Code Risk

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author WPKube

    (@wpkube)

    Hi @askel45

    We’re not aware of any issues at the moment, so it’s most likely false positives since CodeRisks works by scanning the code and marking what is assumes as a risk.

    But we’ll verify as plugin owners and see their reports. Will notify you of what we find out.

    Thread Starter Karis

    (@askel45)

    @wpkube okay, thanks.

    Plugin Author WPKube

    (@wpkube)

    Hi @askel45

    It reports a low severity issue.

    It’s due to the usage of PHP mail function (which is used if the “Use PHP’s mail() instead of WP’s wp_mail()” option in the plugin settings is enabled).

    It reports that the $_POST data used in mail() is not sanitized. It is sanitized, so no need to worry about.

    And I’m assuming you don’t have the option I mentioned enabled, it’s only if for some reason wp_mail() does not work which isn’t often. So that part of the code isn’t executed at all.

    Thread Starter Karis

    (@askel45)

    Thanks for the explanation. I don’t have the option enabled either way. Cheers!

    Plugin Author WPKube

    (@wpkube)

    You’re welcome @askel45

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Code Risk’ is closed to new replies.