Pochipp

Sanitization missing for register_setting().

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$checked'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$checked'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$checked'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"\n'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<a href=\"$url\" $ex_props $rel_target>$btn_text</a>$imp_tag"'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<a href=\"$url\" $rel_target>$item_image</a>$imp_tag"'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'admin_url'.

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$cid".

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$postid".