Unescaped parameter $escaped_list used in $wpdb->get_results("SELECT * FROM {$wpdb->prefix}woocommerce_shipping_zone_methods " .\n\t\t\t"LEFT JOIN {$wpdb->prefix}woocommerce_shipping_zones " .\n\t\t\t"ON {$wpdb->prefix}woocommerce_shipping_zone_methods.zone_id = {$wpdb->prefix}woocommerce_shipping_zones.zone_id " .\n\t\t\t\t\t\t\t\t\t\t\t\t"WHERE method_id IN ({$escaped_list}) " .\n\t\t\t'ORDER BY zone_order, instance_id;')\n$escaped_list assigned unsafely at line 550:\n $escaped_list .= ','\n$escaped_list assigned unsafely at line 547:\n $escaped_list = ''\n$shipping_service used without escaping.\n$service_ids used without escaping.
Unescaped parameter $table_name used in $wpdb->get_results("ALTER TABLE {$table_name} ADD `meta_id` bigint(20) NOT NULL AUTO_INCREMENT PRIMARY KEY;")\n$table_name assigned unsafely at line 536:\n $table_name = $wpdb->prefix . $type . 'meta'\n$type assigned unsafely at line 535:\n $type = 'berocket_term'
Unescaped parameter $table_name used in $wpdb->get_results("SHOW COLUMNS from {$table_name} LIKE 'meta_id'")\n$table_name assigned unsafely at line 536:\n $table_name = $wpdb->prefix . $type . 'meta'\n$type assigned unsafely at line 535:\n $type = 'berocket_term'
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $table_name used in $wpdb->get_row("SHOW INDEXES FROM {$table_name}")\n$table_name assigned unsafely at line 536:\n $table_name = $wpdb->prefix . $type . 'meta'\n$type assigned unsafely at line 535:\n $type = 'berocket_term'
Unescaped parameter $table_name used in $wpdb->query("ALTER TABLE {$table_name} DROP INDEX meta_id, ADD PRIMARY KEY (meta_id);")\n$table_name assigned unsafely at line 536:\n $table_name = $wpdb->prefix . $type . 'meta'\n$type assigned unsafely at line 535:\n $type = 'berocket_term'