Copy or Duplicate any post types, including pages, taxonomies & custom fields with a single click.
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound | Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$post_types". | 56:1 | Plugin Repo |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$post_id'. | 138:73 | Security |
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound | Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "PluginRowMeta". | 144:1 | Plugin Repo |
| ERROR | license_mismatch | Your plugin has a different license declared in the readme file and plugin header. Please update your readme with a valid GPL license identifier. | — | Plugin Repo |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $main_sql_query used in $wpdb->query($main_sql_query)\n$main_sql_query assigned unsafely at line 129:\n $main_sql_query .= implode(" UNION ALL ", $sql_query_select)\n$sql_query_select assigned unsafely at line 127:\n $sql_query_select[] = "SELECT $new_post_id, '$meta_key', '$meta_value'"\n$new_post_id assigned unsafely at line 108:\n $new_post_id = wp_insert_post($args)\n$meta_key assigned unsafely at line 125:\n $meta_key = $meta_info->meta_key\nNote: addslashes() is not a safe escaping function.\n$meta_value assigned unsafely at line 126:\n $meta_value = addslashes($meta_info->meta_value)\n$args assigned unsafely at line 92:\n $args = array(\n 'comment_status' => $post->comment_status,\n 'ping_status' => $post->ping_status,\n 'post_author' => $new_post_author,\n 'post_content' => $post->post_content,\n 'post_excerpt' => $post->post_excerpt,\n 'post_name' => $post->post_name,\n 'post_parent' => $post->post_parent,\n 'post_password' => $post->post_password,\n 'post_status' => 'draft',\n 'post_title' => $post->post_title,\n 'post_type' => $post->post_type,\n 'to_ping' => $post->to_ping,\n 'menu_order' => $post->menu_order\n )\n$meta_info->meta_key used without escaping.\n$meta_info->meta_value used without escaping.\n$post->comment_status used without escaping. | 130:20 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $main_sql_query | 130:26 | Security |
| WARNING | WordPress.DB.DirectDatabaseQuery.DirectQuery | Use of a direct database call is discouraged. | 130:13 | Security |
| WARNING | WordPress.DB.DirectDatabaseQuery.NoCaching | Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete(). | 130:13 | Security |
| WARNING | WordPress.Security.SafeRedirect.wp_redirect_wp_redirect | wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed. | 133:9 | Security |
| WARNING | readme_parser_warnings_too_many_tags | One or more tags were ignored. Please limit your plugin to 5 tags. | — | Plugin Repo |
| 14.11.2025, 14:59:15 | 10s | 96 | 6 | 11 |