Unescaped parameter $anyPagesWithSpecialOptionsQuery used in $wpdb->get_col($anyPagesWithSpecialOptionsQuery)\n$anyPagesWithSpecialOptionsQuery assigned unsafely at line 918:\n $anyPagesWithSpecialOptionsQuery .= ' meta_key=\\'_wpassetcleanup_page_options\\' && meta_value LIKE \\'%no_wpacu_load%\\''\n$anyPagesWithSpecialOptionsQuery assigned unsafely at line 915:\n $anyPagesWithSpecialOptionsQuery .= ' post_id NOT IN ('.implode(',', $excludePostIds).') && '\n$anyPagesWithSpecialOptions assigned unsafely at line 920:\n $anyPagesWithSpecialOptions = $wpdb->get_col( $anyPagesWithSpecialOptionsQuery )\n$excludePostIds assigned unsafely at line 906:\n $excludePostIds[] = get_option('page_on_front')
Unescaped parameter $assetCleanUpMetaKeysQuery used in $wpdb->get_col($assetCleanUpMetaKeysQuery)\n$assetCleanUpMetaKeysQuery assigned unsafely at line 223:\n $assetCleanUpMetaKeysQuery = <<<SQL\nSELECT `meta_key` FROM {$wpdb->postmeta} WHERE meta_key LIKE '{$metaKeyLike}' AND post_id='{$postId}'\nSQL\n$metaKeyLike assigned unsafely at line 221:\n $metaKeyLike = '_' . WPACU_PLUGIN_ID . '_%'
Unescaped parameter $clearQuery used in $wpdb->query($clearQuery)\n$clearQuery assigned unsafely at line 63:\n $clearQuery = <<<SQL\nDELETE FROM `{$wpdb->usermeta}` WHERE meta_key='{$metaKeyTargeted}';\nSQL\n$metaKeyTargeted assigned unsafely at line 61:\n $metaKeyTargeted = WPACU_PLUGIN_ID . '_user_chosen_for_access_to_assets_manager'
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $postId used in $wpdb->get_var('SELECT meta_value FROM `' . $wpdb->prefix . 'postmeta` WHERE post_id=\''.$postId.'\' && meta_key=\'_'.WPACU_PLUGIN_ID.'_page_options\' && meta_value LIKE \'%no_wpacu_load%\'')\n$postId used without escaping.
Unescaped parameter $postType used in $wpdb->get_var('SELECT COUNT(*) FROM `'.$wpdb->posts.'` WHERE post_type=\''.$postType.'\'')\n$postType used without escaping.