Name: OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA)
Rating: 4.9
Author: OOPSpam Team

Top Issues by File

Files with the highest concentration of issues in the latest scan

Issues Details

649 issues found in latest scan

	Code	Message	Location	Category
ERROR	`WordPress.WP.I18n.MissingArgDomain`	Missing $domain parameter in function call to esc_html__().	`options.php:3172:51`	General
ERROR	`WordPress.WP.I18n.NonSingularStringLiteralText`	The $text parameter must be a single text string literal. Found: $options['oopspam_br_spam_message']	`options.php:3186:20`	General
ERROR	`WordPress.WP.I18n.MissingArgDomain`	Missing $domain parameter in function call to esc_html__().	`options.php:3244:51`	General
ERROR	`WordPress.WP.I18n.NonSingularStringLiteralText`	The $text parameter must be a single text string literal. Found: $options['oopspam_happyforms_spam_message']	`options.php:3273:20`	General
ERROR	`WordPress.WP.I18n.MissingArgDomain`	Missing $domain parameter in function call to esc_html__().	`options.php:3299:51`	General
ERROR	`WordPress.DB.PreparedSQL.NotPrepared`	Use placeholders and $wpdb->prepare(); found $sql	`include/UI/display-spam-entries.php:213:4`	Security
ERROR	`WordPress.WP.I18n.NonSingularStringLiteralText`	The $text parameter must be a single text string literal. Found: $options['oopspam_ws_spam_message']	`options.php:3367:20`	General
ERROR	`WordPress.WP.I18n.MissingArgDomain`	Missing $domain parameter in function call to esc_html__().	`options.php:3393:51`	General
ERROR	`PluginCheck.Security.DirectDB.UnescapedDBParameter`	Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 212:\n $query = $wpdb->prepare(\n\t\t\t$sql,\n\t\t\tarray_merge(\n\t\t\t\t$values,\n\t\t\t\tarray($per_page, $offset)\n\t\t\t)\n\t\t)\n$sql assigned unsafely at line 209:\n $sql = "SELECT * FROM " . esc_sql($table) . " $where_clause ORDER BY $orderby $order LIMIT %d OFFSET %d"\n$where_clause assigned unsafely at line 199:\n $where_clause = !empty($where) ? "WHERE " . implode(" AND ", $where) : ""\n$where assigned unsafely at line 193:\n $where[] = "form_id IN (" . implode(',', $placeholders) . ")"\n$values assigned unsafely at line 194:\n $values = array_merge($values, $form_ids)\n$values assigned unsafely at line 185:\n $values[] = sanitize_text_field($_REQUEST['filter_reason'])\nNote: sanitize_text_field() is not a safe escaping function.	`include/UI/display-spam-entries.php:220:17`	Security
ERROR	`WordPress.DB.PreparedSQL.NotPrepared`	Use placeholders and $wpdb->prepare(); found $query	`include/UI/display-spam-entries.php:220:29`	Security

649 total row(s)


05.02.2026, 22:00:29	25s	18	177	472
28.11.2025, 16:30:31	27s	11	560	444
19.11.2025, 15:54:33	33s	11	560	445
14.11.2025, 04:16:59	32s	4	785	475

OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA)

Security454

Plugin Repository99

General78

options.php144 issues in this fileTotal: 144Errors: 126Warnings: 18

include/UI/display-spam-entries.php115 issues in this fileTotal: 115Errors: 14Warnings: 101

include/UI/display-ham-entries.php64 issues in this fileTotal: 64Errors: 14Warnings: 50

integration/WooCommerce.php60 issues in this fileTotal: 60Errors: 3Warnings: 57

oopspam-antispam.php37 issues in this fileTotal: 37Errors: 6Warnings: 31

include/helpers.php37 issues in this fileTotal: 37Warnings: 37

integration/AcfFrontEndForm.php30 issues in this fileTotal: 30Warnings: 30

include/oopspam-rate-limiting.php27 issues in this fileTotal: 27Errors: 3Warnings: 24

integration/MemberPress.php19 issues in this fileTotal: 19Warnings: 19

setup-wizard.php17 issues in this fileTotal: 17Errors: 5Warnings: 12