WordPress.Security.SafeRedirect.wp_redirect_wp_redirect

wp redirect wp redirect

Plugin Check reported a security-sensitive coding pattern that needs review.

critical weight

Why It Shows Up

The finding came from a security-focused WordPress coding standard or Plugin Check rule.

Why It Matters

Security findings often involve trust boundaries: request input, browser output, redirects, database access, capabilities, or filesystem behavior.

How to Fix

  • Identify the untrusted value or privileged action involved.
  • Add validation, sanitization, escaping, nonce checks, capability checks, or prepared SQL as appropriate.
  • Rerun Plugin Check after the code path is fixed.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#1451Encyclopedia / Glossary / Wiki37263481k+Output is not escaped
#1452Gmail SMTP37857110k+Unsafe printing function
#1453GHL Gravity Bridge – Send Gravity Forms leads to GHL CRM3759269600Direct Query
#1454GoPay for WooCommerce37661031k+Non-prefixed global variable
#1455GS Portfolio for Envato37155754k+Text Domain Mismatch
#1456Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder378311320k+SQL query is not prepared
#1457Horizontal scrolling announcements372151408k+Output is not escaped
#1458HT Builder – WordPress Theme Builder for Elementor3714241900Output is not escaped
#1459HT Menu – WordPress Mega Menu Builder for Elementor37300603k+Text Domain Mismatch
#1460Humans TXT3715986400Output is not escaped
#1461Image Optimizer by 10web – Image Optimizer and Compression plugin37244453k+Text Domain Mismatch
#1462LH Archived Post Status37150643k+Text Domain Mismatch
#1463Max Mega Menu37249174300k+Output is not escaped
#1464Meks Video Importer37622392k+Input is not sanitized
#1465Monobank WP Payment3778411k+Text Domain Mismatch
#1466Ninja Van (MY)37212581k+Non-prefixed global variable
#1467Off-Canvas Sidebars & Menus (Slidebars)37457121k+Non Singular String Literal Domain
#1468WP All Export – Order Export for WooCommerce371091113k+Text Domain Mismatch
#1469Phoenix Media Rename3717510450k+Output is not escaped
#1470POEditor3778140500Output is not escaped
#1471Poptics – Popup Builder, Email Opt-ins, Exit-Intent & WooCommerce Popups Sales3759642k+SQL query is not prepared
#1472Product page shipping calculator for WooCommerce372171171k+Text Domain Mismatch
#1473PublishPress Statuses – Custom Post Status and Workflow37231781k+Missing Arg Domain
#1474Quantities and Units for WooCommerce371331181k+Output is not escaped
#1475rapidmail: Newsletter & E-Mail Marketing for WooCommerce377947400Text Domain Mismatch
#1476Rich Table of Contents372625720k+Output is not escaped
#1477Send PDF for Contact Form 737223089k+Non-prefixed global variable
#1478SendWP37474210k+Output is not escaped
#1479Sezzle Woocommerce Payment371081051k+Text Domain Mismatch
#1480Site Offline Or Coming Soon Or Maintenance Mode3712713830k+Unsafe printing function
#1481Theme Builder For Elementor37477282k+Text Domain Mismatch
#1482Landing Page Builder – Free Landing Page Templates37329111600Output is not escaped
#1483UsersWP – Social Login37299912k+Text Domain Mismatch
#1484Varnish/Nginx Proxy Caching3728736600Output is not escaped
#1485Featured Video for WordPress – VideographyWP37287931k+Unsafe printing function
#1486Conditional Discounts for WooCommerce – A simple yet complete woocommerce dynamic pricing plugin37993310k+Text Domain Mismatch
#1487Piraeus Bank WooCommerce Payment Gateway371461043k+Non Singular String Literal Domain
#1488Viva Payments – Viva Wallet WooCommerce Payment Gateway3733331k+curl curl setopt
#1489SUMIT Payment Gateway for WooCommerce37358741k+Text Domain Mismatch
#1490WPForce Logout – WordPress User Login Logout Management Plugin37567328k+Output is not escaped
#1491Persistent Login373381086k+Unsafe printing function
#1492ReCaptcha Integration for WordPress3760669k+Output is not escaped
#1493TopNewsWp – Display Tikcer News, RSS Feed Widget and Many More3787859800Output is not escaped
#1494WPO365 | MICROSOFT 365 GRAPH MAILER371128310k+Text Domain Mismatch
#1495YOURLS Link Creator3719639500Text Domain Mismatch
#1496Zakeke Interactive Product Designer for WooCommerce371861782k+Nonce verification recommended
#1497Admin Bar & Dashboard Access Control3894373k+Text Domain Mismatch
#1498AdRoll for WooCommerce Stores384025600Output is not escaped
#1499Advanced 301 and 302 Redirect38813391k+Non-prefixed global variable
#1500Announce from the Dashboard38138247k+Non Singular String Literal Domain