Unescaped parameter $answers_table used in $wpdb->get_results("SELECT answer FROM {$answers_table} WHERE correct=1 AND question_id={$id}")\n$answers_table assigned unsafely at line 2763:\n $answers_table = $wpdb->prefix . "aysquiz_answers"\n$id used without escaping.\n$correct_answers assigned unsafely at line 2764:\n $correct_answers = $wpdb->get_results("SELECT answer FROM {$answers_table} WHERE correct=1 AND question_id={$id}")
Unescaped parameter $answers_table used in $wpdb->get_results("SELECT image FROM {$answers_table} WHERE correct=1 AND question_id={$id}")\n$answers_table assigned unsafely at line 2788:\n $answers_table = $wpdb->prefix . "aysquiz_answers"\n$correct_answers assigned unsafely at line 2789:\n $correct_answers = $wpdb->get_results("SELECT image FROM {$answers_table} WHERE correct=1 AND question_id={$id}")
Unescaped parameter $answers_table used in $wpdb->get_row($wpdb->prepare("SELECT answer FROM {$answers_table} WHERE id=%d ;", $choice ))\n$answers_table assigned unsafely at line 2804:\n $answers_table = $wpdb->prefix . "aysquiz_answers"\n$choices assigned unsafely at line 2806:\n $choices = ''\n$user_choice used without escaping.\n$key used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $answers_table used in $wpdb->get_row($wpdb->prepare("SELECT image FROM {$answers_table} WHERE id=%d ;", $choice ))\n$answers_table assigned unsafely at line 2844:\n $answers_table = $wpdb->prefix . "aysquiz_answers"\n$choices assigned unsafely at line 2845:\n $choices = ''\n$user_choice used without escaping.\n$key used without escaping.
Unescaped parameter $answers_table used in $wpdb->get_row("SELECT * FROM {$answers_table} WHERE question_id={$question_id} AND id={$answer_id}")