Privacy Policy Generator – WPLP Legal Pages

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$age_popup_no".

Unescaped parameter $alter_popup_sql used in $wpdb->query()\n$alter_popup_sql assigned unsafely at line 110.

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "admin_head".

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "WC_AM_Client_2_7_WPLegalPages".

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

$_SERVER['HTTP_AUTHORIZATION'] not unslashed before sanitization. Use wp_unslash() or similar

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_AUTHORIZATION']

Use placeholders and $wpdb->prepare(); found interpolated variable $id_list at "SELECT ID, post_title FROM {$wpdb->posts} WHERE ID IN ($id_list) AND post_type = %s AND post_status = %s"

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "activate_wp_legal_pages".

Use of a direct database call is discouraged.

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

Detected usage of a possibly undefined superglobal array index: $_SERVER['HTTP_USER_AGENT']. Check that the array index exists before using it.

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "WPLPP_SUFFIX".

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

Missing $domain parameter in function call to esc_html_e().

The plugin name includes a restricted term. Your chosen plugin name - "Privacy Policy Generator - WPLP Legal Pages" - contains the restricted term "wp" which cannot be used at all in your plugin name.

Unescaped parameter $id_list used in $wpdb->get_results()\n$id_list assigned unsafely at line 277.

Use placeholders and $wpdb->prepare(); found $post_tbl

Mismatched text domain. Expected 'wplegalpages' but got 'gdpr-cookie-consent'.

Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_themes

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

Attempting a database schema change is discouraged.

Setting `suppress_filters` to `true` is prohibited.

Plugin name "Privacy Policy Generator - WPLP Legal Pages" is different from the name declared in plugin header "WPLP Legal Pages".

Tested up to: 6.8 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.