LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$course_item_types".

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$screens_show_search_author_field".

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$screens_show_search_author_field".

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$show_search_author_field".

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$input_id".

Use placeholders and $wpdb->prepare(); found $query

Unescaped parameter $query used in $wpdb->get_row($query)\n$query assigned unsafely at line 480:\n $query = $this->wpdb->prepare(\r\n\t\t\t"SELECT user_item_id, user_id, item_id, item_type, status, graduation, ref_id, ref_type, start_time, end_time, parent_id\r\n\t\t\tFROM $this->tb_lp_user_items\r\n\t\t\t$WHERE\r\n\t\t\tAND item_id = %d\r\n\t\t\tAND user_id = %d\r\n\t\t\tORDER BY user_item_id DESC\r\n\t\t\tLIMIT 1\r\n\t\t\t",\r\n\t\t\t$filter->item_id,\r\n\t\t\t$filter->user_id\r\n\t\t)\n$WHERE assigned unsafely at line 462:\n $WHERE = 'WHERE 1=1 '\n$filter->parent_id used without escaping.

Use placeholders and $wpdb->prepare(); found $query

Unescaped parameter $query used in $wpdb->get_col($query)\n$query assigned unsafely at line 550:\n $query = $this->wpdb->prepare(\r\n\t\t\t\t"SELECT user_item_id FROM $this->tb_lp_user_items\r\n\t\t\t\tWHERE item_id = %d\r\n\t\t\t\tAND item_type = %s\r\n\t\t\t\t",\r\n\t\t\t\t$filter->item_id,\r\n\t\t\t\tLP_COURSE_CPT\r\n\t\t\t)

Use placeholders and $wpdb->prepare(); found $query