-
Michael started the question Inspecting Code Quality using Plugin Inspector in the forum Social Learner 8 years ago
Hi guys,
I am testing various plugins on my site. Here is some feedback for Boss for LearnDash 1.0.8:
Unsafe/boss-learndash/includes/buddyboss-plugin-updater.php view source
wp_remote_post at line 43:
$raw_response = wp_remote_post( $this->api_url, $request_string );
Potential risk: Medium. Upload or download data from/to any web server. May be used to load malicious code from the external source. You can prevent that using constant WP_HTTP_BLOCK_EXTERNAL or restrict hosts with WP_ACCESSIBLE_HOSTS constant.wp_remote_post at line 81:
$raw_response = wp_remote_post( $this->api_url, $request_string );
Potential risk: Medium. Upload or download data from/to any web server. May be used to load malicious code from the external source. You can prevent that using constant WP_HTTP_BLOCK_EXTERNAL or restrict hosts with WP_ACCESSIBLE_HOSTS constant.For a full report I suggest you to install Plugin Inspector – https://wordpress.org/plugins/plugin-inspector/
Best regards,
Michael