This plugin is intended primarily for developers that need to allow clients to preview sites before being available to the general public or to tempor …
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 198:\n $sql = "SELECT access_key FROM {$wpdb->prefix}{$this->admin_options_name}_access_keys WHERE active = 1" | 199:31 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 199:43 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 377:\n $sql = $wpdb->prepare("DELETE FROM $tbl WHERE id = %d", $ip_id)\n$tbl assigned unsafely at line 375:\n $tbl = $wpdb->prefix . $this->admin_options_name . '_unrestricted_ips' | 378:33 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_row($sql)\n$sql assigned unsafely at line 461:\n $sql = $wpdb->prepare("SELECT * FROM $tbl WHERE id = %d", $ak_id)\n$tbl assigned unsafely at line 459:\n $tbl = $wpdb->prefix . $this->admin_options_name . '_access_keys' | 462:33 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 462:41 | Security |
| ERROR | WordPress.WP.I18n.MissingTranslatorsComment | A function call to _x() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. | 464:48 | General |
| ERROR | WordPress.WP.I18n.MissingTranslatorsComment | A function call to _x() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. | 465:48 | General |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 378:39 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 44:\n $sql = $wpdb->prepare("CREATE TABLE $tbl (id int auto_increment primary key, `name` varchar(100), access_key varchar(20), email varchar(100), created_at datetime NOT NULL DEFAULT %s, active int(1) NOT NULL DEFAULT 1)", $def_time)\n$tbl assigned unsafely at line 42:\n $tbl = $wpdb->prefix . $this->admin_options_name . "_access_keys" | 45:24 | Security |
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_results($sql)\n$sql assigned unsafely at line 496:\n $sql = "SELECT * FROM {$wpdb->prefix}{$this->admin_options_name}_unrestricted_ips ORDER BY `name`" | 497:35 | Security |
| 11/13/2025, 10:24:31 PM | 11s | 53 | 89 | 106 |