WordPress.Security.SafeRedirect.wp_redirect_wp_redirect

wp redirect wp redirect

Plugin Check reported a security-sensitive coding pattern that needs review.

critical weight

Why It Shows Up

The finding came from a security-focused WordPress coding standard or Plugin Check rule.

Why It Matters

Security findings often involve trust boundaries: request input, browser output, redirects, database access, capabilities, or filesystem behavior.

How to Fix

  • Identify the untrusted value or privileged action involved.
  • Add validation, sanitization, escaping, nonce checks, capability checks, or prepared SQL as appropriate.
  • Rerun Plugin Check after the code path is fixed.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#1051Sidebar Manager Light31221761k+Text Domain Mismatch
#1052Staatic – Static Site Generator for WordPress314201952k+SQL query is not prepared
#1053Swatchly – Product Variation Swatches for WooCommerce315402145k+Output is not escaped
#1054Themify Store Locator31244125500Text Domain Mismatch
#1055Blacklist Manager – WooCommerce Anti-Fraud, Blacklist & Checkout Verification312958762k+Missing nonce verification
#1056Web Push Notifications – Webpushr3116929310k+Output is not escaped
#1057Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets31837295100k+Unsafe printing function
#1058WCPOS – Point of Sale (POS) plugin for WooCommerce31752265k+Nonce verification recommended
#1059Discussion Board – WordPress Forum Plugin311051532k+Request data is not unslashed
#1060WP Simple Booking Calendar3133738020k+Output is not escaped
#1061WP Visitor Statistics (Real Time Traffic)3135369120k+Nonce verification recommended
#1062WP ULike – Like & Dislike Buttons for Engagement and Feedback3126935860k+Output is not escaped
#1063One to one user Chat by WPGuppy3174187700Non-prefixed global variable
#1064WPOrLogin – Custom Login, Social Login, Limit Attempts, Hide Login & reCAPTCHA314832172k+Unsafe printing function
#1065Zendesk Support for WordPress31195882k+Output is not escaped
#1066ActiveDEMAND321571611k+Output is not escaped
#1067Admin Menu Editor32159233300k+Non-prefixed global variable
#1068Advanced Access Manager – Access Governance for WordPress3284962100k+Output is not escaped
#1069All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier32325102600Missing Arg Domain
#1070annasta Filters for WooCommerce321,0734412k+Text Domain Mismatch
#1071Auto YouTube Importer323381731k+Text Domain Mismatch
#1072Speed Kit32296732k+Output is not escaped
#1073BuddyPress for LearnDash321902841k+Output is not escaped
#1074Child Theme Configurator32442267300k+Unsafe printing function
#1075Code Manager32217261500Nonce verification recommended
#1076Vimeotheque – Vimeo WordPress Plugin & Video Gallery326422642k+Unsafe printing function
#1077Contact Form Builder by vcita32666174700Text Domain Mismatch
#1078DHL eCommerce (Benelux) for WooCommerce322223302k+Nonce verification recommended
#1079Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection)325601985k+Text Domain Mismatch
#1080FA Lite – WP responsive slider plugin32726140500Unsafe printing function
#1081Freesoul Deactivate Plugins – Disable plugins on individual WordPress pages32537768k+Nonce verification recommended
#1082WP Gravity Forms HubSpot32771160600Text Domain Mismatch
#1083CRM Perks Integration for Gravity Forms and Salesforce328071781k+Text Domain Mismatch
#1084WP Gravity Forms Zoho CRM and Bigin32750174400Text Domain Mismatch
#1085Insights from Google PageSpeed3241447520k+Text Domain Mismatch
#1086Members – Membership & User Role Editor Plugin32233259300k+Output is not escaped
#1087WP Mobile Menu – The Mobile-Friendly Responsive Menu3299019570k+Output is not escaped
#1088Moyasar32539221700Text Domain Mismatch
#1089Notice Bar3295284700Non-prefixed global variable
#1090Opal Mega Menu32419119400Text Domain Mismatch
#1091Barion Payment Gateway for WooCommerce32671526k+Non-prefixed global variable
#1092Autopay dla WooCommerce329583900Output is not escaped
#1093PilotPress32150285900Output is not escaped
#1094Post and Page Builder by BoldGrid – Visual Drag and Drop Editor3234825850k+Output is not escaped
#1095Posti Shipping326641571k+Text Domain Mismatch
#1096Volunteer Sign Up Sheets329674011k+Output is not escaped
#1097Restrict Usernames Emails Characters323273671k+Output is not escaped
#1098Showcase IDX Real Estate Search & Lead Capture32123522k+Output is not escaped
#1099Simple Ajax Chat – Add a Fast, Secure Chat Box321082662k+Output is not escaped
#1100Sky Addons for Elementor32853512k+Non-prefixed namespace