The ultimate Elementor addon for cross-domain copying, magic copy buttons, and instant page duplication. Build websites faster with one-click design t …
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $bdt_sql_query used in $wpdb->query($bdt_sql_query)\n$bdt_sql_query assigned unsafely at line 109:\n $bdt_sql_query .= implode(', ', $bdt_sql_query_sel) . ';'\n$bdt_sql_query_sel assigned unsafely at line 106:\n $bdt_sql_query_sel[] = "( $bdt_new_post_id, '{$bdt_meta_info->meta_key}', '{$bdt_meta_value}' )"\n$bdt_new_post_id assigned unsafely at line 79:\n $bdt_new_post_id = wp_insert_post($bdt_args)\n$bdt_meta_info->meta_key used without escaping.\n$bdt_meta_value assigned unsafely at line 105:\n $bdt_meta_value = wp_slash($bdt_meta_info->meta_value)\n$bdt_args assigned unsafely at line 59:\n $bdt_args = [\n 'post_status' => 'draft',\n /* translators: %1$s: original post title */\n 'post_title' => sprintf(__('%1$s - [Duplicated]', 'live-copy-paste'), $bdt_post->post_title),\n 'post_type' => $bdt_post->post_type,\n 'post_name' => $bdt_post->post_name,\n 'post_content' => $bdt_post->post_content,\n 'post_excerpt' => $bdt_post->post_excerpt,\n 'post_author' => $bdt_new_post_author,\n 'post_parent' => $bdt_post->post_parent,\n 'post_password' => $bdt_post->post_password,\n 'comment_status' => $bdt_post->comment_status,\n 'ping_status' => $bdt_post->ping_status,\n 'menu_order' => $bdt_post->menu_order,\n 'to_ping' => $bdt_post->to_ping,\n ]\n$bdt_meta_info->meta_value used without escaping. | 110:28 | Security |
| ERROR | PluginCheck.CodeAnalysis.DiscouragedFunctions.load_plugin_textdomainFound | load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed. | 217:13 | Plugin Repo |
| ERROR | PluginCheck.CodeAnalysis.SettingSanitization.register_settingMissing | Sanitization missing for register_setting(). | 246:13 | Plugin Repo |
| ERROR | invalid_tested_upto_minor | Tested up to: 6.8.2 The version number should only include major versions 6.8. | — | Plugin Repo |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $bdt_sql_query | 110:34 | Security |
| WARNING | WordPress.DB.DirectDatabaseQuery.DirectQuery | Use of a direct database call is discouraged. | 110:21 | Security |
| WARNING | WordPress.DB.DirectDatabaseQuery.NoCaching | Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete(). | 110:21 | Security |
| WARNING | WordPress.Security.SafeRedirect.wp_redirect_wp_redirect | wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed. | 136:21 | Security |
| WARNING | WordPress.Security.NonceVerification.Recommended | Processing form data without nonce verification. | 133:23 | Security |
| WARNING | WordPress.Security.NonceVerification.Recommended | Processing form data without nonce verification. | 152:23 | Security |
| 11/14/2025, 3:24:00 AM | 9s | 93 | 5 | 21 |