Escape more variables #10
wolffeAnnotations
2 errors and 3 warnings
|
CPCS:
includes/builder/class-functions.php#L293
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'wpautop'.
|
|
CPCS:
includes/settings/class-settings.php#L155
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$post_type'.
|
|
CPCS:
includes/updater.php#L24
unserialize() found. Serialized data has known vulnerability problems with Object Injection. JSON is generally a better approach for serializing data. See https://www.owasp.org/index.php/PHP_Object_Injection
|
|
CPCS:
includes/updater.php#L63
unserialize() found. Serialized data has known vulnerability problems with Object Injection. JSON is generally a better approach for serializing data. See https://www.owasp.org/index.php/PHP_Object_Injection
|
|
CPCS:
includes/updater.php#L79
serialize() found. Serialized data has known vulnerability problems with Object Injection. JSON is generally a better approach for serializing data. See https://www.owasp.org/index.php/PHP_Object_Injection
|