Post Types Order

Mismatched text domain. Expected 'post-types-order' but got 'atto'.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 143:\n $query = $wpdb->prepare( "SELECT p.* FROM $wpdb->posts AS p\r\n $_join\r\n WHERE p.post_date < %s AND p.menu_order = %d AND p.post_type = %s AND p.post_status = 'publish' $_where" , $post->post_date, $current_menu_order, $post->post_type)\n$_join assigned unsafely at line 101:\n $_join = ''\n$_where assigned unsafely at line 137:\n $_where .= " AND p.ID NOT IN ( SELECT tr.object_id FROM $wpdb->term_relationships tr LEFT JOIN $wpdb->term_taxonomy tt ON (tr.term_taxonomy_id = tt.term_taxonomy_id) WHERE tt.term_id IN (" . implode( ',', $excluded_terms ) . ') )'\n$current_menu_order assigned unsafely at line 141:\n $current_menu_order = $post->menu_order\n$post->menu_order used without escaping.

Use placeholders and $wpdb->prepare(); found $query

Missing $domain parameter in function call to esc_html__().

A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

Mismatched text domain. Expected 'post-types-order' but got 'atto'.

Missing $domain parameter in function call to esc_html_e().

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'CPTURL'.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.