Emailed Author: There are issues with your plugin code
## Calling file locations poorly
The way your plugin is referencing other files is not going to work with all setups of WordPress.
"window_url" => "wp-content/plugins/slick-tab/templates/Subscribe.php",
When you hardcode in paths, or assume that everyone has WordPress in the root of their domain, you cause anyone using 'Giving WordPress it's own directory' (a VERY common setup) to break. In addition, WordPress allows users to change the name of wp-content, so you would break anyone who choses to do so.
Please review http://codex.wordpress.org/Determining_Plugin_and_Content_Directories and update your plugin accordingly. And don't worry about supporting WordPress 2.x or lower. We don't encourage it nor expect you to do so, so save yourself some time and energy.
## Calling files remotely
"picture_url" => "http://s.wp.com/wp-content/themes/h4/i/logo-v-rgb.png",
Yes, we know it's from wp.com. We still don't want it.
Offloading images, js, css, cgi, and other scripts to Google (or jquery.com or anywhere else frankly) is disallowed because you're introducing an unnecessary dependency on another site. If the file you're trying to use isn't a part of WordPress Core, then you should include it -locally- in your plugin, not remotely. If the file IS included in WordPress core, please call that instead.
The one exception to this rule is if your plugin is performing a service. We will permit this on a case by case basis, however since this can be confusing, we have some examples of what are not permitted:* Offloading jquery CSS files to Google - You should include the CSS in your plugin.
* Inserting an iframe with a help doc - A link, or including the docs in your plugin is preferred.
* Calling images from your own domain - They should be included in your plugin.
Here are some examples of what we would permit:
* API calls back to your server to process possible spam comments (like Akismet)
* Offloading comments to your own servers (like Disqus)
* oEmbed calls to a service provider (like Twitter or YouTube)
Please remove this dependency from your plugin and, if possible, include all files within the plugin (that is not called remotely). If instead you feel you ARE providing a service, please re-write your readme.txt in a manner that explains the service, the servers being called, and if any account is needed to connect.
## Calling core loading files directly
Including wp-config.php, wp-blog-header.php, wp-load.php, or pretty much any other WordPress core file that you have to call directly via an include is not a good idea and we cannot approve a plugin that does so unless it has a very good reason to load the file(s). It is prone to failure since not all WordPress installs have the exact same file structure.
Usually plugins will include wp-config.php or wp-load.php in order to gain access to core WordPress functions, but there are much better ways to do this. It's best if you tie your processing functions (the ones that need but don't have access to core functions) into an action hook, such as "init" or "admin_init".
Please consult the Plugins API reference for more information: http://codex.wordpress.org/Plugin_API
If you're trying to use AJAX, please read this: http://codex.wordpress.org/AJAX_in_Plugins
For other possibilities, or to better understand why we disallow this, read this: http://ottopress.com/2010/dont-include-wp-load-please/
If you're trying to use it because you need to access WordPress functions outside of WordPress, we'd actually much rather you didn't do that at all. Your plugin should be inside WordPress, only accessible to people who are logged in and authorized, if it needs that kind of access. Your plugin's pages should be called via the dashboard like all the other settings panels, and in that way, they'll always have access to WordPress functions.
When you've corrected your code, reply to this email with the updated code attached as a zip, or provide a link to the new code for us to review.