外觀
程式碼掃描
自訂外掛的漏洞(Vulnerability)、程式缺陷(Bug)與安全熱點(Security Hotspot)。
需要注意
- 自訂外掛掃描發現 6 個安全漏洞(Vulnerability)
- 自訂外掛發現 3,642 個程式缺陷(Bug),可能導致非預期行為
- 548 個安全熱點(Security Hotspot)待人工審查,可能存在安全風險
共 3 項 — 1 高 / 2 中
安全漏洞
- 問題:自訂外掛掃描發現 6 個安全漏洞(Vulnerability)
- 原因:外掛程式碼存在已知的安全弱點模式(如 SQL Injection、XSS 等)
- 建議:依 SonarQube 報告逐一修復漏洞,優先處理 CRITICAL 和 BLOCKER 等級
- 影響:此項影響等級:高
- 驗收:Vulnerabilities = 0
程式缺陷
- 問題:自訂外掛發現 3,642 個程式缺陷(Bug),可能導致非預期行為
- 原因:程式碼邏輯錯誤或未處理的邊界條件
- 建議:依 SonarQube 報告修復 bugs
- 影響:此項影響等級:中
- 驗收:Bugs = 0
安全熱點
- 問題:548 個安全熱點(Security Hotspot)待人工審查,可能存在安全風險
- 原因:程式碼模式符合已知安全風險特徵,需人工確認是否為實際漏洞
- 建議:逐一審查 Security Hotspot,確認風險並修復
- 影響:此項影響等級:中
- 驗收:所有 Security Hotspot 已審查完畢
掃描範圍
僅掃描自訂程式碼,排除WordPress.org 外掛、商業外掛(WPBakery/Slider Revolution 等)、父主題。
| 類型 | 名稱 |
|---|---|
| 外掛 | advanced-coupons-for-woocommerce |
| 外掛 | criteo |
| 外掛 | ctkpro-invoice |
| 外掛 | ithemes-security-pro |
| 外掛 | object-cache-pro |
| 外掛 | pixelyoursite-pro |
| 外掛 | pixelyoursite-super-pack |
| 外掛 | wcpb-product-badges |
| 外掛 | revslider |
| 外掛 | rewardsystem |
| 外掛 | woo-customers-order-history |
| 外掛 | woocommerce-google-analytics-pro |
| 外掛 | woocommerce-gateway-linepay |
| 外掛 | woocommerce-role-by-amount-spent |
| 外掛 | woodmart-core |
| 外掛 | js_composer |
| 外掛 | woo-bought-together-premium |
| 外掛 | wpforms |
| 外掛 | sitepress-multilingual-cms |
| 外掛 | wp-rocket |
| 外掛 | yith-custom-thank-you-page-for-woocommerce |
| 子主題 | woodmart-child |
| mu-plugins | — |
掃描摘要
| 程式碼行數 | 807,341 |
| 安全評級 | D |
| 可靠性評級 | E |
| 可維護性評級 | A |
| 重複行比例 | 8.1% |
問題統計
| 類型 | 數量 |
|---|---|
| 漏洞 (Vulnerabilities) | 6 |
| Bugs | 3642 |
| Code Smells | 69047 |
| Security Hotspots | 548 |
按來源分類
advanced-coupons-for-woocommerce(33)
| 嚴重度 | 規則 | 訊息 | 檔案 |
|---|---|---|---|
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S1226 | Introduce a new variable instead of reusing the parameter "$total". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MAJOR | css:S4656 | Unexpected duplicate "height" | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". |
criteo(5)
| 嚴重度 | 規則 | 訊息 | 檔案 |
|---|---|---|---|
| MINOR | php:S1784 | Explicitly mention the visibility of this constructor "__construct". | |
| MINOR | php:S1784 | Explicitly mention the visibility of this constructor "__construct". | |
| MAJOR | Web:TableHeaderHasIdOrScopeCheck | Add either an 'id' or a 'scope' attribute to this <th> tag. | |
| MINOR | php:S1784 | Explicitly mention the visibility of this constructor "__construct". | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. |
ithemes-security-pro(244)
| 嚴重度 | 規則 | 訊息 | 檔案 |
|---|---|---|---|
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | javascript:S2123 | Remove this increment or correct the code not to waste it. | |
| MAJOR | php:S1848 | Either remove this useless object instantiation of class "ITSEC_Admin_Page_Loader" or use it | |
| MAJOR | php:S1848 | Either remove this useless object instantiation of class "ITSEC_Debug_Page" or use it | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MAJOR | php:S1848 | Either remove this useless object instantiation of class "ITSEC_Logs_Page" or use it | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "include" with "include_once". | |
| MINOR | php:S2003 | Replace "require" with "require_once". | |
| MINOR | php:S1784 | Explicitly mention the visibility of this method "isBrowser". | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_Lib_Login_Interstitial::redirect_invalid_token"; "ITSEC_Lib_Login_Interstitial::redirect_invalid_token" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_Lib_Login_Interstitial::redirect_invalid_token"; "ITSEC_Lib_Login_Interstitial::redirect_invalid_token" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_Lib_Login_Interstitial::redirect_invalid_token"; "ITSEC_Lib_Login_Interstitial::redirect_invalid_token" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_Lib_Login_Interstitial::redirect_invalid_token"; "ITSEC_Lib_Login_Interstitial::redirect_invalid_token" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_Lib_Login_Interstitial::redirect_invalid_token"; "ITSEC_Lib_Login_Interstitial::redirect_invalid_token" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_Lib_Login_Interstitial::redirect_invalid_token"; "ITSEC_Lib_Login_Interstitial::redirect_invalid_token" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_WP_List_Table::get_columns"; "ITSEC_WP_List_Table::get_columns" doesn't return anything. | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_WP_List_Table::column_cb"; "ITSEC_WP_List_Table::column_cb" doesn't return anything. | |
| MAJOR | php:S3699 | Remove this use of the output from "ITSEC_WP_List_Table::column_default"; "ITSEC_WP_List_Table::column_default" doesn't return anything. | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| CRITICAL | css:S4670 | Unexpected unknown type selector "aimg" | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:UnsupportedTagsInHtml5Check | Remove this deprecated "center" element. | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | Web:S5256 | Add "<th>" headers to this "<table>". | |
| MAJOR | css:S4649 | Unexpected missing generic font family | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. | |
| MAJOR | php:S836 | Review the data-flow - use of uninitialized value. | |
| MINOR | php:S2003 | Replace "require" with "require_once". |
Security Hotspots(50)
| 風險 | 規則 | 訊息 | 檔案 |
|---|---|---|---|
| HIGH | php:S6418 | 'auth' detected in this expression, review this potentially hard-coded secret. | wp-content/plugins/woodmart-core/inc/auth.php:200 |
| HIGH | php:S6418 | 'api_key' detected in this expression, review this potentially hard-coded secret. | wp-content/plugins/wpforms/includes/providers/class-constant-contact.php:26 |
| HIGH | javascript:S2068 | Review this potentially hard-coded password. | wp-content/plugins/ithemes-security-pro/pro/password-expiration/js/settings-page.js:13 |
| HIGH | javascript:S2068 | Review this potentially hard-coded password. | wp-content/plugins/ithemes-security-pro/pro/password-expiration/js/settings-page.js:26 |
| HIGH | php:S2068 | Detected 'password' in this variable name, review this potentially hardcoded credential. | wp-content/plugins/criteo/settings/CriteoPluginDefaultConfig.php:15 |
| HIGH | javascript:S4721 | Make sure that executing this OS command is safe here. | wp-content/plugins/yith-custom-thank-you-page-for-woocommerce/plugin-fw/tools/local-env/scripts/docker.js:6 |
| HIGH | javascript:S4721 | Make sure that executing this OS command is safe here. | wp-content/plugins/yith-custom-thank-you-page-for-woocommerce/plugin-fw/tools/local-env/scripts/install.js:14 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/js/frontend_editor/shortcodes/containers/vc_column.js:35 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/js/utils/utils.js:12 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/js/utils/utils.js:60 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/js/utils/utils.js:63 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/js/vendors/seo.js:45 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/lib/vc/vc_carousel/js/vc_carousel.js:450 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/assets/lib/vc/vc_chart/jquery.vc_chart.js:121 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/modules/seo/assets/js/utils.js:17 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/modules/seo/assets/js/utils.js:219 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/js_composer/modules/seo/assets/js/utils.js:289 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/object-cache-pro/resources/js/tools.js:106 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/object-cache-pro/resources/js/tools.js:185 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/rewardsystem/assets/js/jquery.tipsy.js:110 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/rewardsystem/assets/js/jscolor/jscolor.js:59 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/rewardsystem/assets/js/jscolor/jscolor.js:278 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/rewardsystem/assets/js/jscolor/jscolor.js:302 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/sitepress-multilingual-cms/res/js/content-translation.js:58 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/sitepress-multilingual-cms/res/js/scripts.js:12 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/sitepress-multilingual-cms/res/js/tags.js:15 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/sitepress-multilingual-cms/res/js/theme-localization.js:51 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/woocommerce-role-by-amount-spent/classes/acf/assets/js/acf-input.js:2446 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.js:247 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.js:248 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.js:186 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.js:196 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.js:199 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-admin.js:870 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-admin.js:2838 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-admin.js:2854 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-admin.js:3200 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-beacon.js:161 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-beacon.js:605 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-beacon.js:610 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-beacon.js:803 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wp-rocket/assets/js/wpr-beacon.js:927 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/admin-builder.js:5992 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/admin-builder.js:7416 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/admin-utils.js:520 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/components/admin/builder/providers.js:636 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/text-limit.js:85 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/text-limit.js:86 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/text-limit.js:87 |
| MEDIUM | javascript:S5852 | Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. | wp-content/plugins/wpforms/assets/js/wpforms.js:211 |