Manage User Columns

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$col_id'.

Unescaped parameter $q used in $wpdb->get_results("SELECT DISTINCT meta_key FROM ".$wpdb->base_prefix."usermeta WHERE meta_key LIKE '%".$q."%' ORDER BY CHAR_LENGTH(meta_key) LIMIT 10")\n$q assigned unsafely at line 16:\n $q = sanitize_text_field( $_POST['q'] )\nNote: sanitize_text_field() is not a safe escaping function.\n$_POST['q'] used without escaping.

Use placeholders and $wpdb->prepare(); found $q

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$res'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$name_chk'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$email_chk'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$role_chk'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$posts_chk'.

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$un_chk'.