Simple Event Registration & RSVP Management for WordPress
| Code | Message | Location | Category | |
|---|---|---|---|---|
| ERROR | PluginCheck.Security.DirectDB.UnescapedDBParameter | Unescaped parameter $sql used in $wpdb->get_results($wpdb->prepare( $sql, absint( $attendee_id ), absint( $attendee_id ), absint( $attendee_id ), absint( $attendee_id ) ))\n$sql assigned unsafely at line 1142:\n $sql = 'SELECT id, firstName FROM ' . ATTENDEES_TABLE .\r\n\t\t\t\t\t\t' WHERE (id IN (SELECT attendeeID FROM ' . ASSOCIATED_ATTENDEES_TABLE . ' WHERE associatedAttendeeID = %d)\r\n\t\t\tOR id in (SELECT associatedAttendeeID FROM ' . ASSOCIATED_ATTENDEES_TABLE . ' WHERE attendeeID = %d) OR\r\n \t\tid IN (SELECT waa1.attendeeID FROM ' . ASSOCIATED_ATTENDEES_TABLE . ' waa1\r\n \t\t\tINNER JOIN ' . ASSOCIATED_ATTENDEES_TABLE . ' waa2 ON waa2.attendeeID = waa1.attendeeID OR\r\n waa1.associatedAttendeeID = waa2.attendeeID\r\n \t\t\t\tWHERE waa2.associatedAttendeeID = %d AND waa1.attendeeID <> %d))'\n$associations assigned unsafely at line 1149:\n $associations = $wpdb->get_results( $wpdb->prepare( $sql, absint( $attendee_id ), absint( $attendee_id ), absint( $attendee_id ), absint( $attendee_id ) ) ) | 1149:26 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open file $filePath for reading."'. | 108:36 | Security |
| ERROR | WordPress.DB.PreparedSQL.NotPrepared | Use placeholders and $wpdb->prepare(); found $sql | 1149:55 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$readerType'. | 40:96 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open $filePath for reading! Stream wrapper used is not supported for this type of file."'. | 105:36 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open $filePath for reading! File does not exist."'. | 111:40 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open $filePath for reading! File is not readable."'. | 113:40 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open $filePath for reading! ({$exception->getMessage()})"'. | 122:36 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open $filePath for reading."'. | 57:36 | Security |
| ERROR | WordPress.Security.EscapeOutput.ExceptionNotEscaped | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Could not open \"{$contentXmlFilePath}\"."'. | 75:36 | Security |
| 11/14/2025, 11:57:54 AM | 31s | 5 | 382 | 609 |