Unescaped parameter $FinalTilesGalleries used in $wpdb->query("ALTER TABLE $FinalTilesGalleries MODIFY $field VARCHAR(1000) NULL")\n$field used without escaping.
Unescaped parameter $alb_gal_where used in $wpdb->query($wpdb->prepare('DELETE FROM `' . $wpdb->prefix . 'bwg_album_gallery` WHERE is_album="0"' . $alb_gal_where, $prepareArgs))\n$alb_gal_where assigned unsafely at line 128:\n $alb_gal_where = ' AND `alb_gal_id` NOT IN (' . WDWLibrary::escape_array($excludeIds) . ')'\n$excludeIds used without escaping.
Unescaped parameter $alb_gal_where used in $wpdb->query($wpdb->prepare('DELETE FROM `' . $wpdb->prefix . 'bwg_album_gallery` WHERE is_album="1"' . $alb_gal_where, $prepareArgs))\n$alb_gal_where assigned unsafely at line 111:\n $alb_gal_where = ' AND `alb_gal_id` NOT IN (' . WDWLibrary::escape_array($excludeIds) . ')'\n$excludeIds used without escaping.
Unescaped parameter $album_delete used in $wpdb->query($album_delete)\n$album_delete assigned unsafely at line 127:\n $album_delete = 'DELETE FROM `' . $wpdb->prefix . 'bwg_album`' . $where\n$where assigned unsafely at line 110:\n $where = ' WHERE `id` NOT IN (' . WDWLibrary::escape_array($excludeIds) . ')'\n$excludeIds used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $album_gallery_delete used in $wpdb->query($album_gallery_delete)\n$album_gallery_delete assigned unsafely at line 158:\n $album_gallery_delete = 'DELETE FROM `' . $wpdb->prefix . 'bwg_album_gallery` WHERE is_album="0"' . $alb_gal_where\n$alb_gal_where assigned unsafely at line 128:\n $alb_gal_where = ' AND `alb_gal_id` NOT IN (' . WDWLibrary::escape_array($excludeIds) . ')'\n$excludeIds used without escaping.
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery