WordPress.DB.DirectDatabaseQuery.NoCaching
No Caching
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Updated | Top Issue |
|---|---|---|---|---|---|---|---|
| #1251 | Fancy Comments WordPress | 34 | 359 | 39 | 2k+ | Unsafe printing function | |
| #1252 | FastPixel Cache – Optimize Page Speed: Compress Images, Minify, Clean Database & CDN | 34 | 49 | 324 | 4k+ | Request data is not unslashed | |
| #1253 | Reviews Widgets for Google, Yelp & TripAdvisor | 34 | 274 | 212 | 10k+ | Output is not escaped | |
| #1254 | Featured Video Plus | 34 | 99 | 105 | 10k+ | Non-prefixed global variable | |
| #1255 | Flash Toolkit | 34 | 159 | 242 | 10k+ | Non-prefixed global variable | |
| #1256 | FluentAuth – The Ultimate Authorization & Security Plugin for WordPress | 34 | 44 | 229 | 10k+ | Nonce verification recommended | |
| #1257 | Geolocation IP Detection | 34 | 227 | 167 | 20k+ | Output is not escaped | |
| #1258 | Greenshift – animation and page builder blocks | 34 | 33 | 272 | 70k+ | Non-prefixed global variable | |
| #1259 | HollerBox — Fast & Effective Popups & Lead-Generation | 34 | 78 | 92 | 2k+ | Output is not escaped | |
| #1260 | Image Cleanup | 34 | 52 | 94 | 1k+ | Nonce verification recommended | |
| #1261 | Import XML and RSS Feeds | 34 | 260 | 85 | 2k+ | Unsafe printing function | |
| #1262 | Inavii Social Feed – Live Social Proof Gallery | 34 | 532 | 180 | 9k+ | Text Domain Mismatch | |
| #1263 | JS Archive List | 34 | 99 | 31 | 3k+ | Output is not escaped | |
| #1264 | Lenix Leads Collector | 34 | 414 | 242 | 10k+ | Text Domain Mismatch | |
| #1265 | MailChimp Forms by MailMunch | 34 | 116 | 94 | 10k+ | Output is not escaped | |
| #1266 | MantraBrain Starter Sites | MantraBrain Theme Demo Importer | 34 | 117 | 61 | 1k+ | Output is not escaped | |
| #1267 | Melhor Envio | 34 | 24 | 276 | 10k+ | Nonce verification recommended | |
| #1268 | Meow Lightbox | 34 | 75 | 52 | 10k+ | Non Singular String Literal Domain | |
| #1269 | Montonio for WooCommerce | 34 | 44 | 257 | 10k+ | Non-prefixed global variable | |
| #1270 | Multi Step Form | 34 | 277 | 136 | 9k+ | Output is not escaped | |
| #1271 | Ni WooCommerce Custom Order Status | 34 | 256 | 139 | 2k+ | Text Domain Mismatch | |
| #1272 | One User Avatar | User Profile Picture | 34 | 68 | 190 | 100k+ | Non-prefixed global variable | |
| #1273 | Optima Express IDX | 34 | 71 | 237 | 10k+ | Non-prefixed class | |
| #1274 | Child Theme Creator by Orbisius | 34 | 86 | 39 | 10k+ | Output is not escaped | |
| #1275 | Payoneer Checkout | 34 | 168 | 41 | 6k+ | Exception output is not escaped | |
| #1276 | PushEngage – Web Push Notifications, WooCommerce Automation & Chat Widget | 34 | 54 | 304 | 9k+ | Missing nonce verification | |
| #1277 | PW WooCommerce Bulk Edit | 34 | 219 | 149 | 20k+ | Unsafe printing function | |
| #1278 | PW WooCommerce Gift Cards | 34 | 238 | 185 | 20k+ | Output is not escaped | |
| #1279 | Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers | 34 | 261 | 863 | 30k+ | Non-prefixed global variable | |
| #1280 | Redirection | 34 | 32 | 293 | 2m+ | Non-prefixed class | |
| #1281 | Responsive Filterable Portfolio | 34 | 441 | 156 | 1k+ | Output is not escaped | |
| #1282 | Responsive Menu – Create Mobile-Friendly Menu | 34 | 68 | 40 | 70k+ | Nonce verification recommended | |
| #1283 | RTMForm Builder | 34 | 188 | 209 | 30k+ | Text Domain Mismatch | |
| #1284 | Search Engine Insights for Google Search Console | 34 | 174 | 113 | 2k+ | Output is not escaped | |
| #1285 | Search Meter | 34 | 191 | 94 | 20k+ | Output is not escaped | |
| #1286 | Seriously Simple Stats | 34 | 99 | 126 | 5k+ | Output is not escaped | |
| #1287 | TaxJar – Sales Tax Automation for WooCommerce | 34 | 236 | 170 | 5k+ | Text Domain Mismatch | |
| #1288 | Testimonial Slider | 34 | 448 | 262 | 3k+ | Unsafe printing function | |
| #1289 | Advance Product Search- Voice & Ajax Search for WooCommerce | 34 | 131 | 95 | 10k+ | Text Domain Mismatch | |
| #1290 | Throws SPAM Away | 34 | 327 | 123 | 10k+ | Missing Arg Domain | |
| #1291 | Tools for Twitter | 34 | 135 | 87 | 1k+ | Output is not escaped | |
| #1292 | Visual Form Builder | 34 | 82 | 329 | 20k+ | Direct Query | |
| #1293 | Abandoned Cart Reports For WooCommerce | 34 | 133 | 163 | 2k+ | Output is not escaped | |
| #1294 | Donation Platform for WooCommerce: Fundraising & Donation Management | 34 | 331 | 448 | 7k+ | Non-prefixed global variable | |
| #1295 | Simple Discount Rules for Woocommerce | 34 | 175 | 214 | 5k+ | Nonce verification recommended | |
| #1296 | Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin | 34 | 230 | 154 | 2k+ | Output is not escaped | |
| #1297 | Advanced Free Shipping for WooCommerce | 34 | 270 | 132 | 40k+ | Text Domain Mismatch | |
| #1298 | Easy Booking – WooCommerce Booking & Reservation Plugin | 34 | 138 | 172 | 4k+ | Output is not escaped | |
| #1299 | Product Tabs for WooCommerce | 34 | 196 | 93 | 10k+ | Text Domain Mismatch | |
| #1300 | WP-Cron Status Checker | 34 | 277 | 111 | 5k+ | Text Domain Mismatch |
