Security of plugin #8
Description
I found this URL.
https://coderisk.com/wp/plugin/favicon-rotator
Even though your score is in the green zone, it could be better.
I see lots of Directory Traversal on my website where they try to get to the config files and I do not want your plugin to be one of them.
Here an example which is not your plugin:
http://.../wp-content/plugins/abc-plugin/admin/import-export/download-content.php?file=..%2F..%2F..%2F..%2F..%2Fwp-config.php