Elementor Website Builder – more than just a page builder

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$filter_name".

Sample message

Detected usage of meta_value, possible slow query.

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "BFITHUMB_UPLOAD_DIR".

Sample message

error_log() found. Debug code should not normally be used in production.

Sample message

Unescaped parameter $column used in $wpdb->get_row()\n$column assigned unsafely at line 317.

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "BFI_Class_Factory".

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bfi_image_downsize".

Sample message

Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: rmdir().

Sample message

query_posts() is discouraged. Use WP_Query instead.

Sample message

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

Sample message

Found call to wp_register_script() with external resource. Offloading scripts to your servers or any remote service is disallowed.

Sample message

trigger_error() found. Debug code should not normally be used in production.

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the &quot;allowed_redirect_hosts&quot; filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.