WordPress.DB.DirectDatabaseQuery.NoCaching
No Caching
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1001 | TrueBooker – Appointment Booking and Scheduler System | 25 | 529 | 2,743 | 600 | Non-prefixed global variable | ||
| #1002 | Spectra Gutenberg Blocks – Website Builder for the Block Editor | 25 | 253 | 3,227 | 1m+ | Non-prefixed global variable | ||
| #1003 | Ultimate Blocks – 25+ Gutenberg Blocks for Block Editor | 25 | 690 | 1,581 | 50k+ | Non-prefixed global variable | ||
| #1004 | Ultimate Post Kit Addons for Elementor | 25 | 182 | 412 | 30k+ | Missing nonce verification | ||
| #1005 | Vayu Blocks – Website Builder for the Gutenberg Block Editor | 25 | 174 | 233 | 1k+ | Text Domain Mismatch | ||
| #1006 | Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP | 25 | 298 | 1,010 | 500 | Request data is not unslashed | ||
| #1007 | 3D viewer by Visody | 25 | 832 | 1,322 | 1k+ | Non-prefixed global variable | ||
| #1008 | WC Disable Zoom / Lightbox features | 25 | 529 | 1,297 | 700 | Non-prefixed global variable | ||
| #1009 | Product Customer List for WooCommerce | 25 | 610 | 1,334 | 9k+ | Non-prefixed global variable | ||
| #1010 | weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot | 25 | 279 | 518 | 4k+ | Non-prefixed global variable | ||
| #1011 | weForms – Easy Drag & Drop Contact Form Builder For WordPress | 25 | 916 | 450 | 10k+ | Output is not escaped | ||
| #1012 | Secure Gateway for Authorize.net and WooCommerce by Pledged Plugins | 25 | 907 | 1,418 | 10k+ | Non-prefixed global variable | ||
| #1013 | Digital Goods (Checkout Field Editor) for WooCommerce Checkout | 25 | 539 | 1,479 | 3k+ | Non-prefixed global variable | ||
| #1014 | Dynamic Pricing and Discount Rules for WooCommerce | 25 | 531 | 1,569 | 600 | Non-prefixed global variable | ||
| #1015 | PDF Builder for WooCommerce. Create invoices,packing slips and more | 25 | 372 | 503 | 2k+ | Non-prefixed global variable | ||
| #1016 | Product Table for WooCommerce | 25 | 183 | 896 | 5k+ | Non-prefixed global variable | ||
| #1017 | Payment Plugins for Stripe WooCommerce | 25 | 348 | 772 | 100k+ | Non-prefixed global variable | ||
| #1018 | Pay with Vipps and MobilePay for WooCommerce | 25 | 846 | 514 | 5k+ | Output is not escaped | ||
| #1019 | HUSKY – Products Filter Professional for WooCommerce | 25 | 1,895 | 90k+ | Non-prefixed global variable | |||
| #1020 | Wordfence Login Security | 25 | 248 | 418 | 70k+ | Output is not escaped | ||
| #1021 | WordPress Importer | 25 | 238 | 110 | 2m+ | Output is not escaped | ||
| #1022 | WP Airbnb Review Slider | 25 | 325 | 646 | 1k+ | Non-prefixed global variable | ||
| #1023 | Super Page Cache – Cloudflare Cache, Page Speed & Core Web Vitals | 25 | 137 | 353 | 60k+ | Input is not sanitized | ||
| #1024 | WP Coupons and Deals – WordPress Coupon Plugin | 25 | 914 | 1,460 | 1k+ | Non-prefixed global variable | ||
| #1025 | WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards | 25 | 1,431 | 1,270 | 10k+ | Output is not escaped | ||
| #1026 | WP-DownloadManager | 25 | 607 | 508 | 3k+ | Unsafe printing function | ||
| #1027 | WP Review Slider | 25 | 1,186 | 2,279 | 6k+ | Non-prefixed global variable | ||
| #1028 | WP Go Maps – Google Map, OpenStreetMap, Leaflet Map | 25 | 4,996 | 1,008 | 300k+ | Unsafe printing function | ||
| #1029 | WP Google Review Slider | 25 | 1,367 | 2,582 | 30k+ | Non-prefixed global variable | ||
| #1030 | WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan | 25 | 727 | 1,554 | 50k+ | Non-prefixed global variable | ||
| #1031 | Nested Pages | 25 | 674 | 560 | 90k+ | Non-prefixed global variable | ||
| #1032 | WP Photo Album Plus | 25 | 3 | 1,799 | 10k+ | Direct Query | ||
| #1033 | WP-Polls | 25 | 618 | 639 | 40k+ | Unsafe printing function | ||
| #1034 | WP Popups – WordPress Popup builder | 25 | 440 | 342 | 30k+ | Output is not escaped | ||
| #1035 | Perfect Images: Regenerate Thumbnails, Image Sizes, WebP & AVIF | 25 | 154 | 118 | 60k+ | Non-prefixed global variable | ||
| #1036 | SlimStat Analytics | 25 | 1,177 | 870 | 70k+ | Exception output is not escaped | ||
| #1037 | Smush – Image Optimization, Compression, Lazy Load, WebP & CDN | 25 | 252 | 566 | 1m+ | Non-prefixed hook name | ||
| #1038 | Wp Social Login and Register Social Counter | 25 | 80 | 738 | 90k+ | Non-prefixed global variable | ||
| #1039 | WP Spell Check | 25 | 6 | 4,390 | 2k+ | Direct Query | ||
| #1040 | WP Statistics – Simple, privacy-friendly Google Analytics alternative | 25 | 610 | 2,465 | 600k+ | Non-prefixed global variable | ||
| #1041 | WP Super Cache | 25 | 800 | 989 | 1m+ | Output is not escaped | ||
| #1042 | WP Time Slots Booking Form | 25 | 439 | 1,137 | 1k+ | Non-prefixed global variable | ||
| #1043 | WP TripAdvisor Review Slider | 25 | 958 | 2,058 | 8k+ | Non-prefixed global variable | ||
| #1044 | WP Yelp Review Slider | 25 | 429 | 645 | 1k+ | Non-prefixed global variable | ||
| #1045 | WPCargo Track & Trace | 25 | 239 | 557 | 10k+ | Non-prefixed global variable | ||
| #1046 | Team Members Showcase | 25 | 591 | 1,494 | 4k+ | Non-prefixed global variable | ||
| #1047 | WPvivid Backup for MainWP | 25 | 818 | 1,794 | 10k+ | Missing nonce verification | ||
| #1048 | WPvivid — Backup, Migration & Staging | 25 | 899 | 1,461 | 900k+ | Non-prefixed namespace | ||
| #1049 | Backup, Restore and Migrate your sites with XCloner | 25 | 238 | 864 | 10k+ | Input is not sanitized | ||
| #1050 | YeeMail — Email Template Builder & Customizer | 25 | 606 | 222 | 600 | wp function not compatible with requires wp |
