LWS Hide Login

Secure your access to the admin page with this plugin !

v2.2.5Aurélien LWSUpdated 7 days agoAdded 4 years ago20k+ installs94% rating

LWS security

Score

Errors

Warnings

Change

Category Scores

Security5

Repo94

Performance100

Maintainability92

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

63 findings

Security

5 issue groups

Maintainability

3 issue groups

I18n

1 issue group

Repo Compliance

1 issue group

WARNINGSecurityMissing Unslash$_POST['ajax_slug'] not unslashed before sanitization. Use wp_unslash() or similar19

Category: Security
Occurrences: 19
Severity: warning

Sample message

$_POST['ajax_slug'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_POST['input_change_redirection']. Check that the array index exists before using it.13

Category: Security
Occurrences: 13
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST['input_change_redirection']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['lws_hide_login_form_config_param_nonce_hide_admin']11

Category: Security
Occurrences: 11
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['lws_hide_login_form_config_param_nonce_hide_admin']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityRecommendedProcessing form data without nonce verification.10

Category: Security
Occurrences: 10
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;3

Category: Maintainability
Occurrences: 3
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecurityMissingProcessing form data without nonce verification.2

Category: Security
Occurrences: 2
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

WARNINGI18nload plugin textdomain Foundload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

ERRORMaintainabilityparse url parse urlparse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url

ERRORRepo Complianceplugin header no licenseMissing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.

plugin_header_no_license Reference

Score History

First score snapshot

2 days ago

v2.2.5

Latest

Findings: 63
Errors: 5
Warnings: 58
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	45	63	5	58	v2.2.5	2.0.0

Related Plugins

Dam Spam

1k+ active installs

100

10k+ active installs

100

Remove XML-RPC Methods

1k+ active installs

100

Stop XML-RPC Attacks

6k+ active installs

100

BotBlocker Security – Firewall & Bot Protection

3k+ active installs

Protect Uploads

40k+ active installs