ERRORsecurity

UnescapedDBParameter

PluginCheck.Security.DirectDB.UnescapedDBParameter

Affected Plugins

On this page

Total Issues

Instances found

Total Impact

123K

Active installations

Examples

Real messages found in scanned plugins

Unescaped parameter $ids used in $wpdb->get_results("SELECT $wpdb->terms.term_id, $wpdb->terms.name, taxonomy FROM $wpdb->term_taxonomy INNER JOIN $wpdb->terms USING (term_id) WHERE $wpdb->terms.term_id in ($ids)")\n$ids assigned unsafely at line 45:\n $ids = implode(', ', $ids)

Unescaped parameter $language_query used in $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->prefix}wdr_rules WHERE enabled = %d AND deleted = %d AND (date_from <= %d OR date_from IS NULL) AND (date_to >= %d OR date_to IS NULL) AND (usage_limits > used_limits OR used_limits IS NULL OR usage_limits = 0)", array(1, 0, $current_time, $current_time)).$language_query)\n$language_query assigned unsafely at line 195:\n $language_query = $wpdb->prepare(' AND (rule_language IS NULL OR rule_language = \\'[]\\' OR rule_language LIKE %s)','%' . $wpdb->esc_like($current_language) . '%').$language_query\n$language_query assigned unsafely at line 193:\n $language_query = ' ORDER BY priority ASC'\n$current_language assigned unsafely at line 192:\n $current_language = Language::getCurrentLanguage()

Affected Plugins

Plugins that have instances of this rule violation

Discount Rules for WooCommerce

Advanced Dynamic Pricing and Discount Rules for WooCommerce

advanced-dynamic-pricing-for-woocommerce

issues

20K

installs

Unescaped parameter $like used in $wpdb->get_col("SELECT DISTINCT CONCAT(fields.meta_key,'=',fields.meta_value) FROM {$wpdb->postmeta} AS fields JOIN {$wpdb->posts} AS products ON products.ID = fields.post_id WHERE products.post_type IN ('product','product_variation') AND CONCAT(fields.meta_key,'=',fields.meta_value) LIKE '%{$like}%' ORDER BY meta_key LIMIT $this->limit")\n$like assigned unsafely at line 362:\n $like = $wpdb->esc_like($query)\n$query assigned unsafely at line 361:\n $query = htmlspecialchars($_POST['query'] ?? "", ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401)\n$_POST['query'] used without escaping.

Unescaped parameter $lookupTable used in $wpdb->get_results("SELECT DISTINCT term_id, taxonomy FROM {$lookupTable} WHERE {$where} ")\n$lookupTable assigned unsafely at line 316:\n $lookupTable = $data_store->get_lookup_table_name()\n$where assigned unsafely at line 318:\n $where = $this->compareToSql("term_id", ComparisonMethods::IN_LIST, $termIds)\n$data_store assigned unsafely at line 315:\n $data_store = wc_get_container()->get( LookupDataStore::class )\n$termIds used without escaping.

Unescaped parameter $lookupTable used in $wpdb->get_results("SELECT product_id, product_or_parent_id FROM {$lookupTable} WHERE {$where} ")\n$lookupTable assigned unsafely at line 316:\n $lookupTable = $data_store->get_lookup_table_name()\n$where assigned unsafely at line 333:\n $where = $this->compareToSql("term_id", ComparisonMethods::IN_LIST, $termIds)\n$data_store assigned unsafely at line 315:\n $data_store = wc_get_container()->get( LookupDataStore::class )