Buttonizer – Social Media Share Buttons, Social Icons, & Social Feeds

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<script>window.location.href='{$clean_url}';</script>"'.

Mismatched text domain. Expected 'facebook-pagelike-widget' but got "social-feeds-for-wordpress".

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;$class_map&quot;.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

Processing form data without nonce verification.

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

The $domain parameter must be a single text string literal. Found: $textDomain

$_GET[&#039;action&#039;] not unslashed before sanitization. Use wp_unslash() or similar

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Failed loading manifest: $errorMessage"'.

Detected usage of a non-sanitized input variable: $_GET[&#039;action&#039;]

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

The use of function ini_set() is discouraged

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;wpml_current_language&quot;.

wp_redirect() found. Using wp_safe_redirect(), along with the &quot;allowed_redirect_hosts&quot; filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

Detected usage of a possibly undefined superglobal array index: $_POST[&#039;feed_name&#039;]. Check that the array index exists before using it.

Function "get_block_wrapper_attributes()" requires WordPress 5.6.0, but your plugin minimum supported version is WordPress 4.7.0.

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: &quot;facebook_widget&quot;.

error_reporting() can lead to full path disclosure.

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

Scripts must be registered/enqueued via wp_enqueue_script()

The "Short Description" section is too long and was truncated. A maximum of 150 characters is supported.

The plugin slug includes a restricted term. Your plugin slug - "facebook-pagelike-widget" - contains the restricted term "facebook" which cannot be used at all in your plugin slug.

The upgrade notice exceeds the limit of 300 characters.