Skip to content

Ignore some escaping errors #23

Ignore some escaping errors

Ignore some escaping errors #23

Triggered via pull request September 24, 2024 10:54
@lloclloc
synchronize #388
raise-coverage
Status Failure
Total duration 2m 31s
Artifacts

plugin-check.yml

on: pull_request
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 10 warnings
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/ContentImport/MetaBox.php#L103
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/ContentImport/MetaBox.php#L103
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/ContentImport/MetaBox.php#L128
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'add_query_arg'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/ContentImport/MetaBox.php#L253
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$html'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/ContentImport/LogWriters/AdminNoticeLogger.php#L144
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$html'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/MslsCustomFilter.php#L56
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'new'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/MslsCustomFilter.php#L56
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$options'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/MslsCustomFilter.php#L56
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$id'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/MslsMetaBox.php#L65
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$json'.
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/MslsMetaBox.php#L203
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args'.
WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_post__not_in: includes/MslsCustomFilter.php#L81
Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WordPress.Security.NonceVerification.Missing: includes/ContentImport/ContentImporter.php#L156
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Missing: includes/ContentImport/ContentImporter.php#L169
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Missing: includes/ContentImport/ContentImporter.php#L173
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Recommended: includes/ContentImport/ContentImporter.php#L198
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Recommended: includes/ContentImport/ContentImporter.php#L198
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Recommended: includes/ContentImport/ContentImporter.php#L199
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Missing: includes/ContentImport/ContentImporter.php#L381
Processing form data without nonce verification.