Unescaped parameter $in used in $wpdb->query($wpdb->prepare(\n\t\t\t\t\t\t\t"DELETE FROM $table_name WHERE id IN($in)"\n\t\t\t))\n$in assigned unsafely at line 257:\n $in = DB::prepare_in( $ids, '%d' )\n$ids assigned unsafely at line 254:\n $ids = $args['ids'] ?? []\n$args['ids'] used without escaping.
Unescaped parameter $index_name used in $wpdb->query("CREATE INDEX $index_name ON $table_name ( $key_part )")\n$index_name used without escaping.\n$key_part used without escaping.
Unescaped parameter $query used in $wpdb->query($query)\n$query used without escaping.
Unescaped parameter $table_name used in $wpdb->get_var("SELECT COUNT(1) IndexIsThere\n\t\t\t\t\tFROM INFORMATION_SCHEMA.STATISTICS\n\t\t\t\t\tWHERE table_schema = DATABASE()\n \t\t\t\t\tAND table_name = '$table_name'\n \t\t\t\tAND index_name = '$index_name'")
Unescaped parameter $table_name used in $wpdb->query('DROP TABLE IF EXISTS ' . $table_name)\n$table_name assigned unsafely at line 111:\n $table_name = $wpdb->prefix . 'c4wp_failed_login_tracking'
Affected Plugins
Plugins that have instances of this rule violation