| ERROR | plugin_header_no_license | Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license. | post-types-order.php | Plugin Repo |
| ERROR | WordPress.WP.DeprecatedParameters.Load_plugin_textdomainParam2Found | The parameter "''" at position #2 of load_plugin_textdomain() has been deprecated since WordPress version 2.7.0. Use "" instead. | post-types-order.php:41:13 | Plugin Repo |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $_join used in $wpdb->get_results($wpdb->prepare( "SELECT p.* FROM $wpdb->posts AS p\r\n $_join\r\n WHERE p.post_date > %s AND p.menu_order = %d AND p.post_type = %s AND p.post_status = 'publish' $_where", $post->post_date, $current_menu_order, $post->post_type ))\n$_join assigned unsafely at line 193:\n $_join = ''\n$_where assigned unsafely at line 229:\n $_where .= " AND p.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships tr LEFT JOIN $wpdb->term_taxonomy tt ON (tr.term_taxonomy_id = tt.term_taxonomy_id) WHERE tt.term_id IN (" . implode( ',', $excluded_terms ) . ') )'\n$current_menu_order assigned unsafely at line 233:\n $current_menu_order = $post->menu_order\n$post->menu_order used without escaping. | include/class.functions.php:236:39 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $_join used in $wpdb->get_results($wpdb->prepare( "SELECT p.* FROM $wpdb->posts AS p\r\n $_join\r\n WHERE p.post_date < %s AND p.menu_order = %d AND p.post_type = %s AND p.post_status = 'publish' $_where" , $post->post_date, $current_menu_order, $post->post_type))\n$_join assigned unsafely at line 101:\n $_join = ''\n$_where assigned unsafely at line 137:\n $_where .= " AND p.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships tr LEFT JOIN $wpdb->term_taxonomy tt ON (tr.term_taxonomy_id = tt.term_taxonomy_id) WHERE tt.term_id IN (" . implode( ',', $excluded_terms ) . ') )'\n$current_menu_order assigned unsafely at line 141:\n $current_menu_order = $post->menu_order\n$post->menu_order used without escaping. | include/class.functions.php:143:39 | Security |
| ERROR | WordPress.WP.I18n.MissingTranslatorsComment | A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. | include/class.functions.php:206:97 | General |
| ERROR | WordPress.WP.AlternativeFunctions.file_system_operations_mkdir | File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir(). | include/class.functions.php:382:30 | Plugin Repo |
| ERROR | WordPress.WP.I18n.MissingTranslatorsComment | A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. | include/class.functions.php:114:97 | General |
| WARNING | WordPress.DB.PreparedSQL.InterpolatedNotPrepared | Use placeholders and $wpdb->prepare(); found interpolated variable $_join at $_join\r\n | include/class.functions.php:237:1 | Security |
| WARNING | WordPress.DB.PreparedSQL.InterpolatedNotPrepared | Use placeholders and $wpdb->prepare(); found interpolated variable $_where at WHERE p.post_date > %s AND p.menu_order = %d AND p.post_type = %s AND p.post_status = 'publish' $_where" | include/class.functions.php:238:1 | Security |
| WARNING | WordPress.Security.ValidatedSanitizedInput.MissingUnslash | $_REQUEST['action'] not unslashed before sanitization. Use wp_unslash() or similar | include/class.cpto.php:202:116 | Security |