BCM Duplicate Menu

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'admin_url'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'addslashes_gpc'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'admin_url'.

Unescaped parameter $metakey_query used in $wpdb->get_results($metakey_query)\n$metakey_query assigned unsafely at line 139:\n $metakey_query = "SELECT * FROM $wpdb->postmeta WHERE `post_id` = $menu_item->ID"\n$menu_item->ID used without escaping.

Use placeholders and $wpdb->prepare(); found $metakey_query

Tested up to: 6.7 < 6.8. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

Processing form data without nonce verification.

Processing form data without nonce verification.

Detected usage of a non-sanitized input variable: $_GET[&#039;duplicate&#039;]

Use of a direct database call is discouraged.