| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.WP.AlternativeFunctions.parse_url_parse_url | parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead. | 72:22 | Plugin Repo |
| ERROR | textdomain_invalid_format | The "Text Domain" header in the plugin file should only contain lowercase letters, numbers, and hyphens. Found "lh_force_lowercase_urls". | — | Plugin Repo |
| ERROR | outdated_tested_upto_header | Tested up to: 6.0 < 6.8. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress. | — | Plugin Repo |
| ERROR | plugin_header_no_license | Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license. | — | Plugin Repo |
| WARNING | WordPress.Security.ValidatedSanitizedInput.InputNotValidatedNotSanitized | Detected usage of a non-sanitized, non-validated input variable _SERVER: "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]" | 42:102 | Security |
| WARNING | WordPress.Security.ValidatedSanitizedInput.InputNotValidatedNotSanitized | Detected usage of a non-sanitized, non-validated input variable _SERVER: "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]" | 42:102 | Security |
| WARNING | WordPress.Security.SafeRedirect.wp_redirect_wp_redirect | wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed. | 98:17 | Security |
| 14.11.2025, 19:33:48 | 8s | 98 | 4 | 3 |