FILE: providers/class-two-factor-email.php ---------------------------------------------------------------------- FOUND 0 ERRORS AND 2 WARNINGS AFFECTING 2 LINES ---------------------------------------------------------------------- 299 | WARNING | Processing form data without nonce verification. | | (WordPress.Security.NonceVerification.Recommended) 316 | WARNING | Processing form data without nonce verification. | | (WordPress.Security.NonceVerification.Recommended) ---------------------------------------------------------------------- FILE: providers/class-two-factor-backup-codes.php ---------------------------------------------------------------------- FOUND 2 ERRORS AFFECTING 1 LINE ---------------------------------------------------------------------- 307 | ERROR | Processing form data without nonce verification. | | (WordPress.Security.NonceVerification.Missing) 307 | ERROR | Processing form data without nonce verification. | | (WordPress.Security.NonceVerification.Missing) ---------------------------------------------------------------------- FILE: providers/class-two-factor-fido-u2f-admin.php ---------------------------------------------------------------------- FOUND 2 ERRORS AND 4 WARNINGS AFFECTING 3 LINES ---------------------------------------------------------------------- [24](https://github.com/WordPress/two-factor/runs/5678917495?check_suite_focus=true#step:8:24)0 | WARNING | Detected usage of a non-sanitized input variable: | | $_POST['u2f_response'] | | (WordPress.Security.ValidatedSanitizedInput.InputNotSanitized) 240 | ERROR | Detected usage of a possibly undefined superglobal | | array index: $_POST['u2f_response']. Use isset() or | | empty() to check the index exists before using | | it | | (WordPress.Security.ValidatedSanitizedInput.InputNotValidated) [27](https://github.com/WordPress/two-factor/runs/5678917495?check_suite_focus=true#step:8:27)7 | WARNING | Processing form data without nonce verification. | | (WordPress.Security.NonceVerification.Recommended) 885 | WARNING | Processing form data without nonce | | verification. | | (WordPress.Security.NonceVerification.Recommended) 885 | WARNING | Detected usage of a non-sanitized input variable: | | $_REQUEST['redirect_to'] | | (WordPress.Security.ValidatedSanitizedInput.InputNotSanitized) 885 | ERROR | Detected usage of a possibly undefined superglobal | | array index: $_REQUEST['redirect_to']. Use isset() | | or empty() to check the index exists before using | | it | | (WordPress.Security.ValidatedSanitizedInput.InputNotValidated) 885 | WARNING | Processing form data without nonce | | verification. | | (WordPress.Security.NonceVerification.Recommended) 885 | WARNING | Detected usage of a non-sanitized input variable: | | $_REQUEST['redirect_to'] | | (WordPress.Security.ValidatedSanitizedInput.InputNotSanitized) 885 | ERROR | Detected usage of a possibly undefined superglobal | | array index: $_REQUEST['redirect_to']. Use isset() | | or empty() to check the index exists before using | | it | | (WordPress.Security.ValidatedSanitizedInput.InputNotValidated) 1024 | WARNING | Detected usage of a non-sanitized input variable: | | $_POST[self::ENABLED_PROVIDERS_USER_META_KEY] | | (WordPress.Security.ValidatedSanitizedInput.InputNotSanitized) 10[31](https://github.com/WordPress/two-factor/runs/5678917495?check_suite_focus=true#step:8:31) | WARNING | Detected usage of a non-sanitized input variable: | | $_POST[self::PROVIDER_USER_META_KEY] | | (WordPress.Security.ValidatedSanitizedInput.InputNotSanitized) 10[46](https://github.com/WordPress/two-factor/runs/5678917495?check_suite_focus=true#step:8:46) | WARNING | Processing form data without nonce | | verification. | | (WordPress.Security.NonceVerification.Recommended) ----------------------------------------------------------------------