WordPress Plugin Review Errors Caused by Redux Framework – Need Guidance

Hello Redux Team,

During the WordPress plugin review process for my plugin, the reviewer flagged multiple issues related to how Redux Framework (bundled inside my plugin) handles script/style output, file paths, outdated libraries, and beta versions. I want to confirm whether these are known behaviors/configurations within Redux, or whether I should modify/override the Framework on my end.

Below is the clean summary of all concerns raised:
1. Inline <script> and <style> tags inside Redux files

The reviewer flagged multiple occurrences where Redux outputs inline JavaScript or CSS using direct echo statements instead of using:

• wp_enqueue_script() + wp_add_inline_script()
• wp_enqueue_style() + wp_add_inline_style()

Examples flagged from Redux:

admin/redux-core/inc/classes/class-redux-output.php:324 → <style> admin/redux-core/inc/welcome/class-redux-welcome.php:216 → <script> inc/cpt.class.php:98 → <script> admin/demo-import/class-demo-importer.php:31 → <script> admin/redux-core/inc/classes/class-redux-admin-notices.php:144 → <script> admin/redux-core/inc/fields/section/class-redux-section.php:85 → <script type="text/javascript"> admin/redux-core/inc/extensions/options_object/options_object/class-redux-options-object.php:88 → <style> admin/metabox/metaboxes/meta_box.php:813 → <script type="text/javascript">

The reviewer is asking for all inline JS/CSS to use the proper WordPress enqueue APIs.

Question:
Is this the expected behavior for Redux? Or does Redux provide hooks/filters that I can use to force all inline output to be enqueued properly?

2. File writing paths must use wp_upload_dir()

Reviewers flagged that Redux references /uploads/ directly in error/warning messages:

Examples:

admin/redux-core/inc/classes/class-redux-filesystem.php:435 admin/redux-core/inc/classes/class-redux-filesystem.php:171

They require that all file operations use:

$upload_path = wp_upload_dir()['basedir'] . '/zozo-portfolio/';

Question:
Does Redux internally handle file writes using the correct WordPress functions, and these messages are simply text strings? Or should these be overridden?

3. Direct use of $_POST inside loops without sanitization

Examples flagged:

admin/redux-core/inc/extensions/taxonomy/redux-taxonomy-helpers.php:23 admin/demo-import/class-wp-import.php:356 admin/redux-core/inc/extensions/color_scheme/class-redux-extension-color-scheme.php:473–599 admin/redux-core/inc/extensions/users/class-redux-extension-users.php:1026–1099

Reviewers warn about using $_POST inside foreach loops without sanitation or nonce checks.

Question:
Are these internal Redux operations expected, and should I leave them untouched?

4. Using Beta Library Versions

Reviewers flagged the presence of Parsedown 1.8.0-beta-7:

admin/redux-core/inc/fields/raw/parsedown.php

They require stable versions unless there’s a technical need for beta.

Question:
Is Redux intentionally shipping Parsedown beta, or should this be replaced?

5. Outdated 3rd-party libraries

Reviewers flagged:

wp-color-picker-alpha.js → Version 3.0.0 (outdated) redux-sortable.js → uses SortableJS (outdated)

They request upgrading to the latest stable version.

Question:
Does Redux maintain its own pinned vendor versions, or should I manually update these for compliance?