Name: NPR Content Distribution Service
Rating: 0
Author: Jared Counts

Issues Details

209 issues found in latest scan

	Code	Message	Location	Category
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'npr_cds_esc_html'.	`settings.php:502:14`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'npr_cds_esc_html'.	`settings.php:509:14`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'npr_cds_esc_html'.	`settings.php:513:14`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'admin_url'.	`settings.php:1110:56`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$default_collection'.	`settings.php:1111:138`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'npr_cds_esc_html'.	`settings.php:538:14`	Security
ERROR	`WordPress.Security.EscapeOutput.OutputNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'npr_cds_esc_html'.	`settings.php:584:14`	Security
ERROR	`WordPress.DateTime.RestrictedFunctions.date_date`	date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.	`settings.php:1142:22`	—
ERROR	`WordPress.WP.I18n.MissingArgDomain`	Missing $domain parameter in function call to esc_html_e().	`settings.php:1144:35`	General
ERROR	`WordPress.WP.I18n.NonSingularStringLiteralText`	The $text parameter must be a single text string literal. Found: $story->id	`settings.php:1144:47`	General

209 total row(s)


17.02.2026, 19:01:09	13s	53	123	86
06.01.2026, 18:30:19	14s	55	110	83
10.12.2025, 16:00:31	14s	55	110	83
19.11.2025, 16:27:23	15s	55	110	83
18.11.2025, 02:32:25	18s	55	110	83

NPR Content Distribution Service

Security139

Plugin Repository32

General26

Performance4

settings.php156 issues in this fileTotal: 156Errors: 95Warnings: 61

push_story.php16 issues in this fileTotal: 16Errors: 11Warnings: 5

npr_cds.php16 issues in this fileTotal: 16Errors: 9Warnings: 7

classes/NPR_CDS_WP.php13 issues in this fileTotal: 13Errors: 4Warnings: 9

meta_boxes.php5 issues in this fileTotal: 5Errors: 3Warnings: 2

classes/npr_json.php2 issues in this fileTotal: 2Warnings: 2

readme.txt1 issue in this fileTotal: 1Errors: 1