Unescaped parameter $dummy_table used in $wpdb->query("RENAME TABLE {$dummy_table} TO {$temp_table};")\n$dummy_table assigned unsafely at line 142:\n $dummy_table = $wpdb->prefix . self::ILJ_DATABASE_TABLE_LINKINDEX_TEMP . '2'
Unescaped parameter $dummy_table used in $wpdb->query("\n\t\t\t\tRENAME TABLE {$linkindex_table} TO {$dummy_table},\n\t\t\t\t{$temp_table} TO {$linkindex_table};\n\t\t\t")\n$dummy_table assigned unsafely at line 142:\n $dummy_table = $wpdb->prefix . self::ILJ_DATABASE_TABLE_LINKINDEX_TEMP . '2'
Unescaped parameter $id used in $wpdb->get_results("SELECT anchor FROM $ilj_linkindex_table WHERE (link_to != 0 AND type_to != '' AND anchor != '') AND (link_from = '" . $id . "' AND (type_from = '" . $type . "' " . $additional_query . '))')\n$id used without escaping.
Unescaped parameter $id used in $wpdb->get_var("SELECT count(link_from) FROM $ilj_linkindex_table WHERE (link_to != 0 AND type_to != '') AND (link_from = '" . $id . "' AND (type_from = '" . $type . "' " . $additional_query . '))')\n$id used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $id used in $wpdb->get_var("SELECT count(link_to) FROM $ilj_linkindex_table WHERE (link_from != 0 AND type_from != '') AND ((link_to = '" . $id . "' AND type_to = '" . $type . "') " . $query . ')')\n$id used without escaping.