PluginScore

W3 Total Cache

Search Engine (SEO) & Performance Optimization (WPO) via caching. Integrated caching: CDN, Page, Minify, Object, Fragment, Database support.

v2.9.4BoldGridUpdated Added 900k+ installs88% rating62% support resolved
Optimizecachingcdnpagespeedperformance
25
Score
617
Errors
1,345
Warnings
+0
Change

Category Scores

Security0
Repo100
Performance100
Maintainability0

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

1,962 findings

Maintainability

1,759

22 issue groups

Security

138

3 issue groups

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_css_level".1,102
Category
Maintainability
Occurrences
1,102
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_css_level".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;238
Category
Maintainability
Occurrences
238
Severity
error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protectionReference
ERRORSecurityException Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"($name) missing required param: '$paramName'"'.102
Category
Security
Occurrences
102
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"($name) missing required param: '$paramName'"'.

WordPress.Security.EscapeOutput.ExceptionNotEscapedReference
ERRORMaintainabilitycurl curl setoptUsing cURL functions is highly discouraged. Use wp_remote_get() instead.87
Category
Maintainability
Occurrences
87
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_setopt
WARNINGMaintainabilityNon Prefixed Constant FoundGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "AT_END".84
Category
Maintainability
Occurrences
84
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "AT_END".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedConstantFound
WARNINGMaintainabilityNon Prefixed Class FoundClasses declared by a theme/plugin should start with the theme/plugin prefix. Found: "AmazonSNS".57
Category
Maintainability
Occurrences
57
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "AmazonSNS".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound
WARNINGSecurityUnescaped DBParameterUnescaped parameter $comp used in $wpdb->get_results()\n$comp assigned unsafely at line 198.22
Category
Security
Occurrences
22
Severity
warning

Sample message

Unescaped parameter $comp used in $wpdb->get_results()\n$comp assigned unsafely at line 198.

PluginCheck.Security.DirectDB.UnescapedDBParameter
WARNINGMaintainabilityNon Prefixed Function FoundFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "_w3tc_caching_fragment".22
Category
Maintainability
Occurrences
22
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "_w3tc_caching_fragment".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
ERRORMaintainabilityparse url parse urlparse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.21
Category
Maintainability
Occurrences
21
Severity
error

Sample message

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

WordPress.WP.AlternativeFunctions.parse_url_parse_url
WARNINGMaintainabilityNon Prefixed Hookname FoundHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'admin_init_' . $page_val".16
Category
Maintainability
Occurrences
16
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'admin_init_' . $page_val".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
Show 15 more
ERRORMaintainabilityfile system operations fclose16
Category
Maintainability
Occurrences
16
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

WordPress.WP.AlternativeFunctions.file_system_operations_fclose
ERRORMaintainabilityrand rand16
Category
Maintainability
Occurrences
16
Severity
error

Sample message

rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_rand
ERRORMaintainabilityfile system operations fopen15
Category
Maintainability
Occurrences
15
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WordPress.WP.AlternativeFunctions.file_system_operations_fopen
ERRORMaintainabilityrand mt rand15
Category
Maintainability
Occurrences
15
Severity
error

Sample message

mt_rand() is discouraged. Use the far less predictable wp_rand() instead.

WordPress.WP.AlternativeFunctions.rand_mt_rand
WARNINGSecurityRecommended14
Category
Security
Occurrences
14
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
ERRORMaintainabilityfile system operations fwrite11
Category
Maintainability
Occurrences
11
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().

WordPress.WP.AlternativeFunctions.file_system_operations_fwrite
ERRORMaintainabilityunlink unlink9
Category
Maintainability
Occurrences
9
Severity
error

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

WordPress.WP.AlternativeFunctions.unlink_unlink
ERRORMaintainabilitycurl curl close8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_close
ERRORMaintainabilitycurl curl getinfo8
Category
Maintainability
Occurrences
8
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_getinfo
ERRORMaintainabilitycurl curl error6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_error
ERRORMaintainabilitycurl curl exec6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_exec
ERRORMaintainabilitycurl curl init6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

WordPress.WP.AlternativeFunctions.curl_curl_init
ERRORMaintainabilityfile system operations fread6
Category
Maintainability
Occurrences
6
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().

WordPress.WP.AlternativeFunctions.file_system_operations_fread
ERRORMaintainabilityFound5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

The use of function eval() is forbidden

Generic.PHP.ForbiddenFunctions.Found
ERRORMaintainabilitydate date5
Category
Maintainability
Occurrences
5
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WordPress.DateTime.RestrictedFunctions.date_date

Score History

First score snapshot

v2.9.4

25

Latest

Findings
1,962
Errors
617
Warnings
1,345
Check
2.0.0

Related Plugins

Helper Lite for PageSpeed

3k+ active installs

98
Instant Back/Forward

10k+ active installs

98
Aruba HiSpeed Cache

100k+ active installs

97
Clear All Cache for WP Super Cache

7k+ active installs

97
Leverage Browser Caching

10k+ active installs

97
Pantheon Advanced Page Cache

10k+ active installs

91