Unescaped parameter $agent_clause used in $wpdb->get_results("SELECT * FROM $wpdb->ppc_exception_items AS i"\n . " INNER JOIN $wpdb->ppc_exceptions AS e ON i.exception_id = e.exception_id"\n . " WHERE $agent_clause eitem_id IN ('$eitem_id_csv') $mod_type_clause")\n$agent_clause assigned unsafely at line 314:\n $agent_clause = "e.agent_type = '$agent_type' AND e.agent_id = '$agent_id' AND"\n$eitem_id_csv assigned unsafely at line 25:\n $eitem_id_csv = implode("', '", array_map('intval', $eitem_ids))\n$agent_type assigned unsafely at line 25:\n $agent_type = PWP::GET_key('agent_type')\n$agent_id assigned unsafely at line 26:\n $agent_id = PWP::GET_int('agent_id')
Unescaped parameter $agent_clause used in $wpdb->get_results("SELECT * FROM $wpdb->ppc_exception_items AS i"\n . " INNER JOIN $wpdb->ppc_exceptions AS e ON i.exception_id = e.exception_id"\n . " WHERE $agent_clause eitem_id IN ('$eitem_id_csv')")\n$agent_clause assigned unsafely at line 257:\n $agent_clause = "e.agent_type = '$agent_type' AND e.agent_id = '$agent_id' AND"\n$eitem_id_csv assigned unsafely at line 25:\n $eitem_id_csv = implode("', '", array_map('intval', $eitem_ids))\n$agent_type assigned unsafely at line 25:\n $agent_type = PWP::GET_key('agent_type')\n$agent_id assigned unsafely at line 26:\n $agent_id = PWP::GET_int('agent_id')
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $agent_clause used in $wpdb->get_results("SELECT agent_type, agent_id, role_name FROM $wpdb->ppc_roles"\n . " WHERE $agent_clause assignment_id IN ('$id_csv')")\n$agent_clause assigned unsafely at line 36:\n $agent_clause = ''\n$action assigned unsafely at line 13:\n $action = PWP::GET_key('pp_ajax_agent_permissions'
Unescaped parameter $agent_clause used in $wpdb->get_results("SELECT u.ID AS agent_id, r.role_name, COUNT(*) AS rolecount FROM $wpdb->users AS u" . " INNER JOIN $wpdb->pp_group_members AS gm ON ( gm.user_id = u.ID $agent_clause )" . " INNER JOIN $wpdb->ppc_roles AS r"\n . " ON ( ( r.agent_type = 'user' AND r.agent_id = gm.user_id ) OR ( r.agent_type = 'pp_group' AND r.agent_id = gm.group_id ) )"\n . " GROUP BY u.ID, r.role_name")\n$agent_clause assigned unsafely at line 175:\n $agent_clause = ''\n$results assigned unsafely at line 180:\n $results = $wpdb->get_results(\n "SELECT u.ID AS agent_id, r.role_name, COUNT(*) AS rolecount FROM $wpdb->users AS u" // phpcs:ignore WordPressVIPMinimum.Variables.RestrictedVariables.user_meta__wpdb__users\n . " INNER JOIN $wpdb->pp_group_members AS gm ON ( gm.user_id = u.ID $agent_clause )" // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared\n . " INNER JOIN $wpdb->ppc_roles AS r"\n . " ON ( ( r.agent_type = 'user' AND r.agent_id = gm.user_id ) OR ( r.agent_type = 'pp_group' AND r.agent_id = gm.group_id ) )"\n . " GROUP BY u.ID, r.role_name"\n )
Unescaped parameter $agent_clause used in $wpdb->get_row("SELECT * FROM $wpdb->ppc_exception_items AS i"\n . " INNER JOIN $wpdb->ppc_exceptions AS e ON i.exception_id = e.exception_id"\n . " WHERE $agent_clause eitem_id IN ('$eitem_id_csv') LIMIT 1")\n$agent_clause assigned unsafely at line 179:\n $agent_clause = "e.agent_type = '$agent_type' AND e.agent_id = '$agent_id' AND"\n$eitem_id_csv assigned unsafely at line 25:\n $eitem_id_csv = implode("', '", array_map('intval', $eitem_ids))\n$agent_type assigned unsafely at line 25:\n $agent_type = PWP::GET_key('agent_type')\n$agent_id assigned unsafely at line 26:\n $agent_id = PWP::GET_int('agent_id')