Unescaped parameter $apbct->data['sfw_common_table_name'] used in $wpdb->get_var('SELECT COUNT(*) FROM ' . $apbct->data['sfw_common_table_name'])\n$apbct->data['sfw_common_table_name'] used without escaping.
Unescaped parameter $apbct->data['sfw_personal_table_name'] used in $wpdb->get_var('SELECT COUNT(*) FROM ' . $apbct->data['sfw_personal_table_name'])\n$apbct->data['sfw_personal_table_name'] used without escaping.
Unescaped parameter $checkEmailSql used in $wpdb->get_var($wpdb->prepare($checkEmailSql, $_email))\n$checkEmailSql assigned unsafely at line 107:\n $checkEmailSql = "SELECT COUNT(subscriber_email) FROM " . $wpdb->prefix . "subscribe_reloaded_subscribers WHERE subscriber_email = %s"\n$numSubscribers assigned unsafely at line 108:\n $numSubscribers = $wpdb->get_var( $wpdb->prepare($checkEmailSql, $_email) )\n$_email used without escaping.
Unescaped parameter $comment_spam_select_query used in $wpdb->get_results($comment_spam_select_query)\n$comment_spam_select_query assigned unsafely at line 666:\n $comment_spam_select_query = "SELECT DISTINCT comment_author_IP FROM " . $wpdb->comments . " WHERE comment_approved = 'spam' ORDER BY comment_author_IP ASC "\n$results assigned unsafely at line 667:\n $results = $wpdb->get_results($comment_spam_select_query)
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $countQuery used in $wpdb->get_var($countQuery)\n$countQuery assigned unsafely at line 44:\n $countQuery = "SELECT COUNT(*) FROM $table"\n$table assigned unsafely at line 42:\n $table = AnyCommentEmailQueue::get_table_name()