Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 605:\n $query = self::build_db_logs_query(\n\t\t\t\t$filters,\n\t\t\t\t$limit,\n\t\t\t\t$offset,\n\t\t\t\t$order\n\t\t\t)\n$filters used without escaping.\n$limit used without escaping.\n$offset used without escaping.\n$order used without escaping.
Unescaped parameter $query used in $wpdb->query($query)\n$query assigned unsafely at line 663:\n $query = "SELECT {$columns} UNION ALL " . $query\n$columns assigned unsafely at line 660:\n $columns .= "'" . self::$_log_columns[ $i ] . "'"\n$_log_columns[$i] used without escaping.
Unescaped parameter $where used in $wpdb->get_results("SELECT * FROM {$wpdb->posts} $where")\n$where assigned unsafely at line 253:\n $where = 'WHERE ID IN (' . join( ',', $next_posts ) . ')'\n$next_posts assigned unsafely at line 252:\n $next_posts = array_splice( $post_ids, 0, 20 \n$post_ids assigned unsafely at line 176:\n $post_ids = array_merge( $posts_to_add, $post_ids )\n$post_ids assigned unsafely at line 85:\n $post_ids = $wpdb->get_col( "SELECT ID FROM {$wpdb->posts} WHERE $where" )\n$posts_to_add assigned unsafely at line 171:\n $posts_to_add[] = get_post_meta( $post_id, '_menu_item_object_id', true )\n$post_id used without escaping.
Affected Plugins
Plugins that have instances of this rule violation