WordPress.DB.DirectDatabaseQuery.DirectQuery
Direct Query
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #2901 | Market Exporter | 93 | 10 | 20 | 1k+ | Non-prefixed hook name | ||
| #2902 | Version Info – Server Health Monitor, PHP & MySQL Version Display, Environment Indicators | 93 | 13 | 10k+ | Request data is not unslashed | |||
| #2903 | Serial Numbers – Ultimate License Manager for Selling, Licensing & Securely Delivering Digital Content with WooCommerce | 93 | 4 | 128 | 1k+ | Direct Query | ||
| #2904 | WooCommerce Analytics | 93 | 25 | 20k+ | Direct Query | |||
| #2905 | Gravity Forms Zero Spam | 94 | 4 | 9 | 100k+ | trademarked term | ||
| #2906 | JobBoardWP – Job Board Listings and Submissions | 94 | 12 | 44 | 1k+ | slow db query meta query | ||
| #2907 | LLMs.txt and LLMs-Full.txt Generator | 94 | 14 | 9 | 4k+ | Non-prefixed global variable | ||
| #2908 | Moving Media Library | 94 | 3 | 27 | 2k+ | Direct Query | ||
| #2909 | Photo Gallery – Image Gallery & Portfolio | 94 | 3 | 6 | 1k+ | Nonce verification recommended | ||
| #2910 | Seamless Sticky Custom Post Types | 94 | 8 | 5 | 1k+ | Missing Arg Domain | ||
| #2911 | Bulk Media Register | 95 | 8 | 35 | 8k+ | Non-prefixed hook name | ||
| #2912 | Statify – Extended Evaluation | 95 | 2 | 119 | 20k+ | Non-prefixed global variable | ||
| #2913 | Live Chat Plugin for WooCommerce – LiveChat | 95 | 62 | 10 | 1k+ | Text Domain Mismatch | ||
| #2914 | Manage – Centralized site maintenance and monitoring | 95 | 5 | 47 | 50k+ | Direct Query | ||
| #2915 | Mystery Themes Demo Importer | 95 | 76 | 7k+ | Non-prefixed global variable | |||
| #2916 | Pixelavo – Server Side Tracking & Pixel + AI Ads Tools | 95 | 12 | 2k+ | Direct Query | |||
| #2917 | Simple No Comments | 95 | 7 | 8 | 1k+ | Direct Query | ||
| #2918 | Simple Spoiler | 95 | 1 | 8 | 2k+ | Non-prefixed global variable | ||
| #2919 | LiveChat – Live Chat Plugin for WP Websites | 95 | 62 | 9 | 10k+ | Text Domain Mismatch | ||
| #2920 | WPGlobus for WPBakery Visual Composer | 95 | 4 | 7 | 2k+ | trademarked term | ||
| #2921 | Yoast Test Helper | 95 | 2 | 43 | 60k+ | Direct Query | ||
| #2922 | Allow Numeric Slugs | 96 | 5 | 2 | 900 | Direct Query | ||
| #2923 | Transient Cleaner | 96 | 3 | 64 | 1k+ | Non-prefixed global variable | ||
| #2924 | Bulk Datetime Change | 96 | 3 | 18 | 6k+ | Non-prefixed global variable | ||
| #2925 | Reduce Unused CSS Solution with Critical CSS For WP | 96 | 48 | 12 | 1k+ | wp function not compatible with requires wp | ||
| #2926 | Delete Post with Attachments | 96 | 2 | 15 | 1k+ | Direct Query | ||
| #2927 | Disable Media Pages | 96 | 8 | 10 | 10k+ | Missing Translators Comment | ||
| #2928 | Edit Custom Fields | 96 | 10 | 19 | 2k+ | Direct Query | ||
| #2929 | Fixed Bottom Menu | 96 | 15 | 45 | 5k+ | Non-prefixed hook name | ||
| #2930 | PayPlus Payment Gateway | 96 | 87 | 1k+ | Non-prefixed class | |||
| #2931 | Plugins Condition | 96 | 3 | 30 | 1k+ | Non-prefixed global variable | ||
| #2932 | VK Dynamic If Block | 96 | 8 | 6 | 3k+ | date date | ||
| #2933 | Custom Product tabs for WooCommerce | 96 | 25 | 6 | 10k+ | wp function not compatible with requires wp | ||
| #2934 | Display Eventbrite Events | 96 | 31 | 3k+ | error log print r | |||
| #2935 | Variation Images Gallery for WooCommerce | 96 | 87 | 10k+ | Non-prefixed global variable | |||
| #2936 | WP Job Manager – Company Profiles | 96 | 3 | 10 | 2k+ | trademarked term | ||
| #2937 | Base (formerly BaseLinker) – 300+ marketplaces, 150+ carriers & PIM & OMS & WMS in one | 97 | 2 | 16 | 4k+ | Direct Query | ||
| #2938 | Clean Login | 97 | 2 | 13 | 6k+ | Non-prefixed hook name | ||
| #2939 | Disable New User Notification Emails | 97 | 2 | 6 | 4k+ | Non-prefixed hook name | ||
| #2940 | GenerateBlocks | 97 | 9 | 8 | 200k+ | file system operations is writable | ||
| #2941 | Organize Media Folder | 97 | 3 | 35 | 2k+ | Direct Query | ||
| #2942 | Password bcrypt | 97 | 4 | 1 | 2k+ | Direct Query | ||
| #2943 | Simple Blog Card | 97 | 6 | 18 | 3k+ | Non-prefixed global variable | ||
| #2944 | Simple Content Templates for Blog Posts & Pages | 97 | 5 | 8 | 1k+ | Direct Query | ||
| #2945 | Surfer – WordPress Plugin | 97 | 1 | 25 | 6k+ | Direct Query | ||
| #2946 | SVG Support | 97 | 1 | 27 | 1m+ | Non-prefixed global variable | ||
| #2947 | Remote Website Management by Watchful | 97 | 4 | 12 | 4k+ | Direct Query | ||
| #2948 | WPMR Google Feed Manager for WooCommerce – Sell on Google Merchant Center & Shopping | 97 | 1 | 7 | 10k+ | trademarked term | ||
| #2949 | WP REST Yoast Meta | 97 | 2 | 8 | 1k+ | trademarked term | ||
| #2950 | WPC Product Size Chart for WooCommerce | 97 | 19 | 2k+ | Non-prefixed class |
