SamedayCourier Shipping

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$message'.

The $domain parameter must be a single text string literal. Found: SamedayCourierHelperClass::TEXT_DOMAIN

The $domain parameter must be a single text string literal. Found: SamedayCourierHelperClass::TEXT_DOMAIN

Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 42:\n $sql = SamedayCourierHelperClass::buildGridQuery(\n\t\t\t$wpdb->prefix . $this->tableName,\n SamedayCourierHelperClass::isTesting(),\n\t\t\tself::ACCEPTED_FILTERS\n\t\t)

Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 41:\n $sql = SamedayCourierHelperClass::buildGridQuery(\n $table,\n $is_testing,\n self::ACCEPTED_FILTERS,\n )\n$is_testing assigned unsafely at line 39:\n $is_testing = SamedayCourierHelperClass::isTesting()

Use placeholders and $wpdb->prepare(); found $sql

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

The $domain parameter must be a single text string literal. Found: SamedayCourierHelperClass::TEXT_DOMAIN

The $domain parameter must be a single text string literal. Found: SamedayCourierHelperClass::TEXT_DOMAIN

The $domain parameter must be a single text string literal. Found: SamedayCourierHelperClass::TEXT_DOMAIN