Mixed content happens when a HTML page is loaded over secure HTTPS and one or more resource (images, stylesheets, scripts) is loaded over insecure HTTP. It makes your site less secure, may break some of your site visual and functionalities, and negatively affect your SEO.


Mixed content issues arise when sites deliver their pages over HTTPS, but allow some of the resources to be delivered in plaintext. The active network attacker can’t do anything about the encrypted traffic, but messing with the plaintext can result with attacks ranging from phishing in the best case to full browser compromise in the worst. A single exposed script is sufficient: the attacker can hijack the connection and inject arbitrary attack payloads into it.

Mixed content is certainly the easiest way to completely mess up your site encryption.


To understand the risk of mixed content warnings, read the article here.


Mixed content is very important to resolve, and Shield can't do this. 


You'll need to review what the mixed content is and what plugins/themes are causing this. To identify and fix mixed content on WordPress, you can use this tool:

https://www.whynopadlock.com