JSM Force HTTP to HTTPS / SSL – No Setup, Fast and Reliable

Tested up to: 6.8.3 The version number should only include major versions 6.8.

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

$_SERVER['HTTP_HOST'] not unslashed before sanitization. Use wp_unslash() or similar

$_SERVER['REQUEST_URI'] not unslashed before sanitization. Use wp_unslash() or similar

$_SERVER['HTTP_X_FORWARDED_PROTO'] not unslashed before sanitization. Use wp_unslash() or similar

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_X_FORWARDED_PROTO']

$_SERVER['HTTP_X_FORWARDED_PROTO'] not unslashed before sanitization. Use wp_unslash() or similar

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_X_FORWARDED_PROTO']

$_SERVER['HTTP_X_FORWARDED_SSL'] not unslashed before sanitization. Use wp_unslash() or similar

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_X_FORWARDED_SSL']