Powerful and feature-rich user directory based on user profile meta fields.
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$dud_option_name'. | 1838:83 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $user_sql | 429:29 | Security |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "dud_meta_fld_srch_build_sql". | 435:36 | Plugin Repo |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $user_sql used in $wpdb->get_results($user_sql)\n$user_sql assigned unsafely at line 435:\n $user_sql = apply_filters( 'dud_meta_fld_srch_build_sql', $user_sql, $last_name_letter, $dud_user_srch_key, \r\n\t\t\t$dud_user_srch_name, $loaded_options, $letters, $custom_sort_active, true)\n$user_sql assigned unsafely at line 426:\n $user_sql = apply_filters( 'dud_meta_fld_srch_build_sql', $user_sql, $last_name_letter, $dud_user_srch_key, \r\n\t\t$dud_user_srch_name, $loaded_options, $letters, $custom_sort_active)\n$user_sql assigned unsafely at line 389:\n $user_sql = dud_build_directory_query($last_name_letter, $last_name_letter_empty, $ud_sort_fld_key, '', \r\n\t\t$ud_sort_fld_type, $custom_sort_active, false, '', $dud_options)\n$last_name_letter assigned unsafely at line 326:\n $last_name_letter = $letters[0]\n$dud_user_srch_key assigned unsafely at line 188:\n $dud_user_srch_key = ''\n$dud_user_srch_name assigned unsafely at line 211:\n $dud_user_srch_name = sanitize_text_field(htmlspecialchars($dud_user_srch_name))\nNote: sanitize_text_field() is not a safe escaping function.\n$dud_user_srch_name assigned unsafely at line 193:\n $dud_user_srch_name = ''\n$dud_user_srch_name assigned unsafely at line 190:\n $dud_user_srch_name = !empty($_REQUEST ["dud_user_srch_val"]) ? $_REQUEST ["dud_user_srch_val"] : null\n$loaded_options assigned unsafely at line 73:\n $loaded_options = 'dud_plugin_settings'\n$letters assigned unsafely at line 235:\n $letters = apply_filters( 'dud_after_load_letters', $letters, $dud_user_srch_key, $dud_user_srch_name, \r\n\t$user_directory_sort, $ud_hide_roles, $exc_inc_radio, $inc_exc_user_ids, $loaded_options )\n$letters assigned unsafely at line 228:\n $letters = dynamic_ud_load_alpha_links($user_directory_sort, $ud_hide_roles, $exc_inc_radio, $inc_exc_user_ids, "", \r\n\t\t\t$ud_directory_type, $dud_options, $custom_sort_active)\n$ud_sort_fld_key assigned unsafely at line 169:\n $ud_sort_fld_key \t\t = !empty($dud_options['ud_sort_fld_key']) ? $dud_options['ud_sort_fld_key'] : null\n$ud_sort_fld_type assigned unsafely at line 170:\n $ud_sort_fld_type \t\t = !empty($dud_options['ud_sort_fld_type']) ? $dud_options['ud_sort_fld_type'] : null\n$dud_options assigned unsafely at line 83:\n $dud_options = $dud_tmp_options\n$letters[0] used without escaping.\n$_REQUEST["dud_user_srch_val"] used without escaping.\n$plugins assigned unsafely at line 51:\n $plugins = get_option('active_plugins')\n$dud_options['ud_show_srch_results'] used without escaping.\n$ud_directory_type assigned unsafely at line 199:\n $ud_directory_type = "all-users"\n$atts used without escaping.\n$atts['name'] used without escaping.\n$user_directory_sort assigned unsafely at line 125:\n $user_directory_sort \t\t = !empty($dud_options['user_directory_sort']) ? $dud_options['user_directory_sort'] : null\n$ud_hide_roles assigned unsafely at line 126:\n $ud_hide_roles \t\t = !empty($dud_options['ud_hide_roles']) ? $dud_options['ud_hide_roles'] : null\n$exc_inc_radio assigned unsafely at line 127:\n $exc_inc_radio \t\t = !empty($dud_options['ud_exclude_include_radio']) ? $dud_options['ud_exclude_include_radio'] : null\n$inc_exc_user_ids assigned unsafely at line 128:\n $inc_exc_user_ids \t\t = !empty($dud_options['ud_users_exclude_include']) ? $dud_options['ud_users_exclude_include'] : null\n$dud_options['ud_sort_fld_key'] used without escaping.\n$dud_options['ud_sort_fld_type'] used without escaping.\n$dud_tmp_options assigned unsafely at line 79:\n $dud_tmp_options = get_option( 'dud_plugin_settings_' . ($inc+1) \n$dud_options['user_directory_sort'] used without escaping.\n$dud_options['ud_hide_roles'] used without escaping.\n$dud_options['ud_exclude_include_radio'] used without escaping.\n$dud_options['ud_users_exclude_include'] used without escaping.\n$dud_tmp_options['dud_instance_name'] used without escaping. | 438:22 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $user_sql | 438:34 | Security |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "dud_after_load_uids". | 443:24 | Plugin Repo |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "dud_after_load_uids_multi_dirs". | 444:24 | Plugin Repo |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "dud_filter_users_letter_links". | 458:43 | Plugin Repo |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "dud_filter_users_letter_links". | 467:43 | Plugin Repo |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "dud_filter_users_letter_links". | 474:39 | Plugin Repo |
| 14.11.2025, 23:24:52 | 23s | 12 | 510 | 139 |