This Plugin is use for create duplicate page.
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | textdomain_invalid_format | The "Text Domain" header in the plugin file should only contain lowercase letters, numbers, and hyphens. Found "wordpress.org". | — | Plugin Repo |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql_query used in $wpdb->query($sql_query)\n$sql_query assigned unsafely at line 96:\n $sql_query .= implode(" UNION ALL ", $sql_query_sel)\n$sql_query_sel assigned unsafely at line 94:\n $sql_query_sel[] = "SELECT $new_post_id, '$meta_key', '$meta_value'"\n$new_post_id assigned unsafely at line 77:\n $new_post_id = wp_insert_post($args)\n$meta_key assigned unsafely at line 91:\n $meta_key = $meta_info->meta_key\n$meta_value assigned unsafely at line 93:\n $meta_value = addslashes($meta_info->meta_value)\nNote: addslashes() is not a safe escaping function.\n$args assigned unsafely at line 59:\n $args = array(\r\n 'comment_status' => $post->comment_status,\r\n 'ping_status' => $post->ping_status,\r\n 'post_author' => $new_post_author,\r\n 'post_content' => $post->post_content,\r\n 'post_excerpt' => $post->post_excerpt,\r\n 'post_name' => $post->post_name,\r\n 'post_parent' => $post->post_parent,\r\n 'post_password' => $post->post_password,\r\n 'post_featured_image' => $post->post_featured_image,\r\n 'post_status' => 'draft',\r\n 'post_title' => $post->post_title,\r\n 'post_type' => $post->post_type,\r\n 'to_ping' => $post->to_ping,\r\n 'menu_order' => $post->menu_order\r\n )\n$meta_info->meta_key used without escaping.\n$meta_info->meta_value used without escaping.\n$post->comment_status used without escaping. | 97:24 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql_query | 97:30 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$post_id'. | 109:54 | Security |
| ERROR | outdated_tested_upto_header | Tested up to: 5.3 < 6.8. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress. | — | Plugin Repo |
| WARNING | WordPress.DB.PreparedSQL.InterpolatedNotPrepared | Use placeholders and $wpdb->prepare(); found interpolated variable $post_id at "SELECT meta_key, meta_value FROM $wpdb->postmeta WHERE post_id=$post_id" | 87:51 | Security |
| WARNING | WordPress.DB.DirectDatabaseQuery.DirectQuery | Use of a direct database call is discouraged. | 97:17 | Security |
| WARNING | WordPress.DB.DirectDatabaseQuery.NoCaching | Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete(). | 97:17 | Security |
| WARNING | WordPress.Security.SafeRedirect.wp_redirect_wp_redirect | wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed. | 103:70 | Security |
| WARNING | WordPress.Security.SafeRedirect.wp_redirect_wp_redirect | wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed. | 105:17 | Security |
| 15.11.2025, 07:40:29 | 9s | 95 | 5 | 10 |