Unescaped parameter $query used in $wpdb->get_col($query)\n$query assigned unsafely at line 141:\n $query = "SELECT users.ID FROM {$wpdb->users} users\n {$where}\n LIMIT 0, {$top_limit}"\n$where assigned unsafely at line 140:\n $where = $this->get_thorougly_where_condition()
Unescaped parameter $query used in $wpdb->get_var($query)\n$query assigned unsafely at line 120:\n $query = $this->get_users_count_query()
Unescaped parameter $query used in $wpdb->get_var($query)\n$query assigned unsafely at line 465:\n $query = "SELECT option_value\n FROM {$options_table_name}\n WHERE option_name='$option_name'\n LIMIT 1"\n$options_table_name assigned unsafely at line 462:\n $options_table_name = $prefix . 'options'\n$option_name assigned unsafely at line 463:\n $option_name = $prefix . 'user_roles'
Unescaped parameter $query used in $wpdb->query($query)\n$query assigned unsafely at line 530:\n $query = "UPDATE {$options_table_name}\n SET option_value='$roles'\n WHERE option_name='$option_name'\n LIMIT 1"\n$options_table_name assigned unsafely at line 521:\n $options_table_name = $prefix . 'options'\n$roles assigned unsafely at line 528:\n $roles = $this->leave_roles_for_blog( $blog_id, $leave_roles[$blog_id] )\n$option_name assigned unsafely at line 522:\n $option_name = $prefix . 'user_roles'\n$blog_id used without escaping.\n$leave_roles[$blog_id] used without escaping.
Affected Plugins
Plugins that have instances of this rule violation
Unescaped parameter $select_query used in $wpdb->get_results($select_query)\n$select_query assigned unsafely at line 411:\n $select_query = ''\n$get_data assigned unsafely at line 587:\n $get_data = $wpdb->get_results( $select_query )