WordPress.Security.SafeRedirect.wp_redirect_wp_redirect

wp redirect wp redirect

Plugin Check reported a security-sensitive coding pattern that needs review.

critical weight

Why It Shows Up

The finding came from a security-focused WordPress coding standard or Plugin Check rule.

Why It Matters

Security findings often involve trust boundaries: request input, browser output, redirects, database access, capabilities, or filesystem behavior.

How to Fix

Identify the untrusted value or privileged action involved.
Add validation, sanitization, escaping, nonce checks, capability checks, or prepared SQL as appropriate.
Rerun Plugin Check after the code path is fixed.

References

WordPress validating, sanitizing, and escaping WordPress escaping functions WordPress nonces

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	Themify Builder	9	5,195	2,096	5k+	6 days ago	Text Domain Mismatch
#2	JetBackup – Backup, Restore & Migrate	10	1,559	145	100k+	2 months ago	Exception Not Escaped
#3	AnyComment	17	445	449	5k+	4 years ago	Output Not Escaped
#4	WPtouch – Make your WordPress Website Mobile-Friendly	17	1,466	325	50k+	7 months ago	Text Domain Mismatch
#5	Prime Slider Addons for Elementor	18	3,500	230	100k+	7 days ago	Text Domain Mismatch
#6	Podlove Podcast Publisher	18	2,326	1,429	3k+	18 days ago	Output Not Escaped
#7	Property Hive	18	1,957	6,027	3k+	4 days ago	Missing
#8	Shopping Cart & eCommerce Store	18	5,459	17,298	4k+	10 days ago	Non Prefixed Variable Found
#9	WP Directory Kit	18	2,119	2,617	2k+	2 months ago	Non Prefixed Variable Found
#10	Element Pack – Widgets, Templates & Addons for Elementor	19	9,448	517	100k+	6 days ago	Text Domain Mismatch
#11	Block Slider – Responsive Image Slider, Video Slider & Post Slider	19	555	1,291	3k+	2 years ago	Non Prefixed Variable Found
#12	Download Monitor	19	425	1,364	80k+	6 days ago	Non Prefixed Hookname Found
#13	Event Organiser	19	1,106	544	20k+	2 years ago	Text Domain Mismatch
#14	Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution	19	1,218	901	100k+	13 days ago	Exception Not Escaped
#15	Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)	19	3,275	3,228	10k+	7 months ago	Output Not Escaped
#16	Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization	19	1,295	2,679	9k+	7 days ago	Output Not Escaped
#17	Razorpay Payment Button Plugin	19	486	98	2k+	1 year ago	Exception Not Escaped
#18	Realtyna Organic IDX plugin + WPL Real Estate	19	947	3,653	2k+	1 month ago	Non Prefixed Variable Found
#19	Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)	19	541	385	3m+	5 days ago	Missing Translators Comment
#20	Membership Plugin – Kadence Memberships	19	5,082	2,982	9k+	27 days ago	Text Domain Mismatch
#21	Scrollsequence – Cinematic Scroll Image Animation Plugin	19	878	1,528	4k+	15 days ago	Non Prefixed Variable Found
#22	SendPress Newsletters	19	2,293	1,422	2k+	5 months ago	Output Not Escaped
#23	Brizy – Page Builder	20	589	720	70k+	13 days ago	Output Not Escaped
#24	DMCA Protection Badge	20	4,425	217	1k+	10 months ago	Output Not Escaped
#25	Filter Everything — WordPress & WooCommerce Filters	20	568	730	50k+	today	Output Not Escaped
#26	GiveWP – Donation Plugin and Fundraising Platform	20	3,435	3,580	100k+	7 days ago	Output Not Escaped
#27	Link Library	20	1,941	1,397	10k+	2 months ago	Unsafe Printing Function
#28	MBE eShip	20	527	740	1k+	5 days ago	Non Prefixed Variable Found
#29	Brevo – Email, SMS, Web Push, Chat, and more.	20	460	646	100k+	2 months ago	Missing Unslash
#30	MAS Videos	20	519	1,693	1k+	4 months ago	Non Prefixed Variable Found
#31	Microthemer Lite – Visual Editor to Customize CSS	20	1,004	1,699	10k+	2 months ago	Non Prefixed Variable Found
#32	Quill Forms \| Conversational Multi Step Forms, Surveys & quizzes	20	401	368	3k+	4 months ago	Text Domain Mismatch
#33	Remove Add to Cart WooCommerce	20	616	1,378	4k+	8 months ago	Non Prefixed Variable Found
#34	Robin Image Optimizer – Unlimited Image Optimization, WebP & AVIF	20	557	541	100k+	1 month ago	Output Not Escaped
#35	Trace My IP – Visitor IP Tracker, Stats Analytics & Page Views Counter with Email Alerts	20	866	338	1k+	5 months ago	wp function not compatible with requires wp
#36	Razorpay for WooCommerce	20	974	855	100k+	3 days ago	Non Prefixed Function Found
#37	WPJAM Basic	20	328	356	4k+	6 days ago	Output Not Escaped
#38	Backup Migration	21	981	1,093	80k+	17 days ago	Non Prefixed Variable Found
#39	CallTrackingMetrics	21	923	286	3k+	4 months ago	Unsafe Printing Function
#40	Smart Grid-Layout Design for Contact Form 7	21	1,126	734	10k+	2 months ago	Output Not Escaped
#41	Comet Cache	21	857	245	20k+	12 months ago	Output Not Escaped
#42	Free Downloads WooCommerce	21	430	359	4k+	1 month ago	Output Not Escaped
#43	Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More	21	2,572	1,277	1m+	1 month ago	Output Not Escaped
#44	Envo Extra	21	878	600	20k+	26 days ago	Text Domain Mismatch
#45	ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support	21	829	5,966	5k+	4 days ago	Direct Query
#46	Eupago Gateway For Woocommerce	21	612	320	2k+	2 months ago	Output Not Escaped
#47	EventPrime – Events Calendar, Bookings and Tickets	21	872	4,297	7k+	2 days ago	Non Prefixed Variable Found
#48	Formidable Forms – WordPress Form Builder for Contact Forms, Calculators, Quizzes & More	21	52	1,959	300k+	6 days ago	Non Prefixed Variable Found
#49	Campaign Monitor for WordPress	21	386	461	2k+	2 months ago	Non Prefixed Variable Found
#50	If-So Dynamic Content – Elementor & All Page Builders Personalization	21	889	725	7k+	25 days ago	Unsafe Printing Function