Name: Database Cleaner
Rating: 4.9
Author: Jordy Meow

Top Issues by File

Files with the highest concentration of issues in the latest scan

Issues Details

396 issues found in latest scan

	Code	Message	Location	Category
ERROR	`PluginCheck.Security.DirectDB.UnescapedDBParameter`	Unescaped parameter $where_type used in $wpdb->get_results($wpdb->prepare( "\n\t\t\tSELECT *\n\t\t\tFROM $wpdb->posts\n\t\t\tWHERE post_modified < %s\n\t\t\t$where_type\n\t\t\t$where_status\n\t\t\tLIMIT %d, %d\n\t\t\t",\n\t\t\t$before_date->format('Y-m-d H:i:s'), $offset, Meow_DBCLNR_Queries::$GET_LIMIT\n\t\t))\n$where_type used without escaping.	`classes/core.php:175:17`	Security
ERROR	`WordPress.Security.EscapeOutput.ExceptionNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$wpdb'.	`classes/queries/users_duplicated_user_meta.php:70:79`	Security
ERROR	`WordPress.WP.I18n.MissingArgDomain`	Missing $domain parameter in function call to __().	`common/news.php:84:25`	General
ERROR	`WordPress.WP.AlternativeFunctions.rand_mt_rand`	mt_rand() is discouraged. Use the far less predictable wp_rand() instead.	`common/news.php:59:25`	Plugin Repo
ERROR	`WordPress.WP.I18n.MissingTranslatorsComment`	A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.	`common/admin.php:202:20`	General
ERROR	`WordPress.WP.I18n.NonSingularStringLiteralDomain`	The $domain parameter must be a single text string literal. Found: $this->domain	`common/admin.php:202:77`	General
ERROR	`WordPress.Security.EscapeOutput.ExceptionNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$wpdb'.	`classes/queries/users_orphaned_user_meta.php:79:77`	Security
ERROR	`PluginCheck.Security.DirectDB.UnescapedDBParameter`	Unescaped parameter $query used in $wpdb->get_var($query)\n$query used without escaping.	`classes/core.php:189:20`	Security
ERROR	`WordPress.Security.EscapeOutput.ExceptionNotEscaped`	All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$wpdb'.	`classes/queries/comments_duplicated_comments_meta.php:64:83`	Security
ERROR	`WordPress.DB.PreparedSQL.NotPrepared`	Use placeholders and $wpdb->prepare(); found $query	`classes/core.php:189:29`	Security

396 total row(s)


16.12.2025, 07:00:19	14s	30	114	282
03.12.2025, 09:32:36	14s	30	114	282
13.11.2025, 18:49:07	17s	30	114	282

Database Cleaner

Security325

Plugin Repository35

General27

classes/admin.php75 issues in this fileTotal: 75Errors: 9Warnings: 66

classes/core.php69 issues in this fileTotal: 69Errors: 21Warnings: 48

common/admin.php20 issues in this fileTotal: 20Errors: 14Warnings: 6

classes/queries/posts_metadata_duplicated_post_meta.php18 issues in this fileTotal: 18Errors: 9Warnings: 9

common/news.php13 issues in this fileTotal: 13Errors: 9Warnings: 4

common/helpers.php13 issues in this fileTotal: 13Errors: 1Warnings: 12

common/ratings.php12 issues in this fileTotal: 12Errors: 9Warnings: 3

classes/queries/posts_metadata_orphaned_term_relationship.php12 issues in this fileTotal: 12Errors: 2Warnings: 10

classes/queries/users_orphaned_user_meta.php12 issues in this fileTotal: 12Errors: 2Warnings: 10

classes/queries/posts_metadata_orphaned_term_meta.php11 issues in this fileTotal: 11Errors: 1Warnings: 10