| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 204:\n $sql = "DELETE FROM {$this->cache_table_name}\n WHERE {$where}\n " | includes/class-aws-cache.php:208:24 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | includes/class-aws-cache.php:208:31 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. | includes/admin/class-aws-admin-page-premium.php:32:172 | Security |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. | includes/admin/class-aws-admin-page-premium.php:33:169 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 155:\n $sql = "SELECT term, count\n FROM\n {$table_name}\n WHERE\n term LIKE '{$keyword_like}'\n {$query_sources}\n {$query_stock}\n {$query_visibility}\n {$query_exclude_products}\n {$query_lang}\n GROUP BY term\n ORDER BY count DESC\n LIMIT 0, {$this->fuzzy_params['max_similar_terms']}\n "\n$keyword_like assigned unsafely at line 151:\n $keyword_like = $wpdb->esc_like( substr( $search_term, 0, $this->fuzzy_params['term_like_prefix'] ) ) . "%"\n$query_sources assigned unsafely at line 143:\n $query_sources = sprintf( ' AND term_source IN ( %s )', $search_in_arr_string )\n$query_stock assigned unsafely at line 146:\n $query_stock = isset( $this->data['query_params'] ) && isset( $this->data['query_params']['stock'] ) ? $this->data['query_params']['stock'] : ''\n$query_visibility assigned unsafely at line 147:\n $query_visibility = isset( $this->data['query_params'] ) && isset( $this->data['query_params']['visibility'] ) ? $this->data['query_params']['visibility'] : ''\n$query_exclude_products assigned unsafely at line 148:\n $query_exclude_products = isset( $this->data['query_params'] ) && isset( $this->data['query_params']['exclude_products'] ) ? $this->data['query_params']['exclude_products'] : ''\n$query_lang assigned unsafely at line 149:\n $query_lang = isset( $this->data['query_params'] ) && isset( $this->data['query_params']['lang'] ) ? $this->data['query_params']['lang'] : ''\n$search_term used without escaping.\n$search_in_arr_string assigned unsafely at line 142:\n $search_in_arr_string = rtrim( $search_in_arr_string, "," )\n$search_in_arr_string assigned unsafely at line 140:\n $search_in_arr_string .= "'" . $s_source . "',"\n$s_source used without escaping. | includes/class-aws-similar-terms.php:170:27 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | includes/class-aws-similar-terms.php:170:40 | Security |
| ERROR | WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters | Setting `suppress_filters` to `true` is prohibited. | includes/modules/class-aws-um.php:66:17 | Performance |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. | includes/admin/class-aws-admin-page-premium.php:34:171 | Security |
| ERROR | WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters | Setting `suppress_filters` to `true` is prohibited. | includes/modules/class-aws-um.php:188:21 | Performance |
| ERROR | WordPress.Security.EscapeOutput.OutputNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. | includes/admin/class-aws-admin-page-premium.php:40:50 | Security |