Name: WebP Express
Rating: 4.4
Author: rosell.dk

Top Issues by File

Files with the highest concentration of issues in the latest scan

Issues Details

531 issues found in latest scan

	Code	Message	Location	Category
ERROR	`hidden_files`	Hidden files are not permitted.	`web-service/.htaccess`	Plugin Repo
ERROR	`hidden_files`	Hidden files are not permitted.	`wod/.htaccess`	Plugin Repo
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$wcfmNonce'.	`lib/classes/WCFMPage.php:45:63`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$baseUrl'.	`lib/classes/WCFMPage.php:47:37`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$baseUrl'.	`lib/classes/WCFMPage.php:50:51`	Security
ERROR	`WordPress.WP.EnqueuedResources.NonEnqueuedStylesheet`	Stylesheets must be registered/enqueued via wp_enqueue_style()	`lib/classes/WCFMPage.php:51:14`	Performance
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$baseUrl'.	`lib/classes/WCFMPage.php:51:48`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'.	`lib/classes/Messenger.php:51:11`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'.	`lib/classes/WodConfigLoader.php:34:14`	Security
ERROR	`WordPress.Security.EscapeOutput.ExceptionNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$configFilename'.	`lib/classes/WodConfigLoader.php:311:64`	Security

531 total row(s)


14.01.2026, 07:00:25	20s	30	259	272
22.12.2025, 21:00:37	20s	31	255	266
12.11.2025, 17:05:52	29s	32	249	262

WebP Express

Security291

Plugin Repository211

Performance13

General5

lib/options/submit.php94 issues in this fileTotal: 94Errors: 77Warnings: 17

lib/classes/WebPOnDemand.php37 issues in this fileTotal: 37Warnings: 37

lib/options/page-messages.php32 issues in this fileTotal: 32Errors: 32

lib/classes/WodConfigLoader.php32 issues in this fileTotal: 32Errors: 2Warnings: 30

lib/classes/WebPRealizer.php28 issues in this fileTotal: 28Warnings: 28

lib/classes/ConvertHelperIndependent.php25 issues in this fileTotal: 25Errors: 10Warnings: 15

lib/classes/PathHelper.php24 issues in this fileTotal: 24Warnings: 24

lib/options/enqueue_scripts.php21 issues in this fileTotal: 21Errors: 7Warnings: 14

lib/classes/SelfTestHelper.php19 issues in this fileTotal: 19Errors: 5Warnings: 14

lib/options/page.php15 issues in this fileTotal: 15Errors: 15