OSM – OpenStreetMap

Customize maps in your posts, pages, and widgets. GPX, KML, and more.

v6.2.6MiKaUpdated 17 days agoAdded 17 years ago10k+ installs92% rating33% support resolved

GPX OpenSeaMap kml openstreetmap osm

Score

130

Errors

Warnings

Change

Category Scores

Security0

Repo94

Performance100

Maintainability65

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

194 findings

Security

113

5 issue groups

Maintainability

11 issue groups

I18n

3 issue groups

Repo Compliance

1 issue group

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<meta name=\"DC.title\" content=\"{$wp_query->post->post_title}\" />\n"'.93

Category: Security
Occurrences: 93
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<meta name=\"DC.title\" content=\"{$wp_query->post->post_title}\" />\n"'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGMaintainabilityMissing VersionResource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.22

Category: Maintainability
Occurrences: 22
Severity: warning

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;17

Category: Maintainability
Occurrences: 17
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.15

Category: Security
Occurrences: 15
Severity: error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WordPress.Security.EscapeOutput.UnsafePrintingFunction Reference

WARNINGMaintainabilityerror log error logerror_log() found. Debug code should not normally be used in production.12

Category: Maintainability
Occurrences: 12
Severity: warning

Sample message

error_log() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_error_log

WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.7

Category: Maintainability
Occurrences: 7
Severity: warning

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

WordPress.WP.EnqueuedResourceParameters.NotInFooter

WARNINGMaintainabilityerror log print rprint_r() found. Debug code should not normally be used in production.5

Category: Maintainability
Occurrences: 5
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

WARNINGMaintainabilityslow db query meta keyDetected usage of meta_key, possible slow query.4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().3

Category: Maintainability
Occurrences: 3
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

Show 10 more

WARNINGSecurityMissing Unslash3

Category: Security
Occurrences: 3
Severity: warning

Sample message

$_POST['geotag_nonce'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORI18nMissing Arg Domain2

Category: I18n
Occurrences: 2
Severity: error

Sample message

Missing $domain parameter in function call to __().

WordPress.WP.I18n.MissingArgDomain Reference

WARNINGMaintainabilityNo Code Found1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.

Internal.NoCodeFound

WARNINGI18nload plugin textdomain Found1

Category: I18n
Occurrences: 1
Severity: warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound Reference

ERRORMaintainabilityFound1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Do not use Localhost/127.0.0.1/*.local in your code. Found: http://www.localhost/

PluginCheck.CodeAnalysis.Localhost.Found

WARNINGSecurityUsing FILE 1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Using __FILE__ for menu slugs risks exposing filesystem structure.

WordPress.Security.PluginMenuSlug.Using__FILE__

WARNINGSecurityInput Not Sanitized1

Category: Security
Occurrences: 1
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['geotag_nonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORI18nMissing Translators Comment1

Category: I18n
Occurrences: 1
Severity: error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

WARNINGMaintainabilitymismatched plugin name1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Plugin name "OSM - OpenStreetMap" is different from the name declared in plugin header "OSM".

mismatched_plugin_name Reference

ERRORRepo Complianceplugin header unsupported plugin name1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

The "Plugin Name" header in the plugin file is not valid. It needs to contain at least 5 latin letters (a-Z) and/or numbers. This is necessary because the initial plugin slug is generated from the name.

plugin_header_unsupported_plugin_name Reference

Score History

First score snapshot

yesterday

v6.2.6

Latest

Findings: 194
Errors: 130
Warnings: 64
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	37	194	130	64	v6.2.6	2.0.0

Related Plugins

Extensions for Leaflet Map

3k+ active installs

Flexible Map

7k+ active installs

Leaflet Map

30k+ active installs

WP GPX Maps

4k+ active installs

WP Open Street Map

3k+ active installs

WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters

60k+ active installs