Hubbub Lite – Fast, free social sharing and follow buttons

Mismatched text domain. Expected 'social-pug' but got 'mediavine'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args['avatar']'.

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$active_plugins".

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

Short PHP opening tag used with echo; expected "<?php echo $count_networks_missing ..." but found "<?= $count_networks_missing ..."

Processing form data without nonce verification.

Detected usage of a non-sanitized input variable: $_GET[&#039;dpsp-tab&#039;]

$_GET[&#039;dpsp-tab&#039;] not unslashed before sanitization. Use wp_unslash() or similar

Detected usage of a possibly undefined superglobal array index: $_GET[&#039;dpsp_list_attention_search&#039;]. Check that the array index exists before using it.

Missing $domain parameter in function call to __().

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;gettext&quot;.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Invalid message type: {$type}."'.

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

The $text parameter must be a single text string literal. Found: 'A valid Hubbub Pro license key is required to update the plugin. Please add your license key in <a href="' . admin_url( 'admin.php?page=dpsp-settings' ) . '">Hubbub > Settings</a> and try again.'

Scripts must be registered/enqueued via wp_enqueue_script()

wp_redirect() found. Using wp_safe_redirect(), along with the &quot;allowed_redirect_hosts&quot; filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.

Resource version not set in call to wp_register_script(). This means new versions of the script may not always be loaded due to browser caching.

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: &quot;General_Settings&quot;.

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: &quot;HUBBUB_VERSION&quot;.

error_log() found. Debug code should not normally be used in production.

No PHP code was found in this file and short open tags are not allowed by this install of PHP. This file may be using short open tags but PHP does not allow them.

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.