WordPress.DB.DirectDatabaseQuery.DirectQuery
Direct Query
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #3451 | Manage – Centralized site maintenance and monitoring | 95 | 5 | 47 | 60k+ | Direct Query | ||
| #3452 | Mystery Themes Demo Importer | 95 | 76 | 7k+ | Non-prefixed global variable | |||
| #3453 | Pixelavo – Server Side Tracking & Pixel + AI Ads Tools | 95 | 12 | 2k+ | Direct Query | |||
| #3454 | Simple No Comments | 95 | 7 | 8 | 1k+ | Direct Query | ||
| #3455 | Simple Spoiler | 95 | 1 | 8 | 2k+ | Non-prefixed global variable | ||
| #3456 | Term Taxonomy Converter | 95 | 57 | 3 | 500 | Text Domain Mismatch | ||
| #3457 | LiveChat – Live Chat Plugin for WP Websites | 95 | 62 | 9 | 10k+ | Text Domain Mismatch | ||
| #3458 | WPGlobus for WPBakery Visual Composer | 95 | 4 | 7 | 2k+ | trademarked term | ||
| #3459 | Yoast Test Helper | 95 | 2 | 43 | 60k+ | Direct Query | ||
| #3460 | Allow Numeric Slugs | 96 | 5 | 2 | 900 | Direct Query | ||
| #3461 | Transient Cleaner | 96 | 3 | 64 | 1k+ | Non-prefixed global variable | ||
| #3462 | Bulk Datetime Change | 96 | 3 | 18 | 6k+ | Non-prefixed global variable | ||
| #3463 | Reduce Unused CSS Solution with Critical CSS For WP | 96 | 48 | 12 | 1k+ | wp function not compatible with requires wp | ||
| #3464 | Delete Post with Attachments | 96 | 2 | 15 | 1k+ | Direct Query | ||
| #3465 | Disable Media Pages | 96 | 8 | 10 | 10k+ | Missing Translators Comment | ||
| #3466 | Edit Custom Fields | 96 | 10 | 19 | 2k+ | Direct Query | ||
| #3467 | Fixed Bottom Menu | 96 | 15 | 45 | 5k+ | Non-prefixed hook name | ||
| #3468 | Reviewkit – Trustpilot Reviews Widget & Embed | 96 | 4 | 28 | 700 | Non-prefixed global variable | ||
| #3469 | PayPlus Payment Gateway | 96 | 87 | 1k+ | Non-prefixed class | |||
| #3470 | Plugins Condition | 96 | 3 | 30 | 1k+ | Non-prefixed global variable | ||
| #3471 | VK Dynamic If Block | 96 | 8 | 6 | 3k+ | date date | ||
| #3472 | Custom Product tabs for WooCommerce | 96 | 25 | 6 | 10k+ | wp function not compatible with requires wp | ||
| #3473 | Display Eventbrite Events | 96 | 31 | 3k+ | error log print r | |||
| #3474 | Variation Images Gallery for WooCommerce | 96 | 87 | 10k+ | Non-prefixed global variable | |||
| #3475 | WP Job Manager – Company Profiles | 96 | 3 | 10 | 2k+ | trademarked term | ||
| #3476 | Base (formerly BaseLinker) – 300+ marketplaces, 150+ carriers & PIM & OMS & WMS in one | 97 | 2 | 16 | 4k+ | Direct Query | ||
| #3477 | Clean Login | 97 | 2 | 13 | 6k+ | Non-prefixed hook name | ||
| #3478 | Disable New User Notification Emails | 97 | 2 | 6 | 4k+ | Non-prefixed hook name | ||
| #3479 | Exif Caption | 97 | 3 | 25 | 600 | Non-prefixed global variable | ||
| #3480 | GenerateBlocks | 97 | 9 | 8 | 200k+ | file system operations is writable | ||
| #3481 | Geo to Lat | 97 | 3 | 11 | 500 | Direct Query | ||
| #3482 | Organize Media Folder | 97 | 3 | 35 | 2k+ | Direct Query | ||
| #3483 | Page Management Dropdown | 97 | 3 | 3 | 600 | Direct Query | ||
| #3484 | Password bcrypt | 97 | 4 | 1 | 2k+ | Direct Query | ||
| #3485 | Power Boost for Gravity Forms | 97 | 7 | 10 | 500 | wp function not compatible with requires wp | ||
| #3486 | Quform WPML | 97 | 2 | 8 | 700 | trademarked term | ||
| #3487 | Simple Blog Card | 97 | 6 | 18 | 3k+ | Non-prefixed global variable | ||
| #3488 | Simple Content Templates for Blog Posts & Pages | 97 | 5 | 8 | 1k+ | Direct Query | ||
| #3489 | Surfer – WordPress Plugin | 97 | 1 | 25 | 6k+ | Direct Query | ||
| #3490 | SVG Support | 97 | 1 | 27 | 1m+ | Non-prefixed global variable | ||
| #3491 | Remote Website Management by Watchful | 97 | 4 | 12 | 3k+ | Direct Query | ||
| #3492 | WPMR Google Feed Manager for WooCommerce – Sell on Google Merchant Center & Shopping | 97 | 1 | 7 | 10k+ | trademarked term | ||
| #3493 | WP REST Yoast Meta | 97 | 2 | 8 | 1k+ | trademarked term | ||
| #3494 | WPC Product Size Chart for WooCommerce | 97 | 19 | 2k+ | Non-prefixed class | |||
| #3495 | WPC Share Cart for WooCommerce | 97 | 32 | 1k+ | Non-prefixed hook name | |||
| #3496 | ZIP from Media | 97 | 4 | 16 | 400 | Non-prefixed global variable | ||
| #3497 | BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot | 98 | 2 | 8 | 30k+ | Direct Query | ||
| #3498 | Broken Link Checker by AIOSEO – Find & Fix Broken Internal, External & Video Links | 98 | 1 | 15 | 300k+ | Non-prefixed global variable | ||
| #3499 | Change Author Link Structure | 98 | 1 | 5 | 800 | Direct Query | ||
| #3500 | Disable Generate Thumbnails | 98 | 1 | 14 | 6k+ | Non-prefixed global variable |