WordPress.DB.DirectDatabaseQuery.NoCaching
No Caching
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #2551 | Broken Link Notifier | 40 | 11 | 193 | 1k+ | Non-prefixed global variable | ||
| #2552 | Bubble Menu – Floating Button Menu with Sticky Navigation | 40 | 2 | 216 | 1k+ | Nonce verification recommended | ||
| #2553 | BuddyPress Profile Completion | 40 | 28 | 30 | 500 | Output is not escaped | ||
| #2554 | Bulk Delete Comments | 40 | 16 | 61 | 5k+ | Direct Query | ||
| #2555 | Bulk Move | 40 | 85 | 44 | 9k+ | Unsafe printing function | ||
| #2556 | Coming soon Page | 40 | 24 | 18 | 500 | Text Domain Mismatch | ||
| #2557 | Contact Form 7 to Mailjet | 40 | 70 | 39 | 600 | Output is not escaped | ||
| #2558 | Complete Image Sitemap | 40 | 55 | 18 | 1k+ | Output is not escaped | ||
| #2559 | Database Addon for Contact Form 7 – CFDB7 | 40 | 35 | 56 | 600k+ | Nonce verification recommended | ||
| #2560 | Copyscape Premium | 40 | 148 | 133 | 800 | SQL query is not prepared | ||
| #2561 | Country State City Dropdown CF7 | 40 | 35 | 54 | 5k+ | Direct Query | ||
| #2562 | Coupon Generator for WooCommerce | 40 | 39 | 28 | 10k+ | Unsafe printing function | ||
| #2563 | Cron Logger | 40 | 49 | 36 | 1k+ | Output is not escaped | ||
| #2564 | Cryptocurrency Widgets Pack | 40 | 222 | 52 | 700 | Unsafe printing function | ||
| #2565 | Custom Contact Forms | 40 | 13 | 106 | 6k+ | Missing nonce verification | ||
| #2566 | Delete Me | 40 | 116 | 17 | 7k+ | Output is not escaped | ||
| #2567 | Easy Image Collage | 40 | 96 | 18 | 4k+ | Unsafe printing function | ||
| #2568 | Enhanced Custom Permalinks | 40 | 51 | 82 | 1k+ | Nonce verification recommended | ||
| #2569 | Eventer | 40 | 61 | 55 | 1k+ | Output is not escaped | ||
| #2570 | Expiring Posts | 40 | 52 | 20 | 900 | Missing Arg Domain | ||
| #2571 | FameTheme Demo Importer | 40 | 8 | 74 | 30k+ | Nonce verification recommended | ||
| #2572 | FAQ Concertina | 40 | 43 | 16 | 700 | Output is not escaped | ||
| #2573 | Flamingo | 40 | 15 | 228 | 800k+ | Nonce verification recommended | ||
| #2574 | GetPaid > Item Inventory | 40 | 112 | 52 | 400 | Text Domain Mismatch | ||
| #2575 | Product Enquiry for WooCommerce | 40 | 57 | 41 | 3k+ | Output is not escaped | ||
| #2576 | Hostinger Reach – AI-Powered Email Marketing for WordPress | 40 | 9 | 46 | 1m+ | Direct Query | ||
| #2577 | iNext Woo Pincode Checker | 40 | 36 | 82 | 700 | Missing nonce verification | ||
| #2578 | Internal Linking of Related Contents | 40 | 714 | 47 | 1k+ | Output is not escaped | ||
| #2579 | Invite Anyone | 40 | 32 | 130 | 1k+ | Non-prefixed hook name | ||
| #2580 | JSM Show Order Metadata for WooCommerce HPOS | 40 | 17 | 64 | 700 | Nonce verification recommended | ||
| #2581 | JSM Show Post Metadata | 40 | 15 | 66 | 10k+ | Nonce verification recommended | ||
| #2582 | JSM Show Term Metadata | 40 | 14 | 64 | 900 | Nonce verification recommended | ||
| #2583 | JSM Show User Metadata | 40 | 14 | 64 | 3k+ | Nonce verification recommended | ||
| #2584 | La Sentinelle antispam | 40 | 88 | 46 | 3k+ | Output is not escaped | ||
| #2585 | Links shortcode | 40 | 73 | 13 | 900 | Unsafe printing function | ||
| #2586 | Listdomer Core | 40 | 45 | 92 | 400 | Non-prefixed global variable | ||
| #2587 | WP All Import – Listings Import for Listify | 40 | 34 | 27 | 400 | Output is not escaped | ||
| #2588 | LLM Bot Tracker – AI Crawler Detection & Analytics | 40 | 18 | 90 | 700 | Database parameter is not escaped | ||
| #2589 | Logbook | 40 | 33 | 59 | 2k+ | Nonce verification recommended | ||
| #2590 | Mass Email To Users | 40 | 84 | 81 | 800 | Output is not escaped | ||
| #2591 | Modal Window – create popup modal window | 40 | 4 | 170 | 10k+ | Non-prefixed global variable | ||
| #2592 | Multiple Featured Images | 40 | 50 | 22 | 5k+ | Output is not escaped | ||
| #2593 | NextGEN Gallery Sidebar Widget | 40 | 59 | 10 | 600 | Output is not escaped | ||
| #2594 | Page Comments Off Please | 40 | 17 | 29 | 1k+ | Nonce verification recommended | ||
| #2595 | Paystack MemberPress | 40 | 71 | 76 | 400 | Output is not escaped | ||
| #2596 | Permalink Manager for WooCommerce | 40 | 115 | 20 | 8k+ | Short PHP open tag found | ||
| #2597 | Plugin Load Filter | 40 | 76 | 112 | 7k+ | Text Domain Mismatch | ||
| #2598 | Requirements Checklist | 40 | 200 | 22 | 900 | Output is not escaped | ||
| #2599 | Private Google Calendars | 40 | 227 | 37 | 1k+ | Output is not escaped | ||
| #2600 | Quiz Cat – WordPress Quiz Plugin | 40 | 151 | 69 | 4k+ | Output is not escaped |