Login & Register Customizer – Popup | Slider | Inline | WooCommerce

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$classes'.

Processing form data without nonce verification.

$_COOKIE['xoo_user_ip_data'] not unslashed before sanitization. Use wp_unslash() or similar

Function "array_is_list()" requires WordPress 6.5.0, but your plugin minimum supported version is WordPress 3.0.1.

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

Detected usage of a non-sanitized input variable: $_COOKIE['xoo_user_ip_data']

Detected usage of a possibly undefined superglobal array index: $_FILES[$field_id]['name']. Check that the array index exists before using it.

Processing form data without nonce verification.

The $domain parameter must be a single text string literal. Found: $this->plugin_slug

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

The $text parameter must be a single text string literal. Found: $args['description']

No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.

Missing $domain parameter in function call to __().

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in '%s cannot be more than %s.'.

Mismatched text domain. Expected 'easy-login-woocommerce' but got 'mobile-login-woocommerce'.

The plugin name includes a restricted term. Your chosen plugin name - "Login & Register Customizer – Popup | Slider | Inline | WooCommerce" - contains the restricted term "woocommerce" which cannot be used within in your plugin name, unless your plugin name contains one of the allowed patterns: "for woocommerce", "with woocommerce", "using woocommerce", or "and woocommerce". The term must still not appear anywhere else in your name.

Found call to wp_enqueue_script() with external resource. Offloading scripts to your servers or any remote service is disallowed.

rand() is discouraged. Use the far less predictable wp_rand() instead.

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

The use of function _cleanup_header_comment() is forbidden

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

Sanitization missing for register_setting().

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.