Unescaped parameter $clause used in $wpdb->query($wpdb->prepare("DELETE FROM {$wpdb->postmeta} WHERE post_id='%d' AND meta_key IN ($clause)", $keys))\n$clause assigned unsafely at line 139:\n $clause = implode(',', $values)\n$values assigned unsafely at line 135:\n $values[] = '%s'\n$keys[] used without escaping.
Unescaped parameter $column used in $wpdb->get_var($wpdb->prepare( "SELECT $column FROM {$wpdb->prefix}aioseo_posts WHERE post_id = %d", $post->ID ))\n$column assigned unsafely at line 109:\n $column = $type === 'twitter' ? 'twitter_image_url' : 'og_image_url'\n$post->ID used without escaping.
Unescaped parameter $days used in $wpdb->query("DELETE FROM {$wpdb->slim_seo_404} WHERE updated_at < NOW() - INTERVAL {$days} DAY")\n$days used without escaping.
Unescaped parameter $nnr_alter_sql used in $wpdb->query($nnr_alter_sql)\n$nnr_alter_sql assigned unsafely at line 128:\n $nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `ex_pages` varchar(300) DEFAULT 0 AFTER `s_pages`"\n$table_name assigned unsafely at line 112:\n $table_name = $wpdb->prefix . self::$nnr_hfcm_table
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $nnr_alter_sql used in $wpdb->query($nnr_alter_sql)\n$nnr_alter_sql assigned unsafely at line 143:\n $nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `ex_posts` varchar(300) DEFAULT 0 AFTER `s_posts`"\n$table_name assigned unsafely at line 112:\n $table_name = $wpdb->prefix . self::$nnr_hfcm_table