Cloudways WordPress Migrator

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$chunk'.

Use of a direct database call is discouraged.

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

Unescaped parameter $query used in $wpdb->get_col()\n$query used without escaping.

Function "get_main_site_id()" requires WordPress 4.9.0, but your plugin minimum supported version is WordPress 4.0.0.

Detected usage of a non-sanitized input variable: $_GET['bv_deactivation_assets']

Missing $domain parameter in function call to __().

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

The plugin name includes a restricted term. Your chosen plugin name - "Cloudways WordPress Migrator" - contains the restricted term "wordpress" which cannot be used at all in your plugin name.

The use of function move_uploaded_file() is forbidden

The use of function ini_set() is discouraged

phpinfo() can lead to full path disclosure.

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

Detected usage of a possibly undefined superglobal array index: $_SERVER["SERVER_ADDR"]. Check that the array index exists before using it.

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

Use of the "translate()" function is reserved for low-level API usage.