Unescaped parameter $columns used in $wpdb->get_results($wpdb->prepare("SELECT $columns FROM $table_name ORDER BY id DESC LIMIT %d", $recent))\n$columns assigned unsafely at line 37:\n $columns .= ', settings'\n$table_name assigned unsafely at line 34:\n $table_name = $wpdb->prefix . "micro_revisions"\n$rev->user_action used without escaping.
Unescaped parameter $columns used in $wpdb->get_results($wpdb->prepare(\r\n\t\t\t\t"SELECT $columns FROM $this->content_table \r\n\t\t\t WHERE published = %d AND type = %s $whereString \r\n\t\t\t ORDER BY aspect, modified_at DESC \r\n\t\t\t $limit",\r\n\t\t\t\t$values\r\n\t\t\t))\n$columns assigned unsafely at line 212:\n $columns = 'slug, name, aspect, content, modified_at, meta, func_ref'\n$limit assigned unsafely at line 249:\n $limit = "LIMIT %d"\n$values[] used without escaping.
Unescaped parameter $columns used in $wpdb->get_row($wpdb->prepare("SELECT $columns FROM $table_name WHERE id = %d", $revision_id))\n$columns assigned unsafely at line 37:\n $columns .= ', settings'\n$table_name assigned unsafely at line 34:\n $table_name = $wpdb->prefix . "micro_revisions"\n$rev->user_action used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $content_table used in $wpdb->get_results($wpdb->prepare(\r\n\t\t\t\t"SELECT DISTINCT slug FROM $content_table \r\n\t\t\t\tWHERE type = %s AND published = %d",\r\n\t\t\t\t'folder_mod', $published\r\n\t\t\t))\n$content_table assigned unsafely at line 54:\n $content_table = $wpdb->prefix . "micro_content"\n$published used without escaping.
Unescaped parameter $excluded_tags used in $wpdb->get_results("SELECT * FROM {$wpdb->prefix}term_taxonomy INNER JOIN {$wpdb->prefix}terms ON {$wpdb->prefix}term_taxonomy.term_id = {$wpdb->prefix}terms.term_id WHERE taxonomy = 'post_tag' AND {$wpdb->prefix}term_taxonomy.term_id NOT IN ($excluded_tags) AND count >= 1 ORDER BY count DESC LIMIT 0, $num")\n$excluded_tags assigned unsafely at line 1493:\n $excluded_tags = implode( ',', $new_tags )\n$num used without escaping.\n$new_tags assigned unsafely at line 1490:\n $new_tags = _foundation_explode_and_trim_taxonomy( $settings->excluded_tags, 'post_tag' )\n$settings->excluded_tags used without escaping.
WPtouch – Make your WordPress Website Mobile-Friendly