Unescaped parameter $alter_query used in $wpdb->query($alter_query)\n$alter_query assigned unsafely at line 200:\n $alter_query = wpo_wcpdf_prepare_identifier_query(\n\t\t\t\t"ALTER TABLE %i AUTO_INCREMENT = %d", \n\t\t\t\tarray( $this->table_name ), \n\t\t\t\tarray( $highest_number )\n\t\t\t)
Unescaped parameter $alter_query used in $wpdb->query($alter_query)\n$alter_query assigned unsafely at line 224:\n $alter_query = wpo_wcpdf_prepare_identifier_query(\n\t\t\t\t"ALTER TABLE %i AUTO_INCREMENT = %d", \n\t\t\t\tarray( $this->table_name ), \n\t\t\t\tarray( $number )\n\t\t\t)\n$number used without escaping.
Unescaped parameter $alter_query used in $wpdb->query($alter_query)\n$alter_query assigned unsafely at line 69:\n $alter_query = wpo_wcpdf_prepare_identifier_query(\n\t\t\t\t\t\t"ALTER TABLE %i ADD `calculated_number` INT(16)",\n\t\t\t\t\t\tarray( $table_name )\n\t\t\t\t\t)
Unescaped parameter $column_check_query used in $wpdb->get_var($column_check_query)\n$column_check_query assigned unsafely at line 59:\n $column_check_query = wpo_wcpdf_prepare_identifier_query(\n\t\t\t\t\t"SHOW COLUMNS FROM %i LIKE %s",\n\t\t\t\t\tarray( $table_name ),\n\t\t\t\t\tarray( 'calculated_number' )\n\t\t\t\t)
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $drop_query used in $wpdb->query($drop_query)\n$drop_query assigned unsafely at line 1993:\n $drop_query = wpo_wcpdf_prepare_identifier_query(\n\t\t\t\t"DROP TABLE IF EXISTS %i",\n\t\t\t\tarray( $retired_table_name )\n\t\t\t)\n$retired_table_name assigned unsafely at line 1984:\n $retired_table_name = "{$default_table_name}_{$current_store_year}"\n$default_table_name assigned unsafely at line 1962:\n $default_table_name = $this->get_number_store_table_default_name( $store_base_name, $method )\n$store_base_name used without escaping.\n$method used without escaping.