Highlights any portion of text as text in the colored boxes.
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.WP.AlternativeFunctions.file_system_operations_is_writable | File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable(). | 352:21 | Plugin Repo |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sSql used in $wpdb->get_results($sSql)\n$sSql assigned unsafely at line 279:\n $sSql = "SELECT slug, caption FROM $sTable WHERE trash IS FALSE;" | 280:32 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sSql | 280:44 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$before_widget'. | 316:22 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$before_title'. | 316:39 | Security |
| ERROR | WordPress.WP.I18n.MissingArgDomain | Missing $domain parameter in function call to esc_attr__(). | 316:55 | General |
| ERROR | WordPress.WP.I18n.NonSingularStringLiteralText | The $text parameter must be a single text string literal. Found: $title | 316:66 | General |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$after_title'. | 316:76 | Security |
| ERROR | WordPress.WP.I18n.MissingArgDomain | Missing $domain parameter in function call to esc_attr__(). | 316:91 | General |
| ERROR | WordPress.WP.I18n.NonSingularStringLiteralText | The $text parameter must be a single text string literal. Found: $text | 316:102 | General |
| 14.11.2025, 19:24:37 | 18s | 80 | 37 | 41 |