Name: Simple Statistics for Feeds
Rating: 4.8
Author: Jeff Starr

Issues Details

191 issues found in latest scan

	Code	Message	Location	Category
ERROR	`WordPress.DB.PreparedSQL.NotPrepared`	Use placeholders and $wpdb->prepare(); found $other_query	`simple-feed-stats.php:988:26`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'sfs_count_badge'.	`sfs-shortcodes.php:171:10`	Security
ERROR	`PluginCheck.Security.DirectDB.UnescapedDBParameter`	Unescaped parameter $filter used in $wpdb->get_results($wpdb->prepare("SELECT * FROM ". $wpdb->prefix ."simple_feed_stats ORDER BY $filter ASC LIMIT %d, %d", $offset, $numresults))\n$filter assigned unsafely at line 463:\n $filter = sfs_clean($_GET['filter'])\n$_GET['filter'] used without escaping.	`sfs-admin.php:467:18`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'sfs_count_simple'.	`sfs-shortcodes.php:180:10`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$message'.	`support-panel.php:122:31`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$item1'.	`support-panel.php:125:28`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$item2'.	`support-panel.php:125:37`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$item3'.	`support-panel.php:125:46`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'plugins_url'.	`sfs-admin.php:494:46`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'sfs_default_badge_styles'.	`sfs-admin.php:579:20`	Security

191 total row(s)


01.01.2026, 04:33:31	11s	51	61	130
15.11.2025, 13:45:29	14s	51	60	131

Simple Statistics for Feeds

Security186

Plugin Repository4

General1

simple-feed-stats.php96 issues in this fileTotal: 96Errors: 25Warnings: 71

sfs-admin.php80 issues in this fileTotal: 80Errors: 26Warnings: 54

support-panel.php7 issues in this fileTotal: 7Errors: 7

uninstall.php6 issues in this fileTotal: 6Errors: 1Warnings: 5

sfs-shortcodes.php2 issues in this fileTotal: 2Errors: 2