Unescaped parameter $query used in $wpdb->get_var($wpdb->prepare( $query, $topic_id ))\n$query assigned unsafely at line 98:\n $query = "SELECT blog_id FROM $table_name WHERE topic_id = %d"
Unescaped parameter $query used in $wpdb->get_var($wpdb->prepare( $query, $topic_id ))\n$query assigned unsafely at line 67:\n $query = "SELECT blog_id FROM $table_name WHERE topic_id = %d"\n$table_name assigned unsafely at line 66:\n $table_name = $wpdb->base_prefix . 'wpdc_topic_blog'
Unescaped parameter $table used in $wpdb->query("TRUNCATE TABLE $table")\n$table assigned unsafely at line 57:\n $table = $wpdb->base_prefix . 'wpdc_topic_blog'\n$result assigned unsafely at line 58:\n $result = $wpdb->query( "TRUNCATE TABLE $table" )
Unescaped parameter $table_name used in $wpdb->get_results("DELETE FROM {$table_name} WHERE id IN ({$expired_nonces})")\n$table_name assigned unsafely at line 123:\n $table_name = $this->get_table_name()\n$expired_nonces assigned unsafely at line 129:\n $expired_nonces = implode( ',', $expired_nonces )\n$expired_nonces assigned unsafely at line 125:\n $expired_nonces = $this->wpdb->get_results( "SELECT id FROM {$table_name} WHERE added_on < DATE_SUB(NOW(), INTERVAL {$this->nonce_life} SECOND)" )
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $table_name used in $wpdb->get_results("SELECT id FROM {$table_name} WHERE added_on < DATE_SUB(NOW(), INTERVAL {$this->nonce_life} SECOND)")\n$table_name assigned unsafely at line 123:\n $table_name = $this->get_table_name()