Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers

The best WordPress giveaway plugin. Grow your email list, website traffic, and social media followers with viral contests, giveaways, and sweepstakes.

v1.12.23Syed BalkhiUpdated 5 days agoAdded 8 years ago30k+ installs78% rating

Loyalty competition contests giveaways sweepstakes

Score

261

Errors

863

Warnings

Change

Category Scores

Security0

Repo91

Performance100

Maintainability51

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

1,124 findings

Security

666

10 issue groups

Maintainability

456

8 issue groups

Repo Compliance

2 issue groups

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$action_token_ajax_url".223

Category: Maintainability
Occurrences: 223
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$action_token_ajax_url".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

ERRORSecurityNot PreparedUse placeholders and $wpdb->prepare(); found $query165

Category: Security
Occurrences: 165
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $query

WordPress.DB.PreparedSQL.NotPrepared

WARNINGSecurityMissing Unslash$_COOKIE['rafflepress_hash_' . $giveaway_id] not unslashed before sanitization. Use wp_unslash() or similar118

Category: Security
Occurrences: 118
Severity: warning

Sample message

$_COOKIE['rafflepress_hash_' . $giveaway_id] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.116

Category: Maintainability
Occurrences: 116
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().111

Category: Maintainability
Occurrences: 111
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

ERRORSecurityUnescaped DBParameterUnescaped parameter $safe_sql used in $wpdb->get_results()\n$safe_sql assigned unsafely at line 107.92

Category: Security
Occurrences: 92
Severity: error

Sample message

Unescaped parameter $safe_sql used in $wpdb->get_results()\n$safe_sql assigned unsafely at line 107.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityInput Not ValidatedDetected usage of a possibly undefined superglobal array index: $_COOKIE['rafflepress_hash_' . $giveaway_id]. Check that the array index exists before using it.85

Category: Security
Occurrences: 85
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_COOKIE['rafflepress_hash_' . $giveaway_id]. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

WARNINGSecurityRecommendedProcessing form data without nonce verification.78

Category: Security
Occurrences: 78
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_COOKIE['rafflepress_hash_' . $giveaway_id]64

Category: Security
Occurrences: 64
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE['rafflepress_hash_' . $giveaway_id]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

WARNINGSecurityMissingProcessing form data without nonce verification.51

Category: Security
Occurrences: 51
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

Show 10 more

WARNINGSecurityInput Not Validated Not Sanitized5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Detected usage of a non-sanitized, non-validated input variable _SERVER: "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"

WordPress.Security.ValidatedSanitizedInput.InputNotValidatedNotSanitized

WARNINGSecurityUnescaped DBParameter4

Category: Security
Occurrences: 4
Severity: warning

Sample message

Unescaped parameter $safe_sql used in $wpdb->get_results()\n$safe_sql assigned unsafely at line 170.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecuritywp redirect wp redirect4

Category: Security
Occurrences: 4
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

ERRORMaintainabilityfive star reviews detected2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

Linking directly to 5 stars reviews is not allowed.

five_star_reviews_detected Reference

WARNINGMaintainabilityNon Prefixed Function Found1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "seedprod_pro_upgrade_link_class".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

WARNINGMaintainabilityerror log var dump1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

var_dump() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_var_dump

WARNINGMaintainabilitymismatched plugin name1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

Plugin name "Giveaways and Contests by RafflePress - Get More Website Traffic, Email Subscribers, and Social Followers" is different from the name declared in plugin header "RafflePress Lite".

mismatched_plugin_name Reference

ERRORRepo Compliancereadme mismatched header requires1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Mismatched Requires at least: 4.8 != 6.3. "Requires at least" needs to be exactly the same with that in your main plugin file's header.

readme_mismatched_header_requires Reference

WARNINGRepo Compliancereadme parser warnings too many tags1

Category: Repo Compliance
Occurrences: 1
Severity: warning

Sample message

One or more tags were ignored. Please limit your plugin to 5 tags.

readme_parser_warnings_too_many_tags

ERRORMaintainabilitystable tag mismatch1

Category: Maintainability
Occurrences: 1
Severity: error

Sample message

Mismatched Stable Tag: 1.12.22 != 1.12.23. Your Stable Tag is meant to be the stable version of your plugin and it needs to be exactly the same with the Version in your main plugin file's header. Any mismatch can prevent users from downloading the correct plugin files from WordPress.org.

stable_tag_mismatch Reference

Score History

First score snapshot

yesterday

v1.12.23

Latest

Findings: 1,124
Errors: 261
Warnings: 863
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	34	1,124	261	863	v1.12.23	2.0.0

Related Plugins

MyRewards

2k+ active installs

Loyalty Points Rewards and Referral for WooCommerce – WPLoyalty

3k+ active installs

Woorise – Landing Pages, Forms & Surveys

1k+ active installs

Points and Rewards for WooCommerce

7k+ active installs

Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred

10k+ active installs