Unescaped parameter $aicpOBJ->table_name used in $wpdb->get_var("SELECT COUNT(id) FROM $aicpOBJ->table_name WHERE ip = '$visitorIP'")\n$visitorIP assigned unsafely at line 259:\n $visitorIP = $aicpOBJ->visitor_ip()\n$aicpOBJ assigned unsafely at line 258:\n $aicpOBJ = new AICP()
Unescaped parameter $countQuery24 used in $wpdb->get_var($countQuery24)\n$countQuery24 assigned unsafely at line 50:\n $countQuery24 = "SELECT COUNT(id) FROM " . $aicpOBJ->table_name . " WHERE " . $aicpOBJ->table_name . ".timestamp >= DATE_SUB( NOW(), INTERVAL 24 HOUR )"\n$aicpOBJ->table_name used without escaping.
Unescaped parameter $countQuery6 used in $wpdb->get_var($countQuery6)\n$countQuery6 assigned unsafely at line 52:\n $countQuery6 = "SELECT COUNT(id) FROM " . $aicpOBJ->table_name . " WHERE " . $aicpOBJ->table_name . ".timestamp >= DATE_SUB( NOW(), INTERVAL 6 HOUR )"\n$aicpOBJ->table_name used without escaping.
Unescaped parameter $countQueryAll used in $wpdb->get_var($countQueryAll)\n$countQueryAll assigned unsafely at line 48:\n $countQueryAll = "SELECT COUNT(id) FROM " . $aicpOBJ->table_name\n$aicpOBJ->table_name used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $query used in $wpdb->query($query)\n$query assigned unsafely at line 525:\n $query = $wpdb->prepare(\r\n "DELETE FROM {$aicpOBJ->table_name} WHERE UNIX_TIMESTAMP( {$aicpOBJ->table_name}.timestamp ) < UNIX_TIMESTAMP( DATE_SUB( NOW(), INTERVAL %d DAY ) )",\r\n $this->ban_duration\r\n )