Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
899
5 issue groups
Maintainability
686
19 issue groups
I18n
6
1 issue group
ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not create new segment with name [{$name}] because a segment with that name already exists."'.718
- Category
- Security
- Occurrences
- 718
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not create new segment with name [{$name}] because a segment with that name already exists."'.
WARNINGMaintainabilityNon-prefixed classClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "__TwigTemplate_02deb84769839d0a6212d921e633c1fa1d1daa6b34177426293099b2197e4112".174
- Category
- Maintainability
- Occurrences
- 174
- Severity
- warning
Sample message
Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "__TwigTemplate_02deb84769839d0a6212d921e633c1fa1d1daa6b34177426293099b2197e4112".
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.106
- Category
- Maintainability
- Occurrences
- 106
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.106
- Category
- Security
- Occurrences
- 106
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().102
- Category
- Maintainability
- Occurrences
- 102
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilityNon-prefixed constantGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "DECLARED_FORM".89
- Category
- Maintainability
- Occurrences
- 89
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "DECLARED_FORM".
ERRORMaintainabilityNot AllowedUse of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead64
- Category
- Maintainability
- Occurrences
- 64
- Severity
- error
Sample message
Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.45
- Category
- Security
- Occurrences
- 45
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilityrand mt randmt_rand() is discouraged. Use the far less predictable wp_rand() instead.27
- Category
- Maintainability
- Occurrences
- 27
- Severity
- error
Sample message
mt_rand() is discouraged. Use the far less predictable wp_rand() instead.
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.25
- Category
- Maintainability
- Occurrences
- 25
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Show 15 moreShow less
WARNINGSecurityDatabase parameter is not escaped18
- Category
- Security
- Occurrences
- 18
- Severity
- warning
Sample message
Unescaped parameter $andWhere used in $wpdb->get_results()\n$andWhere assigned unsafely at line 344.
WARNINGMaintainabilityNon-prefixed global variable16
- Category
- Maintainability
- Occurrences
- 16
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$bar".
ERRORMaintainabilityrand rand15
- Category
- Maintainability
- Occurrences
- 15
- Severity
- error
Sample message
rand() is discouraged. Use the far less predictable wp_rand() instead.
ERRORMaintainabilityparse url parse url14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
WARNINGSecurityRequest data is not unslashed12
- Category
- Security
- Occurrences
- 12
- Severity
- warning
Sample message
$_GET['id'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORMaintainabilitystrip tags strip tags8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
ERRORMaintainabilityunlink unlink8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
ERRORMaintainabilityNon Enqueued Script7
- Category
- Maintainability
- Occurrences
- 7
- Severity
- error
Sample message
Scripts must be registered/enqueued via wp_enqueue_script()
WARNINGMaintainabilitySchema Change6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
Attempting a database schema change is discouraged.
ERRORI18nText Domain Mismatch6
- Category
- I18n
- Occurrences
- 6
- Severity
- error
Sample message
Mismatched text domain. Expected 'mailpoet' but got 'woocommerce'.
WARNINGMaintainabilityerror log error log5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
error_log() found. Debug code should not normally be used in production.
WARNINGMaintainabilityerror log trigger error5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
trigger_error() found. Debug code should not normally be used in production.
ERRORMaintainabilityfile system operations fclose5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fopen5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityfile system operations fwrite5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
External Connections
Potential connections found in static code analysis.
Outbound calls
298
External assets
2
Incoming endpoints
0
Notable Domains
Platform / Reference Domains
External Asset Domains
Incoming Endpoints
No public endpoints detected.
Score History
3 score snapshots
v5.32.0
23
Latest
- Findings
- 1,650
- Errors
- 931
- Warnings
- 719
- Check
- 2.0.0
v5.31.0
23
Score
- Findings
- 1,636
- Errors
- 926
- Warnings
- 710
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 23 | 1,650 | 931 | 719 | v5.32.0 | 2.0.0 |
| 23 | 1,636 | 926 | 710 | v5.31.0 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Author
Category
Issue
Domain
Related
Author
Category
Issue
Domain
Related
Related Plugins
2k+ active installs
500 active installs
4k+ active installs
400 active installs
500 active installs
500 active installs