Floating sticky chat button for WhatsApp Chat, Facebook Messenger, Telegram, Instagram, SMS, Call, Discord chat, TikTok, Line & 30+ channels
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.DateTime.RestrictedFunctions.date_date | date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead. | 118:20 | — |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 20:\n $sql = "ALTER TABLE $table_name MODIFY COLUMN custom_css LONGTEXT NULL;"\n$table_name assigned unsafely at line 19:\n $table_name = Config::withDBPrefix('widgets') | 21:16 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 21:22 | Security |
| ERROR | WordPress.Security.EscapeOutput.HeredocOutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found interpolation in unescaped heredoc. | 35:1 | Security |
| ERROR | Squiz.PHP.Heredoc.NotAllowed | Use of heredoc and nowdoc syntax ("<<<") is not allowed; use standard strings or inline HTML instead | 136:14 | — |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 148:\n $sql = $wpdb->prepare(\n "SELECT\n analytics.widget_id, widgets.name,\n SUM(CASE WHEN analytics.is_clicked = %d THEN %d ELSE %d END) AS visitor_count,\n SUM(CASE WHEN analytics.is_clicked = %d THEN %d ELSE %d END) AS click_count\n FROM \n {$wpdb->prefix}bit_assist_analytics analytics\n INNER JOIN \n {$wpdb->prefix}bit_assist_widgets widgets ON analytics.widget_id = widgets.id\n WHERE \n (analytics.channel_id IS NULL AND (analytics.is_clicked = %d OR analytics.is_clicked = %d))\n AND\n $dateCondition\n GROUP BY \n analytics.widget_id, widgets.name",\n $placeHolder\n )\n$dateCondition assigned unsafely at line 145:\n $dateCondition = 'DATE(analytics.created_at) IS NOT NULL'\n$dateCondition assigned unsafely at line 143:\n $dateCondition = 'DATE(analytics.created_at) = %s'\n$dateCondition assigned unsafely at line 139:\n $dateCondition = 'DATE(analytics.created_at) BETWEEN %s AND %s'\n$placeHolder assigned unsafely at line 142:\n $placeHolder[] = $startDate\n$isDate assigned unsafely at line 115:\n $isDate = preg_match($datePattern, $filterValue) === 1\n$dateRange assigned unsafely at line 122:\n $dateRange = explode(',', $filterValue)\n$startDate assigned unsafely at line 141:\n $startDate = $dateRange[0]\n$dateRange[0] used without escaping.\n$datePattern assigned unsafely at line 114:\n $datePattern = '/\\d{4}-\\d{2}-\\d{2}/'\n$filterValue used without escaping. | 166:39 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 166:51 | Security |
| ERROR | WordPress.DateTime.RestrictedFunctions.date_date | date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead. | 180:22 | — |
| ERROR | WordPress.DateTime.RestrictedFunctions.date_date | date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead. | 181:20 | — |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 32:\n $sql = "ALTER TABLE $table_name MODIFY COLUMN custom_css VARCHAR(255) NULL;"\n$table_name assigned unsafely at line 31:\n $table_name = Config::withDBPrefix('widgets') | 33:16 | Security |
| 11/13/2025, 5:44:33 PM | 11s | 83 | 37 | 39 |