Unescaped parameter $data used in $wpdb->get_results("DELETE FROM $wpdb->posts WHERE ID IN(" . implode(',', $data) . ")")\n$data assigned unsafely at line 1081:\n $data[] = sanitize_text_field($d)\nNote: sanitize_text_field() is not a safe escaping function.\n$d used without escaping.
Unescaped parameter $data used in $wpdb->get_results("DELETE FROM {$wpdb->prefix}lws_cl_ignore WHERE IDmedia IN(" . implode(',', $data) . ")")\n$data assigned unsafely at line 1277:\n $data[] = sanitize_text_field($d)\nNote: sanitize_text_field() is not a safe escaping function.\n$d used without escaping.
Unescaped parameter $data used in $wpdb->get_results("INSERT INTO {$wpdb->prefix}lws_cl_ignore (IDmedia) VALUES ('$data')")\n$data assigned unsafely at line 1091:\n $data = sanitize_text_field($i)\nNote: sanitize_text_field() is not a safe escaping function.\n$i used without escaping.
Unescaped parameter $lws_cl_table_name used in $wpdb->query("CREATE TABLE IF NOT EXISTS $lws_cl_table_name (\n id mediumint(9) NOT NULL AUTO_INCREMENT,\n IDmedia mediumint(9),\n PRIMARY KEY (id)\n ) $charset_collate;")
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $new_prefix used in $wpdb->query("UPDATE {$new_prefix}options SET option_name='{$new_prefix}user_roles' WHERE option_name='{$wpdb->prefix}user_roles';")\n$new_prefix assigned unsafely at line 303:\n $new_prefix .= '_'\n$new_prefix assigned unsafely at line 301:\n $new_prefix .= $characters[$rand]\n$lines assigned unsafely at line 292:\n $lines = file($config)\n$line assigned unsafely at line 308:\n $line = '$table_prefix = ' . '"' . $new_prefix . '";' . "\\n\\r"\n$characters[$rand] used without escaping.\n$config assigned unsafely at line 291:\n $config = ABSPATH . 'wp-config.php'