Some code feedback from Plugin Inspector
I am running some tests on my site and found a few deprecated functions and recommendations for the BuddyPress plugin:
Unsafe/buddypress/bp-groups/bp-groups-actions.php view source base64_decode at line 141: $bp->groups->completed_create_steps = json_decode( base64_decode( stripslashes( $_COOKIE['bp_completed_create_steps'] ) ) ); Potential risk: High. Decode data encoded with MIME base64. May be used to obfuscate (hide) malicious code. Often paired with eval function to execute malicious code.
DeprecatedUnsafe/buddypress/bp-forums/bbpress/bb-includes/functions.bb-core.php view source force_ssl_login at line 566: ( ( $context & BB_URI_CONTEXT_BB_USER_FORMS ) && force_ssl_login() ) // Force https when required on user forms Deprecated 4.4.0 Use force_ssl_admin()
For a full report, I suggest you take a look at Plugin Inspector – https://wordpress.org/plugins/plugin-inspector/
- You must be logged in to reply to this topic.