Unescaped parameter $column used in $wpdb->get_results("\n\t\t\t\tSELECT (CHAR_LENGTH({$column})*3) as bytes, `{$id}` as id\n\t\t\t\tFROM {$table}\n\t\t\t\tHAVING bytes IS NOT NULL\n\t\t\t")\n$column assigned unsafely at line 210:\n $column = $data['column']\n$id assigned unsafely at line 211:\n $id = $data['id']\n$data['column'] used without escaping.\n$data['id'] used without escaping.
Unescaped parameter $column used in $wpdb->get_results("\n\t\t\t\tSELECT (CHAR_LENGTH({$column})*3) as bytes, `{$id}` as id\n\t\t\t\tFROM {$table}\n\t\t\t\tHAVING bytes IS NULL\n\t\t\t")\n$column assigned unsafely at line 232:\n $column = $data['column']\n$id assigned unsafely at line 233:\n $id = $data['id']\n$data['column'] used without escaping.\n$data['id'] used without escaping.
Unescaped parameter $column_name used in $wpdb->get_var($wpdb->prepare(\n\t\t\t\t"SELECT {$column_name} FROM {$wpdb->posts} WHERE ID=%d AND post_type=%s", \t\t\t\t$action_id,\n\t\t\t\tself::POST_TYPE\n\t\t\t))
Unescaped parameter $custom_table_name used in $wpdb->get_row("SELECT COUNT(*) as item_count FROM {$custom_table_name}")\n$custom_table_name assigned unsafely at line 631:\n $custom_table_name = $queue_table_storage->table_name\n$queue_table_storage->table_name used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $custom_table_name used in $wpdb->query("DELETE FROM {$custom_table_name}")\n$custom_table_name assigned unsafely at line 631:\n $custom_table_name = $queue_table_storage->table_name\n$queue_table_storage->table_name used without escaping.