I recently discovered the “Plugin Inspector” – wordpress.org/plugins/plugin-inspector . It basically checks any plugin you have installed in your WordPress site, and gives a detailed report on any deprecated functions, security holes, and unsafe php functions, and ranks those security risks, as low, medium and high.
I am shocked to see how many plugins from the WordPress.org repository have security issues. I’m not talking about the plugins that are abandoned years ago, but recently updated. How low are the standards to have a plugin posted over there? I’m sure things will be much worse outside the repository, just like the themes.
Talking about themes, just visit the themecheck.org website, just to realize how much “bad coding practices” there is out there, while charging premium prices for them.
Trevor should feel extremely proud that our generated code is up to the WordPress standards.