Top Issues by Category
maintainability25
security11
repo_compliance2
Issues Details
39 issues found in latest scan
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Processing form data without nonce verification.
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
mt_rand() is discouraged. Use the far less predictable wp_rand() instead.
Unescaped parameter $table_name used in $wpdb->get_row()\n$table_name assigned unsafely at line 209.
$_POST['slc-captcha-request'] not unslashed before sanitization. Use wp_unslash() or similar
The parameter "FALSE" at position #2 of load_plugin_textdomain() has been deprecated since WordPress version 2.7.0. Use "" instead.
Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.
One or more tags were ignored. Please limit your plugin to 5 tags.
Function "get_main_site_id()" requires WordPress 4.9.0, but your plugin minimum supported version is WordPress 3.5.0.
| Code | Type | Message | Count |
|---|---|---|---|
| WordPress.DateTime.RestrictedFunctions.date_date | ERROR | date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead. | 12 |
| WordPress.Security.NonceVerification.Missing | WARNING | Processing form data without nonce verification. | 6 |
| WordPress.DB.DirectDatabaseQuery.DirectQuery | WARNING | Use of a direct database call is discouraged. | 5 |
| WordPress.DB.DirectDatabaseQuery.NoCaching | WARNING | Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete(). | 4 |
| WordPress.WP.AlternativeFunctions.rand_mt_rand | ERROR | mt_rand() is discouraged. Use the far less predictable wp_rand() instead. | 3 |
| PluginCheck.Security.DirectDB.UnescapedDBParameter | WARNING | Unescaped parameter $table_name used in $wpdb->get_row()\n$table_name assigned unsafely at line 209. | 2 |
| WordPress.DB.PreparedSQL.NotPrepared | ERROR | Use placeholders and $wpdb->prepare(); found $table_name | 2 |
| WordPress.Security.ValidatedSanitizedInput.MissingUnslash | WARNING | $_POST['slc-captcha-request'] not unslashed before sanitization. Use wp_unslash() or similar | 1 |
| WordPress.WP.DeprecatedParameters.Load_plugin_textdomainParam2Found | ERROR | The parameter "FALSE" at position #2 of load_plugin_textdomain() has been deprecated since WordPress version 2.7.0. Use "" instead. | 1 |
| plugin_header_no_license | ERROR | Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license. | 1 |
| readme_parser_warnings_too_many_tags | WARNING | One or more tags were ignored. Please limit your plugin to 5 tags. | 1 |
| wp_function_not_compatible_with_requires_wp | ERROR | Function "get_main_site_id()" requires WordPress 4.9.0, but your plugin minimum supported version is WordPress 3.5.0. | 1 |
Latest Snapshot
Findings
39
Errors
20
Warnings
19
Score History
First score snapshot
First scan completed Jun 20, 2026
v1.3.6 · Plugin Check 2.0.0 · Model 2026.06-mvp-static-v2
Jun 20, 2026
v1.3.6
70
Latest
- Findings
- 39
- Errors
- 20
- Warnings
- 19
- Plugin Check
- 2.0.0
- Model
- 2026.06-mvp-static-v2
| Scan | Score | Findings | Errors | Warnings | Plugin | Plugin Check | Model |
|---|---|---|---|---|---|---|---|
| Jun 20, 2026Latest | 70 | 39 | 20 | 19 | v1.3.6 | 2.0.0 | 2026.06-mvp-static-v2 |
