Findings
- Generates PHP warnings
- SQL not escaped at the point of use in one case (document-repository.php line 617), but the values are easily identified as coming from an ID field in the database so seem unlikely to be a problem
Plugin inspection:
Document Repository
No issues found
Last revised:
Confidence: Medium
This plugin has been given a short, targeted code review.
We didn't find anything worrying in this plugin. It's probably safe. Read more about this recommendation.
Warnings
This recommendation applies to version 0.2.5 of this plugin, but the most recent version is 0.2.4.1. These findings may no longer be correct.
Failure criteria
- Execution of unprepared SQL statements
Read more about our failure criteria.