WordPress.Security.SafeRedirect.wp_redirect_wp_redirect

wp redirect wp redirect

Plugin Check reported a security-sensitive coding pattern that needs review.

critical weight

Why It Shows Up

The finding came from a security-focused WordPress coding standard or Plugin Check rule.

Why It Matters

Security findings often involve trust boundaries: request input, browser output, redirects, database access, capabilities, or filesystem behavior.

How to Fix

Identify the untrusted value or privileged action involved.
Add validation, sanitization, escaping, nonce checks, capability checks, or prepared SQL as appropriate.
Rerun Plugin Check after the code path is fixed.

References

WordPress validating, sanitizing, and escaping WordPress escaping functions WordPress nonces

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Added	Updated	Top Issue
#51	WPJAM Basic	20	328	356	4k+	10 years ago	12 days ago	Output is not escaped
#52	School Management System – WPSchoolPress	20	353	5,275	1k+	7 years ago	4 days ago	Non-prefixed global variable
#53	Backup Migration	21	981	1,093	80k+	6 years ago	23 days ago	Non-prefixed global variable
#54	Forumax – AI Powered Advanced Community Forum Plugin	21	4,936	4,357	600	4 years ago	4 days ago	Text Domain Mismatch
#55	Booking Ultra Pro Appointments Booking Calendar Plugin	21	761	2,083	400	10 years ago	9 months ago	Request data is not unslashed
#56	CallTrackingMetrics	21	923	286	3k+	15 years ago	4 months ago	Unsafe printing function
#57	Smart Grid-Layout Design for Contact Form 7	21	1,126	734	10k+	9 years ago	2 months ago	Output is not escaped
#58	SMS Extension for Contact Form 7	21	720	1,387	400	6 years ago	8 months ago	Non-prefixed global variable
#59	Comet Cache	21	857	245	20k+	10 years ago	12 months ago	Output is not escaped
#60	Daily Prayer Time	21	947	1,780	1k+	11 years ago	1 month ago	Non-prefixed global variable
#61	Free Downloads WooCommerce	21	430	359	4k+	10 years ago	1 month ago	Output is not escaped
#62	Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More	21	2,572	1,277	1m+	15 years ago	1 month ago	Output is not escaped
#63	Envo Extra	21	878	600	20k+	4 years ago	1 month ago	Text Domain Mismatch
#64	ERP: Complete HR, Recruitment, Accounting & CRM Suite with WooCommerce CRM Support	21	829	5,966	5k+	10 years ago	2 days ago	Direct Query
#65	Eupago Gateway For Woocommerce	21	612	320	2k+	4 years ago	2 months ago	Output is not escaped
#66	EventPrime – Events Calendar, Bookings and Tickets	21	872	4,297	7k+	7 years ago	8 days ago	Non-prefixed global variable
#67	Formidable Forms – WordPress Form Builder for Contact Forms, Calculators, Quizzes & More	21	52	1,959	300k+	17 years ago	6 days ago	Non-prefixed global variable
#68	Campaign Monitor for WordPress	21	386	461	2k+	10 years ago	2 months ago	Non-prefixed global variable
#69	Front End Users	21	719	2,759	400	12 years ago	7 months ago	Non-prefixed global variable
#70	Frontend Dashboard	21	384	945	500	9 years ago	12 months ago	Non-prefixed function
#71	If-So Dynamic Content – Elementor & All Page Builders Personalization	21	889	725	7k+	9 years ago	1 month ago	Unsafe printing function
#72	JCH Optimize	21	953	133	4k+	12 years ago	5 months ago	Output is not escaped
#73	LA-Studio Element Kit for Elementor	21	8,390	1,964	10k+	5 years ago	12 days ago	Text Domain Mismatch
#74	MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder	21	1,133	3,011	2k+	12 years ago	8 months ago	Non-prefixed global variable
#75	Mapster WP Maps	21	3,440	2,903	3k+	5 years ago	17 days ago	Text Domain Mismatch
#76	Mergado Pack	21	2,323	588	700	9 years ago	5 months ago	Output is not escaped
#77	MotoPress Hotel Booking	21	3,061	1,037	10k+	8 years ago	13 days ago	Text Domain Mismatch
#78	Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred	21	1,469	3,333	10k+	13 years ago	10 days ago	Non-prefixed global variable
#79	Oasis Workflow	21	775	575	700	14 years ago	6 months ago	Text Domain Mismatch
#80	OneLogin SAML SSO	21	508	330	7k+	15 years ago	7 months ago	wp function not compatible with requires wp
#81	Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages	21	1,173	2,983	9k+	10 years ago	26 days ago	Non-prefixed global variable
#82	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction	21	1,918	5,065	10k+	11 years ago	26 days ago	Non-prefixed hook name
#83	User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor	21	696	1,483	50k+	15 years ago	18 days ago	Nonce verification recommended
#84	PublishPress Planner – Editorial Calendar, Marketing Content, Kanban Board	21	603	890	6k+	9 years ago	1 month ago	Output is not escaped
#85	Five Star Restaurant Reservations – WordPress Booking Plugin	21	1,099	1,147	10k+	12 years ago	9 days ago	Output is not escaped
#86	Rocket Maintenance Mode & Coming Soon Page	21	1,176	1,406	4k+	12 years ago	2 years ago	Non-prefixed global variable
#87	Royal Addons for Elementor – Addons and Templates Kit for Elementor	21	13,011	2,530	600k+	5 years ago	3 days ago	Text Domain Mismatch
#88	Seamless Donations is Sunset	21	600	514	2k+	14 years ago	2 years ago	Text Domain Mismatch
#89	SeatReg	21	312	1,637	400	5 years ago	3 days ago	Missing nonce verification
#90	Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic	21	327	181	10k+	14 years ago	2 years ago	Output is not escaped
#91	Smart Forms – when you need more than just a contact form	21	776	574	5k+	13 years ago	1 month ago	Output is not escaped
#92	Accept Stripe Payments	21	373	882	20k+	11 years ago	2 months ago	Missing nonce verification
#93	ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin	21	190	660	30k+	13 years ago	1 month ago	Non-prefixed global variable
#94	TotalPoll for Polls and Contests	21	1,366	155	1k+	12 years ago	10 months ago	Text Domain Mismatch
#95	Revive Social – Social Media Auto Post and Scheduling Automation Plugin	21	255	425	20k+	17 years ago	1 month ago	Non-prefixed hook name
#96	Buckaroo Woocommerce Payments Plugin	21	584	326	2k+	11 years ago	3 days ago	Exception output is not escaped
#97	BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages	21	668	1,569	900	9 years ago	1 year ago	Non-prefixed global variable
#98	WebP Express	21	160	427	300k+	8 years ago	9 days ago	Non-prefixed global variable
#99	Wise Chat	21	470	506	5k+	12 years ago	4 months ago	Output is not escaped
#100	Paysera Payment Gateway for WooCommerce	21	1,866	195	7k+	8 years ago	24 days ago	Exception output is not escaped