Database for Contact Form 7

Use placeholders and $wpdb->prepare(); found $search_to_date

Use placeholders and $wpdb->prepare(); found $sql

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7db_plugin_init".

Unescaped parameter $del_id used in $wpdb->query("DELETE FROM {$wpdb->prefix}cf7_data_entry WHERE data_id IN($del_id)")\n$del_id assigned unsafely at line 271:\n $del_id = cf7d_sanitize_arr( json_decode( stripslashes( $_POST['del_id'] ), true ) )\n$_POST['del_id'] used without escaping.

Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 27:\n $query = sprintf( 'SELECT * FROM `' . $wpdb->prefix . 'cf7_data_entry` WHERE `cf7_id` = %d AND data_id IN(SELECT * FROM (SELECT data_id FROM `' . $wpdb->prefix . 'cf7_data_entry` WHERE 1 = 1 AND `cf7_id` = ' . $fid . ' GROUP BY `data_id` ORDER BY ' . $cf7d_entry_order_by . ' %s) temp_table) ORDER BY ' . $cf7d_entry_order_by, $fid, $limit_query )

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7db_plugin_action_links".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wpcf7db_plugin_action_links_gopro".

Unescaped parameter $del_id used in $wpdb->query("DELETE FROM {$wpdb->prefix}cf7_data WHERE id IN($del_id)")\n$del_id assigned unsafely at line 271:\n $del_id = cf7d_sanitize_arr( json_decode( stripslashes( $_POST['del_id'] ), true ) )\n$_POST['del_id'] used without escaping.

Use placeholders and $wpdb->prepare(); found $query

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "cf7-db-forms-orderby".