The AI-powered internal linking plugin for WordPress. Build internal links faster, find linking opportunities, and improve SEO automatically.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
3,861
11 issue groups
Maintainability
3,087
11 issue groups
I18n
2,001
3 issue groups
ERRORI18nText Domain MismatchMismatched text domain. Expected 'link-whisper' but got "wpil".1,864
- Category
- I18n
- Occurrences
- 1,864
- Severity
- error
Sample message
Mismatched text domain. Expected 'link-whisper' but got "wpil".
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $ancestors at "SELECT DISTINCT ID FROM {$wpdb->posts} WHERE `post_parent` IN ($ancestors)"898
- Category
- Security
- Occurrences
- 898
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $ancestors at "SELECT DISTINCT ID FROM {$wpdb->posts} WHERE `post_parent` IN ($ancestors)"
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.892
- Category
- Maintainability
- Occurrences
- 892
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().871
- Category
- Maintainability
- Occurrences
- 871
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a_post".778
- Category
- Maintainability
- Occurrences
- 778
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$a_post".
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<b>Error:</b> [$errno] $errstr - $error_file:$error_line<br><br><hr><br><br>$out"'.599
- Category
- Security
- Occurrences
- 599
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<b>Error:</b> [$errno] $errstr - $error_file:$error_line<br><br><hr><br><br>$out"'.
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $ai_anchor_sntnce_table used in $wpdb->query()\n$ai_anchor_sntnce_table assigned unsafely at line 1205.433
- Category
- Security
- Occurrences
- 433
- Severity
- warning
Sample message
Unescaped parameter $ai_anchor_sntnce_table used in $wpdb->query()\n$ai_anchor_sntnce_table assigned unsafely at line 1205.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.431
- Category
- Security
- Occurrences
- 431
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.419
- Category
- Security
- Occurrences
- 419
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilityShort PHP open tag foundShort PHP opening tag used with echo; expected "<?php echo ! ..." but found "<?= ! ..."289
- Category
- Maintainability
- Occurrences
- 289
- Severity
- error
Sample message
Short PHP opening tag used with echo; expected "<?php echo ! ..." but found "<?= ! ..."
Show 15 moreShow less
ERRORSecurityDatabase parameter is not escaped271
- Category
- Security
- Occurrences
- 271
- Severity
- error
Sample message
Unescaped parameter $all_post_types used in $wpdb->get_col()\n$all_post_types assigned unsafely at line 1592.
ERRORSecuritySQL query is not prepared224
- Category
- Security
- Occurrences
- 224
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found !
WARNINGSecurityRequest data is not unslashed223
- Category
- Security
- Occurrences
- 223
- Severity
- warning
Sample message
$_GET['category'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGSecurityInput is not sanitized188
- Category
- Security
- Occurrences
- 188
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['category']
ERRORSecurityUnsafe printing function129
- Category
- Security
- Occurrences
- 129
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
ERRORI18nMissing Arg Domain69
- Category
- I18n
- Occurrences
- 69
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
ERRORI18nMissing Translators Comment68
- Category
- I18n
- Occurrences
- 68
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
ERRORMaintainabilityMissing direct file access protection61
- Category
- Maintainability
- Occurrences
- 61
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilitydate date52
- Category
- Maintainability
- Occurrences
- 52
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
ERRORMaintainabilitycurl curl setopt47
- Category
- Maintainability
- Occurrences
- 47
- Severity
- error
Sample message
Using cURL functions is highly discouraged. Use wp_remote_get() instead.
WARNINGSecurityInput is not validated46
- Category
- Security
- Occurrences
- 46
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_FILES['csv_file']['name']. Check that the array index exists before using it.
ERRORMaintainabilitystrip tags strip tags38
- Category
- Maintainability
- Occurrences
- 38
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
WARNINGMaintainabilitySchema Change24
- Category
- Maintainability
- Occurrences
- 24
- Severity
- warning
Sample message
Attempting a database schema change is discouraged.
ERRORMaintainabilitywp function not compatible with requires wp19
- Category
- Maintainability
- Occurrences
- 19
- Severity
- error
Sample message
Function "get_user_locale()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.6.0.
WARNINGMaintainabilityerror log error log16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
Score History
First score snapshot
v0.9.5
23
Latest
- Findings
- 9,185
- Errors
- 3,882
- Warnings
- 5,303
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 23 | 9,185 | 3,882 | 5,303 | v0.9.5 | 2.0.0 |
Related Plugins
2k+ active installs
30k+ active installs
20k+ active installs
10k+ active installs
10k+ active installs
30k+ active installs