Plz help :)


  1. md5() is cryptographically broken and should not be used:

  2. Data Validation issues have been found. Do a global search for “echo $”.

All dynamic data must be correctly escaped for the context where it is rendered.

  1. Sanitize ALL input data:
  1. you should use Good Password Hashing Functions
  2. you should validate and escape all data before render. To escape the output you can use the PHP function htmlentities().
    echo htmlentities($mydata, ENT_QUOTES, ‘UTF-8’);
  3. page = filter_var(_POST[‘page’], FILTER_SANITIZE_STRING);
    you can check Sanitization in google search.

you need to use functions like esc_html() and sanitize_text_field()