Unescaped parameter $query used in $wpdb->query($wpdb->prepare($query, $log_rows))\n$query assigned unsafely at line 273:\n $query = "DELETE FROM {$table_name} WHERE log_id IN ({$format})"\n$table_name assigned unsafely at line 267:\n $table_name = $this->logger->get_logger_table_name()
Unescaped parameter $sql used in $wpdb->get_results($wpdb->prepare( $sql, $args ))\n$sql assigned unsafely at line 470:\n $sql = '\n\t\t\tSELECT *\n\t\t\tFROM ' . $table . '\n\t\t\tWHERE ' . $column . ' LIKE %s\n\t\t\tORDER BY ' . $key_column . ' ASC\n\t\t\t'\n$column assigned unsafely at line 463:\n $column = 'meta_key'\n$key_column assigned unsafely at line 464:\n $key_column = 'meta_id'\n$value_column assigned unsafely at line 465:\n $value_column = 'meta_value'\n$key assigned unsafely at line 468:\n $key = $wpdb->esc_like( $this->identifier . '_batch_' ) . '%'
Unescaped parameter $sql used in $wpdb->get_var($wpdb->prepare($sql, $args))\n$sql assigned unsafely at line 134:\n $sql = '\n\t\t\tSELECT COUNT(*)\n\t\t\tFROM ' . $table . '\n\t\t\tWHERE ' . $column . ' LIKE %s\n\t\t\tORDER BY ' . $key_column . ' ASC\n\t\t\t'\n$column assigned unsafely at line 128:\n $column = 'meta_key'\n$key_column assigned unsafely at line 129:\n $key_column = 'meta_id'\n$key assigned unsafely at line 132:\n $key = $wpdb->esc_like($this->identifier . '_batch_') . '%'
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $table_name used in $wpdb->get_var("SHOW TABLES LIKE '{$table_name}'")
Unescaped parameter $table_name used in $wpdb->query($wpdb->prepare( "DELETE FROM {$table_name} WHERE DATEDIFF(NOW(), created_at)>=%d", $lifetime ))\n$table_name assigned unsafely at line 54:\n $table_name = $this->logger->get_logger_table_name()