WordPress.DB.DirectDatabaseQuery.DirectQuery

Direct Query

The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.

medium weight

Why It Shows Up

Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.

Why It Matters

Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.

How to Fix

  • Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
  • If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
  • Keep schema changes in activation or upgrade routines and make them idempotent.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#2501Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid3965726k+block api version too low
#2502Mail Subscribe List3917943k+Input is not validated
#2503Manage Enrollment for LearnDash394879400Unsafe printing function
#2504Markup by Attribute for WooCommerce39461022k+Direct Query
#2505Menubar39171461k+Output is not escaped
#2506Movable Type and TypePad Importer39422520k+Output is not escaped
#2507Social Proof Popups & Real-Time Notifications – Herd Effects3951811k+Non-prefixed global variable
#2508payever – WooCommerce Gateway39263131700Text Domain Mismatch
#2509Paystack Add-On for Gravity Forms399631400Text Domain Mismatch
#2510Permalink Manager for WooCommerce39116248k+Short PHP open tag found
#2511Query Multiple Taxonomies395541500Output is not escaped
#2512Quform Mailchimp3965147800Nonce verification recommended
#2513Quform Zapier39601231k+Nonce verification recommended
#2514Redirect 404 Error Page to Homepage or Custom Page with Logs39275310k+Nonce verification recommended
#2515Re Gallery – Responsive Image & Photo Gallery3916121700Missing nonce verification
#2516Reorder by Term3920841k+Request data is not unslashed
#2517Responsify WP399011600Unsafe printing function
#2518REST API Helper3910885500Unsafe printing function
#2519RioVizual — Table Blocks for Comparison, Pricing and Pros & Cons3932751k+Nonce verification recommended
#2520Serial Number for Contact Form 739105532k+Non Singular String Literal Domain
#2521Taxonomy Thumbnail3927583k+Non-prefixed function
#2522Shared Files – File Upload & Download Manager3951844k+Nonce verification recommended
#2523Shipping Simulator for WooCommerce39120395k+Text Domain Mismatch
#2524Show All Comments3910892400Nonce verification recommended
#2525Simple Membership WP user Import3922464k+Request data is not unslashed
#2526Simple Posts Ticker – Easy, Lightweight & Flexible39151282k+Output is not escaped
#2527Smaily for WP395236700Output is not escaped
#2528Smart Archives Reloaded3978361k+Non Singular String Literal Domain
#2529Solid Post Likes399652500Text Domain Mismatch
#2530Stock Ticker3992492k+Output is not escaped
#2531Substack Importer3933331k+Missing nonce verification
#2532Easy Category Icons395043600Text Domain Mismatch
#2533ThemeKit For WordPress3914949700Output is not escaped
#2534TomS reCAPTCHA39128256500Missing nonce verification
#2535Traffic Monitor3961431k+Direct Query
#2536User Blocker3962763k+Nonce verification recommended
#2537Accessibility by UserWay39223580k+Direct Query
#2538Smart Variation Swatches and Attribute Filters for WooCommerce3939503k+Output is not escaped
#2539Virtuaria Correios – Frete, Etiqueta, Rastreio e Declaração391881500Nonce verification recommended
#2540Smart COD for WooCommerce39502830k+Output is not escaped
#2541Website LLMs.txt391314540k+Non-prefixed global variable
#2542Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types398911720k+Unsafe printing function
#2543Combo Offers WooCommerce3938892k+Missing nonce verification
#2544Eurobank WooCommerce Payment Gateway3962632k+Non Singular String Literal Domain
#2545Wallet for WooCommerce393652420k+Non-prefixed hook name
#2546WooCommerce Product Dependencies3944603k+Missing nonce verification
#2547WP Accessibility3919910460k+Unsafe printing function
#2548WP Attachments3949443k+Output is not escaped
#2549WPEPP – Essential Security, Password Protect & Login Page Customizer3934293k+Unsupported Identifier Placeholder
#2550WP Limit Login Attempts39266710k+Direct Query