WordPress.DB.PreparedSQLPlaceholders.UnsupportedIdentifierPlaceholder

Unsupported Identifier Placeholder

A SQL query is built in a way that Plugin Check cannot verify as safely prepared.

critical weight

Why It Shows Up

The scan found missing, incorrect, quoted, unsupported, or mismatched SQL placeholders around `$wpdb->prepare()` usage.

Why It Matters

Broken preparation can leave dynamic SQL values unsafe or make queries behave differently than intended.

How to Fix

Keep placeholders in the SQL string and pass dynamic values as separate arguments.
Use the placeholder that matches the value type.
Do not quote placeholders manually, and use allowlists for identifiers or SQL fragments.

References

WordPress database access

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	Backup Migration	21	981	1,093	80k+	16 days ago	Non Prefixed Variable Found
#2	GeoDirectory – WP Business Directory Plugin and Classified Listings Directory	22	4,462	3,972	10k+	11 days ago	Output Not Escaped
#3	LearnPress – WordPress LMS Plugin for Create and Sell Online Courses	22	2,361	3,384	70k+	4 days ago	Non Prefixed Variable Found
#4	WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell	22	5,996	2,790	5k+	3 days ago	Text Domain Mismatch
#5	Announcement & Notification Banner – Bulletin	23	930	1,576	2k+	4 months ago	Non Prefixed Variable Found
#6	WPBot – AI ChatBot for Live Support, Lead Generation, AI Services	23	264	1,018	5k+	4 days ago	Non Prefixed Variable Found
#7	Groundhogg — CRM, Newsletters, and Marketing Automation	23	152	950	2k+	10 days ago	Non Prefixed Variable Found
#8	Backuply – Backup, Restore, Migrate and Clone	24	704	551	700k+	25 days ago	Non Prefixed Variable Found
#9	Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor	24	1,025	984	4k+	5 months ago	Text Domain Mismatch
#10	CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7	24	1,034	1,396	300k+	12 days ago	Non Prefixed Variable Found
#11	Easy Form Builder by WhiteStudio — Drag & Drop Form Builder	24	193	363	1k+	19 days ago	Recommended
#12	eCommerce Product Catalog Plugin for WordPress	24	621	3,177	7k+	24 days ago	Non Prefixed Function Found
#13	Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels	24	107	1,461	10k+	5 days ago	Non Prefixed Variable Found
#14	The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce	24	12,053	494	100k+	1 month ago	Text Domain Mismatch
#15	WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors	24	168	584	4k+	3 days ago	Non Prefixed Class Found
#16	Bulk Edit Products for WooCommerce – WP Sheet Editor	24	941	936	10k+	5 months ago	Text Domain Mismatch
#17	Bulk Edit Posts and Products in Spreadsheet	24	918	912	9k+	5 months ago	Text Domain Mismatch
#18	WP Travel Engine – Tour Booking Plugin – Tour Operator Software	24	2,010	5,688	20k+	6 days ago	Non Prefixed Variable Found
#19	All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements	25	352	597	40k+	10 days ago	Non Prefixed Variable Found
#20	Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin	25	960	738	60k+	5 days ago	Text Domain Mismatch
#21	Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty	26	113	671	400k+	10 days ago	Non Prefixed Variable Found
#22	Duplicate Post	27	447	274	300k+	1 month ago	Unsafe Printing Function
#23	My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)	28	161	400	100k+	10 days ago	Non Prefixed Variable Found
#24	WPO365 \| SEAMLESS WORDPRESS + MICROSOFT INTEGRATION (WPO365 \| LOGIN)	28	209	217	10k+	16 days ago	Exception Not Escaped
#25	Optimole – Optimize Images \| Convert WebP & AVIF \| CDN & Lazy Load \| Image Optimization	29	80	162	200k+	5 days ago	Recommended
#26	Companion Sitemap Generator – Simple, Smart, and SEO-Ready	33	118	57	7k+	2 months ago	Missing Translators Comment
#27	Advanced Coupons for WooCommerce Coupons & Store Credit	34	74	214	20k+	10 days ago	Non Prefixed Variable Found
#28	ShopMagic Abandoned Cart Recovery for WooCommerce	35	16	23	2k+	today	Non Prefixed Variable Found
#29	ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce	35	50	343	10k+	2 days ago	Missing Unslash
#30	Microsoft Clarity	36	48	163	200k+	4 days ago	Recommended
#31	WPO365 \| MICROSOFT 365 GRAPH MAILER	37	112	83	10k+	16 days ago	Text Domain Mismatch
#32	WPEPP – Essential Security, Password Protect & Login Page Customizer	39	34	29	3k+	2 months ago	Unsupported Identifier Placeholder
#33	Country State City Dropdown CF7	40	35	54	5k+	12 months ago	Direct Query
#34	Hostinger Reach – AI-Powered Email Marketing for WordPress	40	9	46	1m+	5 days ago	Direct Query
#35	hCaptcha for WP	42	115	18	70k+	6 days ago	Exception Not Escaped
#36	WP Mail Log	42	42	29	10k+	6 days ago	Text Domain Mismatch
#37	User Role Editor	43	117	145	700k+	1 month ago	Output Not Escaped
#38	Social Media Auto Poster – Schedule & Publish to Buffer	58	23	212	8k+	yesterday	Dynamic Hookname Found
#39	Kit (formerly ConvertKit) – Email Newsletter, Email Marketing, Membership, Subscribers and Landing Pages	62	81	100	40k+	2 days ago	missing direct file access protection
#40	Interlinks Manager – Internal Links Optimizer	80	17	13	8k+	3 months ago	Unescaped DBParameter