CookieAdmin provides easy to configure cookie consent banner with GDPR and CCPA law support.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
64
8 issue groups
Maintainability
64
14 issue groups
I18n
1
1 issue group
WARNINGSecurityRecommendedProcessing form data without nonce verification.30
- Category
- Security
- Occurrences
- 30
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$no_cookies'.15
- Category
- Security
- Occurrences
- 15
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$no_cookies'.
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;11
- Category
- Maintainability
- Occurrences
- 11
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGSecurityInterpolated Not PreparedUse placeholders and $wpdb->prepare(); found interpolated variable $table_name at "SELECT COUNT(*) FROM $table_name"10
- Category
- Security
- Occurrences
- 10
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $table_name at "SELECT COUNT(*) FROM $table_name"
ERRORMaintainabilitywp function not compatible with requires wpFunction "wp_add_inline_script()" requires WordPress 4.5.0, but your plugin minimum supported version is WordPress 4.4.0.6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
Function "wp_add_inline_script()" requires WordPress 4.5.0, but your plugin minimum supported version is WordPress 4.4.0.
ERRORSecurityNot PreparedUse placeholders and $wpdb->prepare(); found $query3
- Category
- Security
- Occurrences
- 3
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $query
ERRORMaintainabilityNo Explicit VersionVersion parameter is not explicitly set or has been set to an equivalent of "false" for wp_register_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Version parameter is not explicitly set or has been set to an equivalent of "false" for wp_register_script; This means that the WordPress core version will be used which is not recommended for plugin or theme development.
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
Show 13 moreShow less
WARNINGSecurityUnescaped DBParameter2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Unescaped parameter $table_name used in $wpdb->get_results()
WARNINGMaintainabilityNon Prefixed Hookname Found2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "softaculous_plugin_update_notice".
WARNINGMaintainabilityerror log error log2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
WARNINGSecurityInput Not Sanitized2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_COOKIE['cookieadmin_consent']
ERRORSecurityUnescaped DBParameter1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
Unescaped parameter $sql used in $wpdb->query()\n$sql assigned unsafely at line 403.
WARNINGSecurityUnfinished Prepare1
- Category
- Security
- Occurrences
- 1
- Severity
- warning
Sample message
Replacement variables found, but no valid placeholders found in the query.
ERRORMaintainabilitydate date1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
WARNINGMaintainabilityNon Prefixed Constant Found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "SOFTACULOUS_PLUGIN_UPDATE_NOTICE".
WARNINGMaintainabilityNon Prefixed Variable Found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$content".
WARNINGMaintainabilityerror log print r1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
print_r() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations fclose1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fopen1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORI18nMissing Translators Comment1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
Score History
First score snapshot
v1.2.1
37
Latest
- Findings
- 129
- Errors
- 43
- Warnings
- 86
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 37 | 129 | 43 | 86 | v1.2.1 | 2.0.0 |
Related Plugins
60k+ active installs
10k+ active installs
20k+ active installs
2k+ active installs
1k+ active installs
5k+ active installs