Unescaped parameter $column_name used in $wpdb->get_var($wpdb->prepare(\n\t\t\t\t"SELECT {$column_name} FROM {$wpdb->posts} WHERE ID=%d AND post_type=%s", \t\t\t\t$action_id,\n\t\t\t\tself::POST_TYPE\n\t\t\t))
Unescaped parameter $constraint->TABLE_NAME used in $wpdb->query("\n ALTER TABLE {$constraint->TABLE_NAME} DROP FOREIGN KEY {$constraint->CONSTRAINT_NAME};\n ")\n$constraint->CONSTRAINT_NAME used without escaping.
Unescaped parameter $dbtable used in $wpdb->get_row($wpdb->prepare("SELECT * FROM $dbtable WHERE id = %d", [$widget_id]))\n$dbtable assigned unsafely at line 4024:\n $dbtable = $this->get_widget_tablename()
Unescaped parameter $dbtable used in $wpdb->get_row($wpdb->prepare("SELECT * FROM $dbtable WHERE id = %d", [$widget_id]))\n$dbtable assigned unsafely at line 4052:\n $dbtable = $this->get_widget_tablename()
Unescaped parameter $insert_sql used in $wpdb->query($insert_sql)\n$insert_sql assigned unsafely at line 118:\n $insert_sql = $this->build_insert_sql( $data, $unique )\n$data assigned unsafely at line 100:\n $data = array(\n\t\t\t\t'hook' => $action->get_hook(),\n\t\t\t\t'status' => ( $action->is_finished() ? self::STATUS_COMPLETE : self::STATUS_PENDING ),\n\t\t\t\t'scheduled_date_gmt' => $this->get_scheduled_date_string( $action, $date ),\n\t\t\t\t'scheduled_date_local' => $this->get_scheduled_date_string_local( $action, $date ),\n\t\t\t\t'schedule' => serialize( $action->get_schedule() ), // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.serialize_serialize\n\t\t\t\t'group_id' => current( $this->get_group_ids( $action->get_group() ) ),\n\t\t\t\t'priority' => $action->get_priority(),\n\t\t\t)\n$unique used without escaping.\n$action used without escaping.\n$date used without escaping.