Gutena Forms – Contact Forms Block

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

Unescaped parameter $query used in $wpdb->get_results($wpdb->prepare(\n\t\t\t\t\t\t$query,\n\t\t\t\t\t\t$this->form_id,\n\t\t\t\t\t\t$table_data['per_page'],\n\t\t\t\t\t\t( $table_data['current_page'] - 1 ) * $table_data['per_page']\n\t\t\t\t\t))\n$query assigned unsafely at line 100:\n $query .= " ORDER BY ".$table_data['orderby']." {$table_data['order']} LIMIT %d OFFSET %d"\n$table_data['orderby'] assigned unsafely at line 82:\n $table_data['orderby'] = ( empty( $_GET['orderby'] ) || ! in_array( $_GET['orderby'], array( 'entry_id', 'added_time' ) ) )? 'entry_id' : sanitize_text_field( $_GET['orderby'] ) \nNote: sanitize_text_field() is not a safe escaping function.\n$_GET['orderby'] used without escaping.

Unescaped parameter $action_query used in $wpdb->query($action_query)\n$action_query assigned unsafely at line 106:\n $action_query = ''\n$action used without escaping.

Use placeholders and $wpdb->prepare(); found $action_query

Use placeholders and $wpdb->prepare(); found $orderby

Missing $domain parameter in function call to _e().