$content.=$br.wp_kses(sprintf(_n('We have found <strong style="color:red;">%s suspicious account</strong> created on your site via Ultimate Member Forms.','We have found <strong style="color:red;">%s suspicious accounts</strong> created on your site via Ultimate Member Forms.',$suspicious_accounts_count,'ultimate-member'),$suspicious_accounts_count),UM()->get_allowed_html('admin_notice'));
$content.=$br.wp_kses(__('We\'ve temporarily disabled the suspicious account(s) for you to <strong>take actions</strong>.','ultimate-member'),UM()->get_allowed_html('admin_notice'));
$content.=$br.$br.wp_kses(sprintf(_n('Also, We\'ve found <strong style="color:red;">%s account</strong>','Also, We\'ve found <strong style="color:red;">%s accounts</strong>',$might_affected_users->get_total(),'ultimate-member'),$might_affected_users->get_total()),UM()->get_allowed_html('admin_notice'));
// translators: %s account creation date
$content.=' '.wp_kses(sprintf(_n('created on %s when the suspicious account was created.','created on %s when the suspicious accounts were created.',$suspicious_accounts_count,'ultimate-member'),$date_registered),UM()->get_allowed_html('admin_notice'));
$content.=$br.'<div style="padding:10px; border:1px solid #ccc;">'.wp_kses(__('<strong style="color:red">WARNING:</strong> Ensure that you\'ve created a full backup of your site as your restoration point before changing anything on your site with our recommendations.','ultimate-member'),UM()->get_allowed_html('admin_notice')).'</div>';
$content.=$br.esc_html__('1. Please temporarily lock all your active Register forms.','ultimate-member');
$content.=' <a href="'.esc_attr($lock_register_forms_url).'" target="_blank">'.esc_html__('Click here to lock them now.','ultimate-member').'</a>';
$content.=' '.esc_html__('You can unblock the Register forms later. Just go to Ultimate Member > Settings > Secure > uncheck the option "Lock All Register Forms".','ultimate-member');
$content.=esc_html__('3. If accounts are suspicious to you, please destroy all user sessions to logout active users on your site.','ultimate-member');
$content.=' <a href="'.esc_attr($destroy_all_sessions_url).'" target="_blank">'.esc_html__('Click here to Destroy Sessions now','ultimate-member').'</a>';
$content.=esc_html__('5. Force users to Reset their Passwords.','ultimate-member');
$content.=' <a target="_blank" href="'.esc_attr($reset_pass_sessions_url).'">'.esc_html__('Click here to enable this option','ultimate-member').'</a>.';
$content.=' '.esc_html__('When this option is enabled, users will be asked to reset their passwords(one-time) on the next login in the UM Login form.','ultimate-member');
$content.=esc_html__('6. Once your site is secured, please create or enable Daily Backups of your server/site. You can contact your hosting provider to assist you on this matter.','ultimate-member');
$content.=$br.$br.'<strong>'.esc_html__('Review & Resolve Issues with Site Health Check tool','ultimate-member').'</strong>';
$content.=$br.esc_html__('Site Health is a tool in WordPress that helps you monitor how your site is doing. It shows critical information about your WordPress configuration and items that require your attention.','ultimate-member');
// translators: %d issue in the Site Health status
$content.=$br.$flag.esc_html(sprintf(_n('There\'s %d issue in the Site Health status','There are %d issues in the Site Health status',$site_health_issues_total,'ultimate-member'),$site_health_issues_total));
$content.=': <a target="_blank" href="'.admin_url('site-health.php').'">'.esc_html__('Review Site Health Status','ultimate-member').'</a>';
$content.=$br.$flag.wp_kses(__('The default WordPress Register form is enabled. If you\'re getting Spam User Registrations, we recommend that you enable a Challenge-Response plugin such as our <a href="https://wordpress.org/plugins/um-recaptcha/" target="_blank">Ultimate Member - Google reCAPTCHA</a> extension.','ultimate-member'),UM()->get_allowed_html('admin_notice'));
$content.=$br.esc_html__('We\'ve removed the assignment of administrative roles for Register forms due to vulnerabilities in previous versions of the plugin. If your Register forms still have Administrative roles, we recommend that you assign a non-admin roles to secure the forms.','ultimate-member').$br;
$content.=$br.$flag.wp_kses(__('You are not blocking email addresses or disposable email domains that are mostly used for Spam Account Registrations. You can get the list of disposable email domains with our basic extension <a href="https://docs.ultimatemember.com/article/1870-block-disposable-email-domains" target="_blank">Block Disposable Email Domains</a>.','ultimate-member'),UM()->get_allowed_html('admin_notice'));
$content.=$br.$flag.esc_html(sprintf(_n('We have found %d user account','We have found %d user accounts',$count_users,'ultimate-member'),$count_users));
// translators: %d count of banned capabilities
$content.=sprintf(_n(' affected by %d capability selected in the Banned Administrative Capabilities.',' affected by one of the %d capabilities selected in the Banned Administrative Capabilities.',$count_flagged_caps,'ultimate-member'),$count_flagged_caps);
$content.=$br.$br.esc_html__('The flagged capabilities are related to the following roles: ','ultimate-member').$br.' - '.implode('<br/> - ',array_values($affected_roles));
// translators: %s is the role settings URL
$content.=$br.$br.wp_kses(sprintf(__('The affected user accounts will be flagged as suspicious when they update their Profile/Account. If you are not using these capabilities, you may remove them from the roles in the <a target="_blank" href="%s">User Role settings</a>.','ultimate-member'),admin_url('admin.php?page=um_roles')),UM()->get_allowed_html('admin_notice'));
// translators: %s is the plugins page URL
$content.=' '.wp_kses(sprintf(__('If the roles are not created via Ultimate Member > User Roles, you can use a <a href="%s" target="_blank">third-party plugin</a> to modify the role capability.','ultimate-member'),admin_url('plugin-install.php?s=User%2520Role%2520Editor%2520WordPress%2520&tab=search&type=term')),UM()->get_allowed_html('admin_notice'));
$content.=$br.$br.esc_html__('We strongly recommend that you never assign roles with the same capabilities as your administrators for your members/users and that may allow them to access the admin-side features and functionalities of your WordPress site.','ultimate-member');
$content.=$br.$check.esc_html__('Roles & Capabilities are all secured. No users are using the same capabilities as your administrators.','ultimate-member');
$content.=$br.$flag.esc_html__('We recommend that you enable and require "Strong Password" feature for all the Register, Reset Password & Account forms.','ultimate-member');
$content.=$br.' <a href="'.admin_url('admin.php?page=um_options§ion=users').'" target="_blank" >'.esc_html__('Click here to enable.','ultimate-member').'</a>';
$content.=$br.$flag.esc_html__('Your site cannot provide a secure connection. Please contact your hosting provider to enable SSL certifications on your server.','ultimate-member');
$content.=$br.$flag.wp_kses(__('We recommend that you install and enable <a href="https://wordpress.org/plugins/um-recaptcha/" target="_blank">Ultimate Member - Google reCAPTCHA</a> to your Reset Password, Login & Register forms.','ultimate-member'),UM()->get_allowed_html('admin_notice'));
$content.=$br.' '.wp_kses(__('- Reset Password Form\'s Google reCAPTCHA is <strong>enabled</strong>','ultimate-member'),UM()->get_allowed_html('admin_notice')).' '.$check;
}else{
$content.=$br.' '.wp_kses(__('- Reset Password Form\'s Google reCAPTCHA is <strong>disabled</strong>','ultimate-member'),UM()->get_allowed_html('admin_notice')).' '.$flag;
$content.=$br.$br.'<strong>'.esc_html__('Keep Themes & Plugins up to date.','ultimate-member').'</strong>';
$content.=$br.esc_html__('It is important that you update your themes/plugins if the theme/plugin creators update is aimed at fixing security, bug and vulnerability issues. It is not a good idea to ignore available updates as this may give hackers an advantage when trying to access your website.','ultimate-member');
$content.=$br.$br.$flag.sprintf(_n('There\'s %d plugin that requires an update.','There are %d plugins that require updates',count($update_plugins->response),'ultimate-member'),count($update_plugins->response)).' <a target="_blank" href="'.admin_url('update-core.php').'">'.esc_html__('Update Plugins Now','ultimate-member').'</a>';
$content.=$br.$br.$flag.sprintf(_n('There\'s %d theme that requires an update.','There are %d themes that require updates',count($update_plugins->response),'ultimate-member'),count($update_plugins->response)).' <a target="_blank" href="'.admin_url('update-core.php').'">'.esc_html__('Update Themes Now','ultimate-member').'</a>';
$content.=$br.$br.$flag.esc_html__('There\'s a new version of WordPress.','ultimate-member').' <a target="_blank" href="'.admin_url('update-core.php').'">'.esc_html__('Update WordPress Now','ultimate-member').'</a>';
$content.=$br.$br.wp_kses(__('That\'s all. If you have any recommendation on how to secure your site or have questions, please contact us on our <a href="https://ultimatemember.com/feedback/" target="_blank">feedback page</a>.','ultimate-member'),UM()->get_allowed_html('admin_notice'));
