WordPress.DB.RestrictedFunctions.mysql_mysql_get_server_info
mysql mysql get server info
The plugin uses a raw MySQL extension or class instead of WordPress database APIs.
Why It Shows Up
The scan found `mysql_*`, `mysqli_*`, PDO MySQL, or related database functions in plugin code.
Why It Matters
Bypassing `$wpdb` can ignore WordPress database configuration, escaping conventions, character sets, and compatibility layers.
How to Fix
- Replace raw MySQL calls with `$wpdb` methods or higher-level WordPress APIs.
- Use `$wpdb->prepare()` for dynamic values.
- If a third-party library requires a database connection, isolate it and document why WordPress APIs cannot be used.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Updated | Top Issue |
|---|---|---|---|---|---|---|---|
| #1 | Event Organiser | 19 | 1,106 | 544 | 20k+ | Text Domain Mismatch | |
| #2 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | 22 | 4,462 | 3,972 | 10k+ | Output Not Escaped | |
| #3 | WP-WebAuthn | 22 | 957 | 396 | 2k+ | Exception Not Escaped | |
| #4 | MediaPress | 23 | 904 | 583 | 4k+ | Output Not Escaped | |
| #5 | Softaculous | 23 | 116 | 49 | 10k+ | file system operations fread | |
| #6 | UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP | 23 | 695 | 2,434 | 20k+ | Non Prefixed Hookname Found | |
| #7 | Ivory Search – WordPress Search Plugin | 24 | 1,176 | 1,688 | 100k+ | Non Prefixed Variable Found | |
| #8 | Hummingbird Performance – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDN | 24 | 3,410 | 866 | 70k+ | Text Domain Mismatch | |
| #9 | Database Manager – WP Adminer | 24 | 1,005 | 2,752 | 20k+ | Non Prefixed Variable Found | |
| #10 | WPvivid — Backup, Migration & Staging | 25 | 899 | 1,461 | 900k+ | Non Prefixed Namespace Found | |
| #11 | Custom Scrollbar | 27 | 184 | 191 | 2k+ | Output Not Escaped | |
| #12 | Email Marketing Plugin – WP Email Capture | 27 | 383 | 262 | 1k+ | Output Not Escaped | |
| #13 | Multi Step Form | 34 | 277 | 136 | 9k+ | Output Not Escaped | |
| #14 | Adaptive Images for WordPress | 37 | 51 | 75 | 3k+ | Output Not Escaped | |
| #15 | TypePad emoji for TinyMCE | 38 | 100 | 24 | 8k+ | Text Domain Mismatch |
