Merge pull request #387 from lloc/raise-coverage #18
llocAnnotations
10 errors and 10 warnings
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsPlugin.php#L105
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'msls_output'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsPostTag.php#L74
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$json'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L112
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'new'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L113
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L114
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$checkboxes[$method]'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L118
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'new'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L118
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$value'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L158
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L159
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
includes/MslsAdmin.php#L160
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
|
|
WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_post__not_in:
includes/MslsCustomFilter.php#L81
Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
|
|
WordPress.Security.NonceVerification.Recommended:
includes/ContentImport/Importers/WithRequestPostAttributes.php#L31
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Recommended:
includes/ContentImport/Importers/WithRequestPostAttributes.php#L35
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Missing:
includes/ContentImport/ContentImporter.php#L156
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Missing:
includes/ContentImport/ContentImporter.php#L169
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Missing:
includes/ContentImport/ContentImporter.php#L173
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Recommended:
includes/ContentImport/ContentImporter.php#L198
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Recommended:
includes/ContentImport/ContentImporter.php#L198
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Recommended:
includes/ContentImport/ContentImporter.php#L199
Processing form data without nonce verification.
|
|
WordPress.Security.NonceVerification.Missing:
includes/ContentImport/ContentImporter.php#L381
Processing form data without nonce verification.
|