WP Edit

Sample message

Mismatched text domain. Expected 'wp-edit' but got 'wp_edit_pro'.

Sample message

Stylesheets must be registered/enqueued via wp_enqueue_style()

Sample message

Offloading images, js, css, and other scripts to your servers or any remote service is disallowed.

Sample message

Unescaped parameter $post->ID used in $wpdb->get_row()\n$post->ID used without escaping.

Sample message

Resource version not set in call to wp_register_script(). This means new versions of the script may not always be loaded due to browser caching.

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $post->ID at "SELECT post_excerpt FROM $wpdb->posts WHERE id = '$post->ID'"

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

Sample message

Processing form data without nonce verification.

Sample message

Scripts must be registered/enqueued via wp_enqueue_script()

Sample message

Missing $domain parameter in function call to __().

Sample message

The plugin name includes a restricted term. Your chosen plugin name - "WP Edit" - contains the restricted term "wp" which cannot be used at all in your plugin name.

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "JWL_Toggle_wpautop".

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "WPEDIT_PLUGIN_PATH".

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.