Shortcoder — Create Shortcodes for Anything
shortcoder
Create custom "Shortcodes" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets
C
68%
Version
Updated
1,962,854+
downloads
100,000+
active installs
Author:
vaakash
Source:
wordpress.org
WordPress.org
Score breakdown
B
Compatibility
C
php-compatibility
A
coding-standards
F
wp-since
Plugin has not been tested with the current WordPress version.
| Requires WordPress | 4.9.0 or higher |
| Tested up to | 6.9.4 Outdated |
| Requires PHP | 5.3 or higher |
| Last updated | Recent |
| Plugin dependencies | None |
| WP–PHP compatibility | ok PHP 5.3+ is compatible with WP 4.9.0+ (which requires PHP 5.2.4+). |
Ok
Declared PHP
5.3+
(plugin header)
Detected PHP
5.6+
Declared PHP 5.3+ is below the effective minimum (5.6+) — incorrect declaration. Effective minimum: PHP 5.6+.
Tested versions
PHP 5.6
PHP 7.0
PHP 7.1
PHP 7.2
PHP 7.3
PHP 7.4
PHP 8.0
PHP 8.1
PHP 8.2
PHP 8.3
PHP 8.4
PHP 8.5
Lowest required PHP version: 5.6
Analysed on
The coding standards scan found 0 error(s) and 20 warning(s), but the weighted issue density is only 1.58 per 100 non-empty PHP lines across 1570 lines.
0
errors
20
warnings
4
files with issues
11
files scanned
1.58
issues / 100 lines
Detected 0 error(s) and 20 warning(s) across 4 file(s) with issues, with a weighted density of 1.58 per 100 non-empty PHP lines.
Issues by rule
WordPress.Security.ValidatedSanitizedInput.MissingUnslash
|
7 |
WordPress.Security.NonceVerification.Missing
|
6 |
WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
|
4 |
WordPress.Security.NonceVerification.Recommended
|
2 |
WordPress.Security.ValidatedSanitizedInput.InputNotValidated
|
1 |
Issues 20
-
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Recommended
shortcoder/admin/admin.php line 285:18 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Recommended
shortcoder/admin/admin.php line 289:16 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Missing
shortcoder/admin/admin.php line 294:35 -
warning
$_POST['sc_nonce'] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/admin/edit.php line 141:79 -
warning
Detected usage of a non-sanitized input variable: $_POST['sc_nonce']WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
shortcoder/admin/edit.php line 141:79 -
warning
$_POST[$key] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/admin/edit.php line 155:68 -
warning
Detected usage of a non-sanitized input variable: $_POST[$key]WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
shortcoder/admin/edit.php line 155:68 -
warning
$_POST[$key] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/admin/edit.php line 155:99 -
warning
$_POST[$key] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/admin/edit.php line 157:49 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Missing
shortcoder/admin/edit.php line 177:13 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Missing
shortcoder/admin/edit.php line 177:30 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Missing
shortcoder/admin/edit.php line 178:79 -
warning
$_POST['sc_content'] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/admin/edit.php line 178:79 -
warning
Detected usage of a non-sanitized input variable: $_POST['sc_content']WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
shortcoder/admin/edit.php line 178:79 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Missing
shortcoder/admin/edit.php line 178:118 -
warning
$_POST['sc_content'] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/admin/edit.php line 178:118 -
warning
Processing form data without nonce verification.WordPress.Security.NonceVerification.Missing
shortcoder/admin/settings.php line 97:13 -
warning
Detected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_URI']. Check that the array index exists before using it.WordPress.Security.ValidatedSanitizedInput.InputNotValidated
shortcoder/includes/metadata.php line 147:49 -
warning
$_SERVER['REQUEST_URI'] not unslashed before sanitization. Use wp_unslash() or similarWordPress.Security.ValidatedSanitizedInput.MissingUnslash
shortcoder/includes/metadata.php line 147:49 -
warning
Detected usage of a non-sanitized input variable: $_SERVER['REQUEST_URI']WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
shortcoder/includes/metadata.php line 147:49
Analysed on
The plugin declares WordPress 4.9.0, but wp-since found 2 compatibility issue(s) that push the suggested minimum WordPress version to 5.0.0.
Issues Found
Declared min WP
4.9.0+
Suggested min WP
5.0.0+
Tool output
✅ Minimum version declared: 4.9.0 (from readme) 🚨 Compatibility issues found: ┌────────────────────────────────┬──────────────────┐ │ Symbol │ Introduced in WP │ ├────────────────────────────────┼──────────────────┤ │ do_blocks (function) │ 5.0.0 │ │ register_block_type (function) │ 5.0.0 │ └────────────────────────────────┴──────────────────┘ 📌 Suggested version required: 5.0.0
Issues 2
-
info
-
info
Analysed on
Grade scale
A
Excellent
B
Good
C
Acceptable
D
Poor
F
Failing