Scripts n Styles

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_title'.

All output should be run through an escaping function (like echo esc_html_x() or echo esc_attr_x()), found '_ex'.

Detected usage of a non-sanitized input variable: $_GET['post_status']

$_GET['post_status'] not unslashed before sanitization. Use wp_unslash() or similar

Missing $domain parameter in function call to __().

Processing form data without nonce verification.

Translatable string should not be wrapped in HTML. Found: '<span class="description" style="max-width: 500px; display: inline-block;">Should the plugin clean up after itself and delete all of its saved data.</span>'

Detected usage of a possibly undefined superglobal array index: $_REQUEST['delete']. Check that the array index exists before using it.

Sanitization missing for register_setting().

Detected usage of meta_key, possible slow query.

In footer ($in_footer) is not set explicitly wp_register_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

Detected usage of meta_query, possible slow query.

print_r() found. Debug code should not normally be used in production.

add_contextual_help() has been deprecated since WordPress version 3.3.0. Use get_current_screen()->add_help_tab() instead.

add_object_page() has been deprecated since WordPress version 4.5.0. Use add_menu_page() instead.

add_utility_page() has been deprecated since WordPress version 4.5.0. Use add_menu_page() instead.

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

The $text parameter must be a single text string literal. Found: '<p>"Hoops" are shortcodes invented to get around some limitations of vanilla WordPress.</p>'\r\n . '<p> Normally, certain HTML is very problematic to use in the Post Editor, because it either gets '\r\n . 'jumbled during Switching between HTML and Visual Tabs, stripped out by WPAutoP (rare) or stripped '\r\n . 'out because the User doesn’t have the proper Permissions.</p>'\r\n . '<p>With Hoops, an Admin user (who has `unfiltered_html` and `manage_options` capablilities) can '\r\n . 'write and approve snippets of HTML for other users to use via Shortcodes.</p>'

Tested up to: 6.2 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

One or more tags were ignored. Please limit your plugin to 5 tags.