Allow or disallow visitors from certain countries accessing (parts of) your website
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
222
9 issue groups
Maintainability
158
14 issue groups
I18n
17
2 issue groups
WARNINGSecurityRequest data is not unslashed$_GET['tab'] not unslashed before sanitization. Use wp_unslash() or similar70
- Category
- Security
- Occurrences
- 70
- Severity
- warning
Sample message
$_GET['tab'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_FILES['iqbc_import']['tmp_name']48
- Category
- Security
- Occurrences
- 48
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_FILES['iqbc_import']['tmp_name']
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$iqbc_apiblocklist".40
- Category
- Maintainability
- Occurrences
- 40
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$iqbc_apiblocklist".
ERRORSecuritySetting is missing a sanitization callbackSanitization missing for register_setting().35
- Category
- Security
- Occurrences
- 35
- Severity
- error
Sample message
Sanitization missing for register_setting().
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$iqbc_countrylist[$iqbc_row->country]'.23
- Category
- Security
- Occurrences
- 23
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$iqbc_countrylist[$iqbc_row->country]'.
WARNINGMaintainabilityNon-prefixed constantGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "ADMINAPICHECKURL".22
- Category
- Maintainability
- Occurrences
- 22
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "ADMINAPICHECKURL".
ERRORMaintainabilitywp function not compatible with requires wpFunction "rest_is_ip_address()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.5.2.22
- Category
- Maintainability
- Occurrences
- 22
- Severity
- error
Sample message
Function "rest_is_ip_address()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.5.2.
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_FILES['iqbc_import']['error']. Check that the array index exists before using it.15
- Category
- Security
- Occurrences
- 15
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_FILES['iqbc_import']['error']. Check that the array index exists before using it.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
Show 15 moreShow less
ERRORSecurityDatabase parameter is not escaped11
- Category
- Security
- Occurrences
- 11
- Severity
- error
Sample message
Unescaped parameter $iqbc_query used in $wpdb->get_results()\n$iqbc_query assigned unsafely at line 36.
ERRORI18nMissing Arg Domain10
- Category
- I18n
- Occurrences
- 10
- Severity
- error
Sample message
Missing $domain parameter in function call to esc_html_e().
WARNINGSecurityInterpolated SQL is not prepared9
- Category
- Security
- Occurrences
- 9
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $iqbc_table_name at "SELECT * FROM $iqbc_table_name ORDER BY datetime ASC"
ERRORSecuritySQL query is not prepared9
- Category
- Security
- Occurrences
- 9
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $iqbc_query
ERRORMaintainabilityMissing direct file access protection8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORI18nNon Singular String Literal Text7
- Category
- I18n
- Occurrences
- 7
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: "<a href=\"" . IQBCMAXMINDURL . "\" target=\"_blank\">" . IQBCMAXMINDURL . "</a> "
ERRORMaintainabilitydate date5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilitycurl curl close5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilitycurl curl exec5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilitycurl curl getinfo5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilitycurl curl init5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
ERRORMaintainabilitycurl curl setopt array5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
WARNINGMaintainabilityNon-prefixed function4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "iq_cachingisactive_notice".
WARNINGSecurityNonce verification recommended2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilityunlink unlink2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
External Connections
Not analyzed yet.
Score History
First score snapshot
v1.2.28
27
Latest
- Findings
- 409
- Errors
- 164
- Warnings
- 245
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 27 | 409 | 164 | 245 | v1.2.28 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Plugin
Author
Category
Issue
Related
Plugin
Author
Category
Issue
Related
Related Plugins
2k+ active installs
2k+ active installs
3k+ active installs
5k+ active installs
7k+ active installs