Get together safely, in your own way, in WordPress.
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound | Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "bp_rest_members_create_item_permissions_check". | 330:31 | Plugin Repo |
| ERROR | WordPress.WP.I18n.MissingTranslatorsComment | A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. | 105:66 | General |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 615:42 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $total_sql | 616:42 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 694:\n $sql = $wpdb->prepare( "SELECT initiator_user_id, friend_user_id, is_confirmed FROM {$bp->friends->table_name} WHERE (initiator_user_id = %d AND friend_user_id IN ({$friend_ids_sql}) ) OR (initiator_user_id IN ({$friend_ids_sql}) AND friend_user_id = %d )", $user_id, $user_id )\n$friend_ids_sql assigned unsafely at line 693:\n $friend_ids_sql = implode( ',', array_unique( $fetch ) ) | 695:25 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 695:38 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_col($sql)\n$sql assigned unsafely at line 849:\n $sql = $wpdb->prepare( "SELECT DISTINCT user_id as id FROM {$usermeta_table} WHERE meta_value LIKE %s ORDER BY d.value DESC {$pag_sql}", $search_terms_like )\n$usermeta_table assigned unsafely at line 835:\n $usermeta_table = $wpdb->base_prefix . 'usermeta'\n$pag_sql assigned unsafely at line 838:\n $pag_sql = ''\n$users_table assigned unsafely at line 836:\n $users_table = $wpdb->base_prefix . 'users'\n$limit used without escaping.\n$page used without escaping. | 852:27 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 852:36 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_col($sql)\n$sql assigned unsafely at line 889:\n $sql = $wpdb->prepare( "SELECT COUNT(DISTINCT user_id) FROM {$usermeta_table} WHERE meta_value LIKE %s", $search_terms_like )\n$usermeta_table assigned unsafely at line 880:\n $usermeta_table = $wpdb->prefix . 'usermeta'\n$users_table assigned unsafely at line 881:\n $users_table = $wpdb->base_prefix . 'users'\n$bp assigned unsafely at line 883:\n $bp = buddypress() | 892:24 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 892:33 | Security |
| 12.11.2025, 20:24:24 | 5m 11s | 1 | 6115 | 3125 |