Modular DS: Monitor, update, and backup multiple websites

Manage all your WordPress sites from one place. Automate updates, backups, uptime monitoring, security, reports, and more.

v3.0.2Modular DSUpdated Added 40k+ installs100% rating
21
Score
159
Errors
81
Warnings
+0
Change

Category Scores

Security0
Repo71
Performance100
Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

240 findings

Maintainability

138

20 issue groups

Security

76

4 issue groups

Supply Chain

7

1 issue group

ERRORSecurityException output is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Backup directory was not created properly: {$destDirectory}"'.48
Category
Security
Occurrences
48
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Backup directory was not created properly: {$destDirectory}"'.

ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;19
Category
Maintainability
Occurrences
19
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

WARNINGMaintainabilityNo PHP code foundNo PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.15
Category
Maintainability
Occurrences
15
Severity
warning

Sample message

No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.

ERRORMaintainabilityfile system operations fopenFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().14
Category
Maintainability
Occurrences
14
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_autoload".13
Category
Maintainability
Occurrences
13
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_autoload".

ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().13
Category
Maintainability
Occurrences
13
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$e'.12
Category
Security
Occurrences
12
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$e'.

ERRORMaintainabilityparse url parse urlparse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.12
Category
Maintainability
Occurrences
12
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WARNINGMaintainabilityerror log error logerror_log() found. Debug code should not normally be used in production.10
Category
Maintainability
Occurrences
10
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SERVER['HTTP_CF_IPCOUNTRY']8
Category
Security
Occurrences
8
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_CF_IPCOUNTRY']

Show 15 more
WARNINGSecurityRequest data is not unslashed8
Category
Security
Occurrences
8
Severity
warning

Sample message

$_SERVER['HTTP_CF_IPCOUNTRY'] not unslashed before sanitization. Use wp_unslash() or similar

ERRORSupply ChainHidden files included7
Category
Supply Chain
Occurrences
7
Severity
error

Sample message

Hidden files are not permitted.

WARNINGMaintainabilityNon-prefixed hook name5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "pre_set_site_transient_update_{$type}s".

ERRORMaintainabilityfile system operations fwrite5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WARNINGMaintainabilityDirect Query4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo Caching4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORMaintainabilitymysql PDO4
Category
Maintainability
Occurrences
4
Severity
error

Sample message

Accessing the database directly should be avoided. Please use the $wpdb object and associated functions instead. Found: \PDO.

WARNINGMaintainabilityDynamic hook name4
Category
Maintainability
Occurrences
4
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$action".

ERRORMaintainabilityfile system operations rmdir3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().

ERRORMaintainabilityunlink unlink3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

ERRORMaintainabilityNot Allowed2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead

WARNINGMaintainabilityDiscouraged PHP function2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

The use of function ini_set() is discouraged

WARNINGMaintainabilityslow db query meta key2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Detected usage of meta_key, possible slow query.

WARNINGMaintainabilityslow db query meta value2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Detected usage of meta_value, possible slow query.

ERRORMaintainabilityfile system operations is writable2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().

External Connections

Potential connections found in static code analysis.

67 domains

Outbound calls

210

External assets

12

Incoming endpoints

0

Notable Domains

php.net31 · outbound
datatracker.ietf.org26 · outbound
bugs.php.net10 · outbound
modulards.com5 · outbound
api.slack.com4 · outbound
curl.haxx.se4 · outbound

Platform / Reference Domains

github.com28 · platform/reference
w3.org14 · platform/reference
gnu.org3 · platform/reference

External Asset Domains

s0.wp.com12 · asset

Incoming Endpoints

No public endpoints detected.

Score History

2 score snapshots

+0
1007550250Jun 20, 2026, 02:39 AM UTC Score 21/100 Plugin v3.0.1 Plugin Check 2.0.0 161 errors, 81 warningsJun 26, 2026, 06:11 PM UTC Score 21/100 Plugin v3.0.2 Plugin Check 2.0.0 159 errors, 81 warningsJun 20, 2026Jun 26, 2026

v3.0.2

21

Latest

Findings
240
Errors
159
Warnings
81
Check
2.0.0

v3.0.1

21

Score

Findings
242
Errors
161
Warnings
81
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related Plugins

Aruba Migration Tool

600 active installs

100
Dam Spam

1k+ active installs

100
Export Media as ZIP

1k+ active installs

100
Login Security Captcha

10k+ active installs

100
Protect Login

600 active installs

100
Remove XML-RPC Methods

1k+ active installs

100