".1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "conditional_menus_theme_location".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
Show 5 more
WARNINGSecurityMissing1
Category
Security
Occurrences
1
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
WARNINGSecuritywp redirect wp redirect1
Category
Security
Occurrences
1
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirectReference
ERRORMaintainabilitymissing direct file access protection1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference
WARNINGI18ntextdomain mismatch1
Category
I18n
Occurrences
1
Severity
warning

Sample message

The "Text Domain" header in the plugin file does not match the slug. Found "themify-cm", expected "conditional-menus".

textdomain_mismatchReference

Score History

First score snapshot

v1.2.7

35

Latest

Findings
120
Errors
92
Warnings
28
Check
2.0.0

Related Plugins

Breadcrumb Block

3k+ active installs

100
Menu In Post

2k+ active installs

100
PufferDesk

0 active installs

100
Simply Show Hooks

2k+ active installs

100
Classic Menu in Navigation Block

2k+ active installs

99
Hide WP Admin Notifications

1k+ active installs

99