YITH WooCommerce Product Add-Ons

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_defaults".

Mismatched text domain. Expected 'yith-woocommerce-product-add-ons' but got 'woocommerce'.

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'woocommerce_settings_' . sanitize_title( $field['id'] )".

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

Detected usage of a non-sanitized input variable: $_GET['term']

$_POST['currency'] not unslashed before sanitization. Use wp_unslash() or similar

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$block'.

Use of a direct database call is discouraged.

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

Use placeholders and $wpdb->prepare(); found interpolated variable $addons_table_name at "SHOW TABLES LIKE '$addons_table_name'"

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "YIT_Plugin_Licence".

Unescaped parameter $addons_table_name used in $wpdb->get_var()\n$addons_table_name assigned unsafely at line 246.

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "YIT_Ajax".

Attempting a database schema change is discouraged.

Detected usage of a possibly undefined superglobal array index: $_POST['data']['options_default_price']. Check that the array index exists before using it.

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$deprecated_filters[ $filter ]".

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "DOING_YITH_BH_ONBOARDING".

Processing form data without nonce verification.

Missing $domain parameter in function call to __().

Use placeholders and $wpdb->prepare(); found $alter_block_query

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$response'.

Processing form data without nonce verification.

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

The plugin name includes a restricted term. Your chosen plugin name - "YITH WooCommerce Product Add-Ons" - contains the restricted term "woocommerce" which cannot be used within in your plugin name, unless your plugin name contains one of the allowed patterns: "for woocommerce", "with woocommerce", "using woocommerce", or "and woocommerce". The term must still not appear anywhere else in your name.

Unescaped parameter $alter_block_query used in $wpdb->query()\n$alter_block_query assigned unsafely at line 364.