Unescaped parameter $data used in $wpdb->get_results("DELETE FROM $wpdb->posts WHERE ID IN(" . implode(',', $data) . ")")\n$data assigned unsafely at line 1081:\n $data[] = sanitize_text_field($d)\nNote: sanitize_text_field() is not a safe escaping function.\n$d used without escaping.
Unescaped parameter $data used in $wpdb->get_results("DELETE FROM {$wpdb->prefix}lws_cl_ignore WHERE IDmedia IN(" . implode(',', $data) . ")")\n$data assigned unsafely at line 1277:\n $data[] = sanitize_text_field($d)\nNote: sanitize_text_field() is not a safe escaping function.\n$d used without escaping.
Unescaped parameter $data used in $wpdb->get_results("INSERT INTO {$wpdb->prefix}lws_cl_ignore (IDmedia) VALUES ('$data')")\n$data assigned unsafely at line 1091:\n $data = sanitize_text_field($i)\nNote: sanitize_text_field() is not a safe escaping function.\n$i used without escaping.
Unescaped parameter $lws_cl_table_name used in $wpdb->query("CREATE TABLE IF NOT EXISTS $lws_cl_table_name (\n id mediumint(9) NOT NULL AUTO_INCREMENT,\n IDmedia mediumint(9),\n PRIMARY KEY (id)\n ) $charset_collate;")
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $to_delete used in $wpdb->get_results("DELETE FROM $wpdb->commentmeta WHERE meta_id\n IN (" . implode(',', $to_delete) . ") AND comment_id = " . $duplicate->comment_id)\n$to_delete assigned unsafely at line 786:\n $to_delete[] = array_pop($tmp)\n$tmp assigned unsafely at line 784:\n $tmp = explode(',', $duplicate->ids)\n$duplicate->ids used without escaping.