Unescaped parameter $sql used in $wpdb->get_col($sql)\n$sql assigned unsafely at line 1533:\n $sql = $wpdb->prepare( $sql, $args )\n$sql assigned unsafely at line 1529:\n $sql .= ' ORDER BY source_id DESC LIMIT %d'\n$limit used without escaping.
Unescaped parameter $sql used in $wpdb->get_col($sql)\n$sql assigned unsafely at line 442:\n $sql = $wpdb->prepare( $sql, $args )\n$sql assigned unsafely at line 438:\n $sql .= ' ORDER BY posts.ID DESC LIMIT %d'\n$args[] used without escaping.
Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 102:\n $sql .= sprintf( ' LIMIT %d', (int) $limit )\n$limit used without escaping.
Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 1428:\n $sql = $wpdb->prepare(\n\t\t\t"SELECT * FROM " . static::items_table() . " WHERE (path LIKE %s OR original_path LIKE %s);",\n\t\t\t'%' . $path,\n\t\t\t'%' . $path\n\t\t)
Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 154:\n $sql .= sprintf( ' LIMIT %d', (int) $limit )\n$limit used without escaping.
Affected Plugins
Plugins that have instances of this rule violation