PluginScore

WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters

WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.

v4.9.5Flipper Code - WordPress Development CompanyUpdated Added 60k+ installs86% rating100% support resolved
Google MapsStore locatormap pluginopenstreetmapwp google map
34
Score
219
Errors
453
Warnings
+0
Change

Category Scores

Security0
Repo100
Performance100
Maintainability46

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

672 findings

Security

406

10 issue groups

Maintainability

266

12 issue groups

ERRORMaintainabilitywp function not compatible with requires wpFunction "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.4.0.214
Category
Maintainability
Occurrences
214
Severity
error

Sample message

Function "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 3.4.0.

wp_function_not_compatible_with_requires_wpReference
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.108
Category
Security
Occurrences
108
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_COOKIE['cookieyes-consent']82
Category
Security
Occurrences
82
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_COOKIE['cookieyes-consent']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.65
Category
Security
Occurrences
65
Severity
warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_FILES[$filename]['tmp_name']. Check that the array index exists before using it.64
Category
Security
Occurrences
64
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_FILES[$filename]['tmp_name']. Check that the array index exists before using it.

WordPress.Security.ValidatedSanitizedInput.InputNotValidated
WARNINGSecurityRequest data is not unslashed$_COOKIE['cookieyes-consent'] not unslashed before sanitization. Use wp_unslash() or similar64
Category
Security
Occurrences
64
Severity
warning

Sample message

$_COOKIE['cookieyes-consent'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash
WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.18
Category
Maintainability
Occurrences
18
Severity
warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery
WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().17
Category
Maintainability
Occurrences
17
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching
WARNINGSecurityDatabase parameter is not escapedUnescaped parameter $prepare_query_with_placeholders used in $wpdb->get_results()\n$prepare_query_with_placeholders assigned unsafely at line 784.7
Category
Security
Occurrences
7
Severity
warning

Sample message

Unescaped parameter $prepare_query_with_placeholders used in $wpdb->get_results()\n$prepare_query_with_placeholders assigned unsafely at line 784.

PluginCheck.Security.DirectDB.UnescapedDBParameter
WARNINGSecurityInterpolated SQL is not preparedUse placeholders and $wpdb->prepare(); found interpolated variable $columns at "SELECT $columns FROM "6
Category
Security
Occurrences
6
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $columns at "SELECT $columns FROM "

WordPress.DB.PreparedSQL.InterpolatedNotPrepared
Show 12 more
ERRORSecuritySQL query is not prepared5
Category
Security
Occurrences
5
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $prepare_query_with_placeholders

WordPress.DB.PreparedSQL.NotPrepared
WARNINGSecurityUnfinished Prepare3
Category
Security
Occurrences
3
Severity
warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare
WARNINGMaintainabilityDynamic hook name3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$data['fc_entity_type'] . '_custom_validation'".

WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound
WARNINGMaintainabilityNon-prefixed hook name3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "fc_manage_page_basic_query".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
WARNINGMaintainabilityMissing Version3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

WordPress.WP.EnqueuedResourceParameters.MissingVersion
WARNINGMaintainabilitytrademarked term3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "WP Maps - Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters" - contains the restricted term "wp" which cannot be used at all in your plugin name.

trademarked_term
WARNINGSecurityUnnecessary Prepare2
Category
Security
Occurrences
2
Severity
warning

Sample message

It is not necessary to prepare a query which doesn't use variable replacement.

WordPress.DB.PreparedSQLPlaceholders.UnnecessaryPrepare
WARNINGMaintainabilityslow db query meta query1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Detected usage of meta_query, possible slow query.

WordPress.DB.SlowDBQuery.slow_db_query_meta_query
WARNINGMaintainabilityNon-prefixed class1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "WePlugins_Notification".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound
WARNINGMaintainabilityNon-prefixed global variable1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "$name".

WordPress.NamingConventions.PrefixAllGlobals.VariableConstantNameFound
WARNINGMaintainabilityDeprecated parameter: get_terms parameter 21
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The parameter "array( 'hide_empty' => 0 )" at position #2 of get_terms() has been deprecated since WordPress version 4.5.0. Instead do not pass the parameter.

WordPress.WP.DeprecatedParameters.Get_termsParam2Found
WARNINGMaintainabilitymismatched plugin name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "WP Maps - Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters" is different from the name declared in plugin header "WP Maps".

mismatched_plugin_nameReference

Score History

First score snapshot

v4.9.5

34

Latest

Findings
672
Errors
219
Warnings
453
Check
2.0.0

Related Plugins

Maps Widget for Google Maps

30k+ active installs

99
Simple Shortcode for Google Maps

3k+ active installs

98
WP Go Maps Block

3k+ active installs

98
API KEY for Google Maps

40k+ active installs

94
Flexible Map

7k+ active installs

85
Pronamic Google Maps

1k+ active installs

85