BuddyPress Profile Completion

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$class'.

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "buddypress_profile_completion_has_uploaded_avatar".

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "buddypress_profile_completion_has_uploaded_cover".

Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 374:\n $query = $wpdb->prepare( "SELECT field_id, value FROM {$table} WHERE user_id = %d AND field_id IN {$fields_list} GROUP BY field_id", $user_id )\n$table assigned unsafely at line 355:\n $table = buddypress()->profile->table_name_data\n$fields_list assigned unsafely at line 372:\n $fields_list = '(' . join( ',', $required_fields ) . ')'\n$required_fields assigned unsafely at line 363:\n $required_fields = self::get_all_required_profile_fields( $user_id )\n$user_id used without escaping.

Use placeholders and $wpdb->prepare(); found $query

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "buddypress_profile_completion_has_required_fields_complete".

Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 414:\n $query = $wpdb->prepare( "SELECT * FROM {$table} WHERE is_required = %d", 1 )\n$table assigned unsafely at line 412:\n $table = buddypress()->profile->table_name_fields

Use placeholders and $wpdb->prepare(); found $query

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$size'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$desc'.