Security Issues Audited

WP Force SSL & HTTPS SSL Redirect

by WebFactory · 90,000 active installations · v1.68

0
critical
1
high
5320
medium
1318
low
0
info
6639 total findings · ai, phpcs, semgrep ·⚠ Contains security findings — details embargoed until disclosure deadline

⏱ Disclosure Timeline

Audited & Notified
May 12, 2026
Security Summary (Day 30)
Jun 11, 2026
Full Disclosure (Day 90)
Aug 10, 2026

🔒 Security Findings

13 issues
🔒

Security Findings — Restricted Access

Security details are shared with the plugin developer during the 90-day disclosure period.
If you received a notification email, use the magic link or enter your password below.

Embargoed until Aug 10, 2026

Are you the plugin developer? Request access →

Enter your name and email and we'll review your request.

PHP_CodeSniffer

6626 coding standard violations
What is PHP_CodeSniffer?

PHP_CodeSniffer (PHPCS) is a static analysis tool that checks your PHP code against a set of coding standards. The violations below were caught using the WordPress Coding Standards ruleset — the official style guide for WordPress plugins. These aren't security issues, but they affect code consistency, readability, and long-term maintainability.

Run it yourself & auto-fix

Install PHPCS and the WordPress ruleset via Composer:

composer require --dev squizlabs/php_codesniffer wp-coding-standards/wpcs
./vendor/bin/phpcs --config-set installed_paths vendor/wp-coding-standards/wpcs

Then check your plugin:

./vendor/bin/phpcs --standard=WordPress wp-force-ssl/

Many violations can be fixed automatically with phpcbf (PHP Code Beautifier, bundled with PHPCS):

./vendor/bin/phpcbf --standard=WordPress wp-force-ssl/

phpcbf will auto-fix whitespace, indentation, and many formatting issues. Review the diff before committing.

6626 violations found — run PHPCS locally (see above) to view the full list.