PluginScore

Useful Blocks

It is a plugin that collects very convenient blocks.

v1.9.0LOOSUpdated Added 20k+ installs100% rating
Guternbergblockeditorponhirouseful
34
Score
214
Errors
22
Warnings
+0
Change

Category Scores

Security0
Repo72
Performance100
Maintainability64

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

236 findings

Maintainability

121

4 issue groups

Security

107

6 issue groups

Supply Chain

5

1 issue group

I18n

2

2 issue groups

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$css'.99
Category
Security
Occurrences
99
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$css'.

WordPress.Security.EscapeOutput.OutputNotEscapedReference
ERRORMaintainabilityEcho FoundShort PHP opening tag used with echo; expected "<?php echo $db ..." but found "<?= $db ..."84
Category
Maintainability
Occurrences
84
Severity
error

Sample message

Short PHP opening tag used with echo; expected "<?php echo $db ..." but found "<?= $db ..."

Generic.PHP.DisallowShortOpenTag.EchoFound
ERRORMaintainabilityblock api version too lowEditor blocks must define "apiVersion" 3 or higher in block.json for WordPress 7.0+ iframe editor compatibility.22
Category
Maintainability
Occurrences
22
Severity
error

Sample message

Editor blocks must define "apiVersion" 3 or higher in block.json for WordPress 7.0+ iframe editor compatibility.

block_api_version_too_lowReference
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$file&quot;.14
Category
Maintainability
Occurrences
14
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$file&quot;.

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
ERRORSupply Chainhidden filesHidden files are not permitted.5
Category
Supply Chain
Occurrences
5
Severity
error

Sample message

Hidden files are not permitted.

hidden_files
WARNINGSecurityRecommendedProcessing form data without nonce verification.2
Category
Security
Occurrences
2
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityInput Not SanitizedDetected usage of a non-sanitized input variable: $_POST[&#039;nonce&#039;]2
Category
Security
Occurrences
2
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_POST[&#039;nonce&#039;]

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityMissing Unslash$_POST[&#039;nonce&#039;] not unslashed before sanitization. Use wp_unslash() or similar2
Category
Security
Occurrences
2
Severity
warning

Sample message

$_POST[&#039;nonce&#039;] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
WARNINGI18nload plugin textdomain Foundload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFoundReference
ERRORSecurityregister setting MissingSanitization missing for register_setting().1
Category
Security
Occurrences
1
Severity
error

Sample message

Sanitization missing for register_setting().

PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissingReference
Show 4 more
ERRORMaintainabilitydate date1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date
WARNINGSecurityMissing1
Category
Security
Occurrences
1
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
ERRORI18nMissing Translators Comment1
Category
I18n
Occurrences
1
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsCommentReference
ERRORRepo Complianceoutdated tested upto header1
Category
Repo Compliance
Occurrences
1
Severity
error

Sample message

Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_headerReference

Score History

First score snapshot

v1.9.0

34

Latest

Findings
236
Errors
214
Warnings
22
Check
2.0.0

Related Plugins

Advance Custom HTML – Show Live Code, Share Snippets, Embed Code, and Style Them Your Way.

10k+ active installs

100
Audio Player Block – Advanced Block for Embedding Audio Files

2k+ active installs

100
Breadcrumb Block

3k+ active installs

100
Button Block – Design Stylish, Interactive, and Multi-Functional Buttons

5k+ active installs

100
Carousel Block – Responsive Image and Content Carousel

7k+ active installs

100
Content Slider Block – Slide Through Text or Media Content

3k+ active installs

100