Unescaped parameter $this->sql used in $wpdb->get_results($this->sql)\n$this->sql assigned unsafely at line 33:\n $this->sql = $this->wpdb->prepare(\n "SELECT SQL_CALC_FOUND_ROWS\n id, url, request_args, response, runtime, date_added\n FROM {$this->wpdb->prefix}lhr_log\n ORDER BY $orderby $order, id DESC\n LIMIT %d, %d",\n $offset,\n $per_page\n )
Unescaped parameter $this->wpdb->prefix used in $wpdb->query("TRUNCATE TABLE {$this->wpdb->prefix}lhr_log")
Affected Plugins
Plugins that have instances of this rule violation