Headline Analyzer

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$nonce'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$nonce'.

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'parse_url'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$nonce'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$score'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$post_id'.

$_GET['email'] not unslashed before sanitization. Use wp_unslash() or similar

Detected usage of a non-sanitized input variable: $_GET['email']

Processing form data without nonce verification.