PluginScore

Real Cookie Banner: GDPR & ePrivacy Cookie Consent

Obtain GDPR (DSGVO/RGPD) and ePrivacy Directive (TDDDG/TTDSG, LOPD-GDD, DTA) compliant consents in your cookie banner. More than just a cookie notice!

v5.2.25devowl.io GmbHUpdated Added 100k+ installs98% rating100% support resolved
GDPRcookie bannercookie consentcookie pluginePrivacy
30
Score
9
Errors
496
Warnings
+0
Change

Category Scores

Security0
Repo100
Performance100
Maintainability26

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

505 findings

Maintainability

330

21 issue groups

Security

175

2 issue groups

WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $expressionSql used in $wpdb->get_results()\n$expressionSql assigned unsafely at line 211.111
Category
Security
Occurrences
111
Severity
warning

Sample message

Unescaped parameter $expressionSql used in $wpdb->get_results()\n$expressionSql assigned unsafely at line 211.

PluginCheck.Security.DirectDB.UnescapedDBParameter
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.92
Category
Maintainability
Occurrences
92
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().84
Category
Maintainability
Occurrences
84
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'RCB/Migration/' . $migrationId . '/' . $actionId".69
Category
Maintainability
Occurrences
69
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'RCB/Migration/' . $migrationId . '/' . $actionId".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.64
Category
Security
Occurrences
64
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGMaintainabilityNon-prefixed constantGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "RCB_DB_PREFIX".27
Category
Maintainability
Occurrences
27
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "RCB_DB_PREFIX".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound
WARNINGMaintainabilitySchema ChangeAttempting a database schema change is discouraged.12
Category
Maintainability
Occurrences
12
Severity
warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange
WARNINGMaintainabilityslow db query meta queryDetected usage of meta_query, possible slow query.10
Category
Maintainability
Occurrences
10
Severity
warning

Sample message

Detected usage of meta_query, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_query
WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "rcb_skip_already_admin_notice".10
Category
Maintainability
Occurrences
10
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "rcb_skip_already_admin_notice".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$apiInclude".6
Category
Maintainability
Occurrences
6
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$apiInclude".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
Show 13 more
ERRORMaintainabilityparse url parse url5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
WARNINGMaintainabilityslow db query tax query2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Detected usage of tax_query, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_tax_query
WARNINGMaintainabilityerror log debug backtrace2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

debug_backtrace() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_debug_backtrace
WARNINGMaintainabilityunexpected markdown file2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Unexpected markdown file "LICENSE_3RD_PARTY_JS.md" detected in plugin root. Only specific markdown files are expected in production plugins.

unexpected_markdown_file
WARNINGMaintainabilityslow db query meta key1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key
WARNINGMaintainabilityslow db query meta value1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Detected usage of meta_value, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_value
ERRORMaintainabilityfile system operations fwrite1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WordPress.WP.AlternativeFunctions.file_system_operations_fwrite
ERRORMaintainabilityrand mt rand1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

mt_rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_mt_rand
ERRORMaintainabilityNon Enqueued Script1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

WordPress.WP.EnqueuedResources.NonEnqueuedScript
WARNINGMaintainabilitymismatched plugin name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "Real Cookie Banner: GDPR & ePrivacy Cookie Consent" is different from the name declared in plugin header "Real Cookie Banner (Free)".

mismatched_plugin_nameReference
WARNINGMaintainabilitymissing composer json file1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The "/vendor" directory using composer exists, but "composer.json" file is missing.

missing_composer_json_fileReference
ERRORMaintainabilityMissing direct file access protection1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
WARNINGMaintainabilityupgrade notice limit1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The upgrade notice for "5.0" exceeds the limit of 300 characters.

upgrade_notice_limit

External Connections

Not analyzed yet.

Score History

First score snapshot

v5.2.25

30

Latest

Findings
505
Errors
9
Warnings
496
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

29 nodes

Related Plugins

Disable Emojis (GDPR friendly)

60k+ active installs

100
WS Form LITE – Drag & Drop Contact Form Builder

10k+ active installs

100
Additional Terms for WooCommerce

2k+ active installs

98
consentmanager Cookie Banner

5k+ active installs

98
Simple Cookie Notice

2k+ active installs

98
Flexible Cookies

3k+ active installs

97