Ultimate Gift Cards for WooCommerce

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

Use placeholders and $wpdb->prepare(); found $paged_sql

Unescaped parameter $paged_sql used in $wpdb->get_results($paged_sql)\n$paged_sql assigned unsafely at line 301:\n $paged_sql = $sql . $wpdb->prepare( ' LIMIT %d OFFSET %d', $batch_size, $raw_offset )\n$sql assigned unsafely at line 290:\n $sql .= ' ORDER BY p.ID DESC'\n$valid_offset assigned unsafely at line 292:\n $valid_offset = $offset\n$offset assigned unsafely at line 246:\n $offset = ( $current_page - 1 ) * $per_page\n$current_page assigned unsafely at line 244:\n $current_page = isset( $_GET['paged'] ) ? sanitize_text_field( wp_unslash( $_GET['paged'] ) ) : 1\nNote: sanitize_text_field() is not a safe escaping function.

Library files that are already in the WordPress core are not permitted.

Use of a direct database call is discouraged.

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

Use of a direct database call is discouraged.

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

Use of a direct database call is discouraged.

Detected usage of meta_key, possible slow query.