Hello Tim,
i found your plugin in the WordPress repository (use it for some clients) and am very happy with it. Thank you very much!!!
I noticed a security hole thing that you could easily improve: the plugin does not sanitize the input.
What does it mean?
It is very easy to inject bad code via the plugin. Just add </script><script>
in one of the input fields. Then you can fill some JavaScript. This script will run on the browser of the user.
But this security thing is easy to fix. Just sanitize the input:
How to solve the problem?
Sanitizes the input with sanitize_post().
In this file:
websitescanner-custom-schema/admin/class-websitescanner-custom-schema-admin.php
Change line 97:
$data = $this->validate($_POST[$this->plugin_name]);
With this both lines:
$data = sanitize_post($_POST[$this->plugin_name], 'js');
$data = $this->validate($data);
Or just accept my pull request. :-)