Run updates, backups, security and reporting across all client sites from your own server. Keep data private and prove your value with branded reports …
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Maintainability
203
15 issue groups
Security
177
7 issue groups
Performance
29
1 issue group
I18n
1
1 issue group
WARNINGSecurityInterpolated Not PreparedUse placeholders and $wpdb->prepare(); found interpolated variable $ids_in at WHERE l.log_id IN ($ids_in)"130
- Category
- Security
- Occurrences
- 130
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $ids_in at WHERE l.log_id IN ($ids_in)"
ERRORMaintainabilitywp function not compatible with requires wpFunction "utf8_decode()" requires WordPress 6.9.0, but your plugin minimum supported version is WordPress 6.2.0.80
- Category
- Maintainability
- Occurrences
- 80
- Severity
- error
Sample message
Function "utf8_decode()" requires WordPress 6.9.0, but your plugin minimum supported version is WordPress 6.2.0.
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_mainwp_default_post_to_edit".64
- Category
- Maintainability
- Occurrences
- 64
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_mainwp_default_post_to_edit".
WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "admin_post_thumbnail_size".37
- Category
- Maintainability
- Occurrences
- 37
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "admin_post_thumbnail_size".
WARNINGPerformancePost Not In excludeUsing exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.29
- Category
- Performance
- Occurrences
- 29
- Severity
- warning
Sample message
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WARNINGSecurityMissingProcessing form data without nonce verification.26
- Category
- Security
- Occurrences
- 26
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORSecurityNot PreparedUse placeholders and $wpdb->prepare(); found $batch_limit7
- Category
- Security
- Occurrences
- 7
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $batch_limit
WARNINGMaintainabilityDiscouragedThe use of function ini_set() is discouraged4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- warning
Sample message
The use of function ini_set() is discouraged
WARNINGSecurityRecommendedProcessing form data without nonce verification.4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST['dtsstart']4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['dtsstart']
Show 15 moreShow less
WARNINGSecurityMissing Unslash4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
$_POST['dtsstart'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityNon Prefixed Constant Found3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "DOING_CRON".
WARNINGMaintainabilitytrademarked term3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "MainWP Dashboard" - contains the restricted term "wp" which cannot be used at all in your plugin name.
WARNINGMaintainabilityupdate modification detected3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins
WARNINGSecurityInput Not Validated2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['monitor_wpid']. Check that the array index exists before using it.
ERRORMaintainabilityrename rename2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rename() is discouraged. Use WP_Filesystem::move() to rename a file.
ERRORMaintainabilityFound1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
The use of function eval() is forbidden
WARNINGMaintainabilityDynamic Hookname Found1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter".
ERRORMaintainabilityfile system operations is writable1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
ERRORMaintainabilityunlink unlink1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
unlink() is discouraged. Use wp_delete_file() to delete a file.
ERRORI18nNon Singular String Literal Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: $english_label
WARNINGMaintainabilitymismatched plugin name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Plugin name "MainWP Dashboard: Self-hosted WordPress Management for Agencies" is different from the name declared in plugin header "MainWP Dashboard".
ERRORMaintainabilitymissing direct file access protection1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
ERRORMaintainabilityplugin updater detected1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Plugin Updater detected. These are not permitted in WordPress.org hosted plugins. Detected: site_transient_update_plugins
WARNINGRepo Compliancereadme parser warnings trimmed section changelog1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
The "Changelog" section is too long and was truncated. A maximum of 5000 characters is supported.
Score History
First score snapshot
v6.1.1
31
Latest
- Findings
- 412
- Errors
- 95
- Warnings
- 317
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 31 | 412 | 95 | 317 | v6.1.1 | 2.0.0 |
Related Plugins
10k+ active installs
6k+ active installs
3k+ active installs
2k+ active installs
40k+ active installs
50k+ active installs