Plugin Check


The Plugin Check is an easy way of testing your plugin and ensure that it’s up to the base required standards from the Plugin Review team. With this plugin you will be able to run most of the checks used by the team, and check if your plugin meets the requirements.

The tests are run through a simple admin menu and all results are displayed at once. This is very handy for plugin developers, or anybody looking to make sure that their plugin supports the latest WordPress plugin standards and practices.

Keep in mind that this plugin is not yet a replacement for the manual review process, but it will help you speed up the process of getting your plugin approved for the plugin repository, and it will also help you avoid some common mistakes.


Where can I contribute to the plugin?

All development for this plugin is handled via GitHub any issues or pull requests should be posted there.

What if the plugin reports as “error” something that’s correct?

We strived to write a plugin in a way that minimizes false positives but If you find one, please report it in the GitHub repo.

If you can, please consider submitting a Pull Request to fix it.

Why does it flag something as bad?

It’s not flagging “bad” things, as such. The plugin check is designed to be a non-perfect way to test for compliance with the Plugin Review guidelines. Not all plugins must adhere to these guidelines. The purpose of the checking tool is to ensure that plugins uploaded to the central plugin repository meet the latest standards of WordPress plugin and will work on a wide variety of sites.

Many sites use custom plugins, and that’s perfectly okay. But plugins that are intended for use on many different kinds of sites by the public need to have a certain minimum level of capabilities, in order to ensure proper functioning in many different environments. The Plugin Review guidelines are created with that goal in mind.

This plugin checker is not perfect, and never will be. It is only a tool to help plugin authors, or anybody else who wants to make their plugin more capable. All plugins submitted to are hand-reviewed by a team of experts. The automated plugin checker is meant to be a useful tool only, not an absolute system of measurement.


October 15, 2023 1 reply
Unfortunately, one of the most dangerous PHP functions shell_exec is required and this is not specified anywhere from what I can see.
September 27, 2023
Great tool. It will probably save a lot of time for those who are waiting for their plugins to be reviewed, and would probably get a lot of homework to do. Great initiative. Well done! Hopefully it will make new plugins to get an approval faster. 🤞
September 24, 2023
That a great tool! Thank you guys. It can help us quickly identify some issues with our code that might otherwise be overlooked. I hope it gets better by the time and save time to a lot of people 🙂
September 23, 2023
I found a problem in the plugin and created a new issue in the repo. They fixed it and released a new version in less than 24hs! Very responsive team 👏
September 23, 2023 1 reply
As a Plugin Developer I want to get feedback as soon as possible, and this pluging give feedback about some basics things as "PHP Code Sniffer is not available. Try running composer install first." I will work more with this tool and get back with more details!
Read all 5 reviews

Contributors & Developers

“Plugin Check” is open source software. The following people have contributed to this plugin.


“Plugin Check” has been translated into 10 locales. Thank you to the translators for their contributions.

Translate “Plugin Check” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.


[0.2.1] 2023-09-22

  • Added – ‘View in code editor’ link beneath each PHPCS error or warning. Props @EvanHerman, @westonruter, @felixarntz, @mukeshpanchal27 #262
  • Fix – Ensure readme.txt has priority over when both are present. Props @bordoni, @afragen #258
  • Fix – Ensure that the PHPCS check runs even when the PHPCS binary is not executable. Props @bordoni, @shawn-digitalpoint, @mrfoxtalbot #254
  • Fix – Readme changes and typos. Props @aaronjorbin. #261
  • Fix – Long lines of code with PHPCS check no longer expand over the size of the notice. Props @bordoni, @felixarntz. #263
  • Fix – Ensure that we have PHP 7.2 compatibility remove trailing comma. Props @bordoni, @leoloso. #265
  • Fix – Include all strings that were missed in the previous release. Props @bordoni, @pixolin. #270

[0.2.0] 2023-09-18

  • Feature – Enable modification of the PHP Binary path used by the plugin with PLUGIN_CHECK_PHP_BIN constant.
  • Feature – Include a check for the usage of ALLOW_UNFILTERED_UPLOADS on any PHP files – Props EvanHerman at #45
  • Feature – Include a check for the presence of the application files (.a, .bin, .bpk, .deploy, .dist, .distz, .dmg, .dms, .DS_Store, .dump, .elc, .exe, .iso, .lha, .lrf, .lzh, .o, .obj, .phar, .pkg, .sh, ‘.so`) – Props EvanHerman at #43
  • Feature – Include a check for the presence of the readme.txt or file – Props EvanHerman at #42
  • Fix – Ensure that Readme parsing is included properly when a or readme.txt file is present. Props Bordoni #52
  • Tweak – Disallow functions move_uploaded_file, passthru, proc_open – Props alexsanford at #50
  • Tweak – Change the message type for using functions WordPress already includes from Warning to Error. Props davidperezgar at #18
  • Tweak – Change the message type for incorrect usage of Stable tag from Notice/Warning to Error. Props davidperezgar at #3

[0.1] 2011-09-04

Original version of the plugin check tool, not a released version of the plugin, this changelog is here for historical purposes only.