Ninja Forms – The Contact Form Builder That Grows With You

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$action'.

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "nfExtractPageTitle".

rand() is discouraged. Use the far less predictable wp_rand() instead.

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "NF_Database_Migrations_FormMeta".

Missing $domain parameter in function call to esc_html__().

A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

Unescaped parameter $query used in $wpdb->query($query)\n$query assigned unsafely at line 60:\n $query = "ALTER TABLE {$this->table_name()}\n ADD `meta_key` longtext {$this->charset_collate()},\n ADD `meta_value` longtext {$this->charset_collate()};"

Use placeholders and $wpdb->prepare(); found $query

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "NF_Database_Migrations_ActionMeta".

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'Please contact your host to upgrade your site\'s PHP version. %sRead more about updating your PHP version and WordPress%s.'.