Connect WordPress with External APIs and create no-code custom WordPress REST API endpoints to interact with the WordPress database to perform SQL ope …
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | library_core_files | Library files that are already in the WordPress core are not permitted. | — | Plugin Repo |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $final_get_query | 135:51 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql_query | 224:37 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 215:\n $query = self::build_prepared_select_query(\r\n\t\t\t\t$table,\r\n\t\t\t\t$column_names,\r\n\t\t\t\t$query_condition,\r\n\t\t\t\t$where_values\r\n\t\t\t)\n$table assigned unsafely at line 214:\n $table = $wpdb->prefix . 'mo_external_api_config'\n$column_names assigned unsafely at line 209:\n $column_names = '*'\n$query_condition assigned unsafely at line 199:\n $query_condition = ' WHERE ' . implode( ' AND ', $where_clauses )\n$where_values assigned unsafely at line 197:\n $where_values[] = $column_value\n$configuration_type assigned unsafely at line 184:\n $configuration_type = $row_filter['type']\n$where_clauses assigned unsafely at line 196:\n $where_clauses[] = '`' . esc_sql( $column_name ) . '` = %s'\n$column_value used without escaping.\n$row_filter['type'] used without escaping.\n$where_values[] used without escaping. | 221:20 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $query | 221:33 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 224:\n $query = self::build_prepared_select_query(\r\n\t\t\t\t$table,\r\n\t\t\t\t$column_names,\r\n\t\t\t\t$query_condition,\r\n\t\t\t\t$where_values\r\n\t\t\t)\n$table assigned unsafely at line 223:\n $table = $wpdb->prefix . 'mo_custom_endpoint_config'\n$table assigned unsafely at line 214:\n $table = $wpdb->prefix . 'mo_external_api_config'\n$column_names assigned unsafely at line 209:\n $column_names = '*'\n$query_condition assigned unsafely at line 199:\n $query_condition = ' WHERE ' . implode( ' AND ', $where_clauses )\n$where_values assigned unsafely at line 197:\n $where_values[] = $column_value\n$configuration_type assigned unsafely at line 184:\n $configuration_type = $row_filter['type']\n$where_clauses assigned unsafely at line 196:\n $where_clauses[] = '`' . esc_sql( $column_name ) . '` = %s'\n$column_value used without escaping.\n$row_filter['type'] used without escaping.\n$where_values[] used without escaping. | 230:20 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $query | 230:33 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $query used in $wpdb->get_results($query)\n$query assigned unsafely at line 308:\n $query = self::build_prepared_select_query(\r\n\t\t\t$table,\r\n\t\t\t$column_names,\r\n\t\t\t$query_condition,\r\n\t\t\t$where_values\r\n\t\t)\n$table assigned unsafely at line 306:\n $table = $wpdb->prefix . 'mo_custom_endpoint_config'\n$table assigned unsafely at line 304:\n $table = $wpdb->prefix . 'mo_external_endpoint_config'\n$column_names assigned unsafely at line 299:\n $column_names = '`namespace`'\n$configuration_type assigned unsafely at line 298:\n $configuration_type = $table_configuration['type']\n$table_configuration['type'] used without escaping. | 314:19 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $query | 314:32 | Security |
| ERROR | PluginCheck.CodeAnalysis.Localhost.Found | Do not use Localhost/127.0.0.1/*.local in your code. Found: http://localhost/ | 887:1 | Plugin Repo |
| 15.11.2025, 01:16:08 | 19s | 92 | 11 | 16 |