Manages your WordPress database.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
335
10 issue groups
Maintainability
283
13 issue groups
I18n
61
2 issue groups
WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$backup".215
- Category
- Maintainability
- Occurrences
- 215
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$backup".
ERRORSecurityUnsafe Printing FunctionAll output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.158
- Category
- Security
- Occurrences
- 158
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"</label> <input type=\"radio\" id=\"$table_name-yes\" name=\"optimize[$table_name]\" value=\"yes\" checked=\"checked\" /> <label for=\"$table_name-yes\">"'.135
- Category
- Security
- Occurrences
- 135
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"</label> <input type=\"radio\" id=\"$table_name-yes\" name=\"optimize[$table_name]\" value=\"yes\" checked=\"checked\" /> <label for=\"$table_name-yes\">"'.
ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.50
- Category
- I18n
- Occurrences
- 50
- Severity
- error
Sample message
A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
WARNINGSecurityMissing Unslash$_POST['database_file'] not unslashed before sanitization. Use wp_unslash() or similar15
- Category
- Security
- Occurrences
- 15
- Severity
- warning
Sample message
$_POST['database_file'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
Use of a direct database call is discouraged.
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().14
- Category
- Maintainability
- Occurrences
- 14
- Severity
- warning
Sample message
Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().
WARNINGMaintainabilityNon Prefixed Function FoundFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "check_backup_files".12
- Category
- Maintainability
- Occurrences
- 12
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "check_backup_files".
ERRORI18nUnordered Placeholders TextMultiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in '%s @ %s'.11
- Category
- I18n
- Occurrences
- 11
- Severity
- error
Sample message
Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in '%s @ %s'.
ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;8
- Category
- Maintainability
- Occurrences
- 8
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
Show 15 more issue groups
WARNINGMaintainabilityNon Prefixed Hookname Found6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "wp_dbmanager_before_escapeshellcmd".
WARNINGSecurityInput Not Sanitized6
- Category
- Security
- Occurrences
- 6
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['database_file']
WARNINGSecurityUnescaped DBParameter4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Unescaped parameter $drop_tables used in $wpdb->query()\n$drop_tables assigned unsafely at line 42.
WARNINGSecurityInterpolated Not Prepared4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Use placeholders and $wpdb->prepare(); found interpolated variable $drop_tables at "DROP TABLE $drop_tables"
WARNINGSecurityInput Not Validated4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_POST['optimize']. Check that the array index exists before using it.
ERRORSecurityUnescaped DBParameter3
- Category
- Security
- Occurrences
- 3
- Severity
- error
Sample message
Unescaped parameter $optimize_tables used in $wpdb->query()\n$optimize_tables assigned unsafely at line 127.
ERRORSecurityNot Prepared3
- Category
- Security
- Occurrences
- 3
- Severity
- error
Sample message
Use placeholders and $wpdb->prepare(); found $optimize_tables
WARNINGSecurityMissing3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilitytrademarked term3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "WP-DBManager" - contains the restricted term "wp" which cannot be used at all in your plugin name.
ERRORMaintainabilityFound2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
The use of function passthru() is forbidden
ERRORMaintainabilityfile system operations is writable2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().
ERRORMaintainabilityrename rename2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rename() is discouraged. Use WP_Filesystem::move() to rename a file.
WARNINGMaintainabilitywp get sites Found2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
wp_get_sites() has been deprecated since WordPress version 4.6.0. Use get_sites() instead.
ERRORMaintainabilitywp function not compatible with requires wp2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
Function "get_sites()" requires WordPress 4.6.0, but your plugin minimum supported version is WordPress 4.0.0.
WARNINGMaintainabilitySchema Change1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Attempting a database schema change is discouraged.
Score History
First score snapshot
v2.80.10
27
Latest
- Findings
- 690
- Errors
- 386
- Warnings
- 304
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 27 | 690 | 386 | 304 | v2.80.10 | 2.0.0 |
Related Plugins
80k+ active installs
40k+ active installs
50k+ active installs
9k+ active installs
30k+ active installs