Secure Copy Content Protection and Content Locking

Copy Protection plugin is activated it disables the right click, copy paste, content selection and copy shortcut keys

v5.1.8Ays ProUpdated 3 days agoAdded 8 years ago20k+ installs84% rating

content copy protection content-protection copy protection copyright disable right click

Score

958

Errors

799

Warnings

Change

Category Scores

Security0

Repo97

Performance100

Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

1,757 findings

Security

1,091

11 issue groups

Maintainability

633

14 issue groups

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<option value='{$bstyle}' {$selected}>"'.813

Category: Security
Occurrences: 813
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<option value='{$bstyle}' {$selected}>"'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$actions".413

Category: Maintainability
Occurrences: 413
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$actions".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGSecurityRecommendedProcessing form data without nonce verification.89

Category: Security
Occurrences: 89
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.77

Category: Maintainability
Occurrences: 77
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().67

Category: Maintainability
Occurrences: 67
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

ERRORSecurityNot PreparedUse placeholders and $wpdb->prepare(); found $ays_sb_email48

Category: Security
Occurrences: 48
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $ays_sb_email

WordPress.DB.PreparedSQL.NotPrepared

WARNINGSecurityMissing Unslash$_GET['ays_sccp_tab'] not unslashed before sanitization. Use wp_unslash() or similar48

Category: Security
Occurrences: 48
Severity: warning

Sample message

$_GET['ays_sccp_tab'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

ERRORSecurityUnescaped DBParameterUnescaped parameter $ays_sb_email used in $wpdb->get_row()\n$ays_sb_email assigned unsafely at line 636.28

Category: Security
Occurrences: 28
Severity: error

Sample message

Unescaped parameter $ays_sb_email used in $wpdb->get_row()\n$ays_sb_email assigned unsafely at line 636.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_GET['orderbyuserrole']26

Category: Security
Occurrences: 26
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_GET['orderbyuserrole']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;12

Category: Maintainability
Occurrences: 12
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

Show 15 more

WARNINGSecurityInput Not Validated11

Category: Security
Occurrences: 11
Severity: warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_GET['result']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated

ERRORMaintainabilityEcho Found10

Category: Maintainability
Occurrences: 10
Severity: error

Sample message

Short PHP opening tag used with echo; expected "<?php echo __ ..." but found "<?= __ ..."

Generic.PHP.DisallowShortOpenTag.EchoFound

WARNINGSecurityMissing10

Category: Security
Occurrences: 10
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGMaintainabilityNon Prefixed Hookname Found9

Category: Maintainability
Occurrences: 9
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "active_plugins".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

WARNINGMaintainabilityprevent path disclosure error reporting9

Category: Maintainability
Occurrences: 9
Severity: warning

Sample message

error_reporting() can lead to full path disclosure.

WordPress.PHP.DevelopmentFunctions.prevent_path_disclosure_error_reporting

ERRORMaintainabilitywp function not compatible with requires wp8

Category: Maintainability
Occurrences: 8
Severity: error

Sample message

Function "get_user_locale()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.0.0.

wp_function_not_compatible_with_requires_wp Reference

WARNINGSecuritywp redirect wp redirect7

Category: Security
Occurrences: 7
Severity: warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WordPress.Security.SafeRedirect.wp_redirect_wp_redirect Reference

WARNINGSecurityInterpolated Not Prepared6

Category: Security
Occurrences: 6
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $settings_table at "DROP TABLE IF EXISTS `$settings_table`"

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

ERRORMaintainabilitydate date6

Category: Maintainability
Occurrences: 6
Severity: error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

WARNINGSecurityUnescaped DBParameter5

Category: Security
Occurrences: 5
Severity: warning

Sample message

Unescaped parameter $block_content used in $wpdb->query()\n$block_content assigned unsafely at line 37.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGMaintainabilitySchema Change5

Category: Maintainability
Occurrences: 5
Severity: warning

Sample message

Attempting a database schema change is discouraged.

WordPress.DB.DirectDatabaseQuery.SchemaChange

ERRORMaintainabilitycurl curl init5

Category: Maintainability
Occurrences: 5
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_init

WARNINGMaintainabilityslow db query meta key4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Detected usage of meta_key, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_key

WARNINGMaintainabilityNon Prefixed Function Found4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "activate_secure_copy_content_protection".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound

ERRORMaintainabilitycurl curl close4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_close

Score History

First score snapshot

yesterday

v5.1.8

Latest

Findings: 1,757
Errors: 958
Warnings: 799
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
yesterdayLatest	25	1,757	958	799	v5.1.8	2.0.0

Related Plugins

Auto Copyright Year Updater

3k+ active installs

Automatic Copyright Year

7k+ active installs

Prevent Direct Access – Protect WordPress Files

10k+ active installs

WP-Copyright-Protection

5k+ active installs

Disabled Source, Disabled Right Click and Content Protection

10k+ active installs

FSM Custom Featured Image Caption

5k+ active installs