You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
WordPress.Security.NonceVerification.Recommended Line 83 of file inc/columns.class.php.
Processing form data without nonce verification. $orderby = isset( $_GET['orderby'] ) ? sanitize_text_field( wp_unslash( $_GET['orderby'] ) ) : '';
WordPress.Security.NonceVerification.Recommended Line 108 of file inc/columns.class.php.
Processing form data without nonce verification. $spam_reason = isset( $_GET['comment_spam_reason'] ) ? sanitize_text_field( wp_unslash( $_GET['comment_spam_reason'] ) ) : '';
WordPress.Security.NonceVerification.Recommended Line 133 of file inc/columns.class.php.
Processing form data without nonce verification. $spam_reason = isset( $_GET['comment_spam_reason'] ) ? sanitize_text_field( wp_unslash( $_GET['comment_spam_reason'] ) ) : '';
WordPress.Security.NonceVerification.Recommended Line 240 of file antispam_bee.php.
Processing form data without nonce verification. if ( ! empty( $_GET['comment_status'] ) && 'spam' === $_GET['comment_status'] && ! self::get_option( 'no_notice' ) ) {
WordPress.Security.NonceVerification.Recommended Line 549 of file antispam_bee.php.
Processing form data without nonce verification. return ( ! empty( $_GET['page'] ) && 'antispam_bee' === $_GET['page'] );
WordPress.WP.AlternativeFunctions.file_system_read_file_put_contents Line 2429 of file antispam_bee.php.
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: file_put_contents(). file_put_contents(
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2605 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead. $content = strip_tags( stripslashes( $comment['comment_content'] ) );
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2626 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead. strip_tags( $post->post_title )
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2630 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead. ( empty( $comment['comment_author'] ) ? '' : strip_tags( $comment['comment_author'] ) )
The text was updated successfully, but these errors were encountered:
This differs from strip_tags() because it removes the contents of the <script> and <style> tags. E.g. strip_tags( '<script>something</script>' ) will return ‘something’. wp_strip_all_tags will return ”
There is a new plugin for checking plugins:
https://wordpress.org/plugins/plugin-check/
https://github.com/10up/plugin-check
I have checked ASB with it ang got some issues:
WordPress.Security.NonceVerification.Recommended Line 83 of file inc/columns.class.php.
Processing form data without nonce verification.
$orderby = isset( $_GET['orderby'] ) ? sanitize_text_field( wp_unslash( $_GET['orderby'] ) ) : '';
WordPress.Security.NonceVerification.Recommended Line 108 of file inc/columns.class.php.
Processing form data without nonce verification.
$spam_reason = isset( $_GET['comment_spam_reason'] ) ? sanitize_text_field( wp_unslash( $_GET['comment_spam_reason'] ) ) : '';
WordPress.Security.NonceVerification.Recommended Line 133 of file inc/columns.class.php.
Processing form data without nonce verification.
$spam_reason = isset( $_GET['comment_spam_reason'] ) ? sanitize_text_field( wp_unslash( $_GET['comment_spam_reason'] ) ) : '';
WordPress.Security.NonceVerification.Recommended Line 240 of file antispam_bee.php.
Processing form data without nonce verification.
if ( ! empty( $_GET['comment_status'] ) && 'spam' === $_GET['comment_status'] && ! self::get_option( 'no_notice' ) ) {
WordPress.Security.NonceVerification.Recommended Line 549 of file antispam_bee.php.
Processing form data without nonce verification.
return ( ! empty( $_GET['page'] ) && 'antispam_bee' === $_GET['page'] );
WordPress.WP.AlternativeFunctions.file_system_read_file_put_contents Line 2429 of file antispam_bee.php.
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: file_put_contents().
file_put_contents(
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2605 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
$content = strip_tags( stripslashes( $comment['comment_content'] ) );
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2626 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
strip_tags( $post->post_title )
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2630 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
( empty( $comment['comment_author'] ) ? '' : strip_tags( $comment['comment_author'] ) )
The text was updated successfully, but these errors were encountered: