WordPress.DB.DirectDatabaseQuery.NoCaching

No Caching

The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.

medium weight

Why It Shows Up

Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.

Why It Matters

Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.

How to Fix

  • Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
  • If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
  • Keep schema changes in activation or upgrade routines and make them idempotent.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#2801SX User Name Security46429900Output is not escaped
#2802Widget Disable46191910k+Output is not escaped
#2803WP All Import – Import SEO Settings for Yoast SEO46192620k+Nonce verification recommended
#2804404 Image Redirection (Replace Broken Images)4711885500Text Domain Mismatch
#2805Delete Duplicate Posts4795010k+Direct Query
#2806DPO Pay for WooCommerce4728411k+Non Singular String Literal Text
#2807Show IDs by Echo4721132k+Output is not escaped
#2808Extended CRM for Users Insights471123400Missing nonce verification
#2809Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator47448310k+Missing direct file access protection
#2810Log Emails4719296k+Non-prefixed global variable
#2811Real Media Library: Media Library Folder & File Manager471365100k+Direct Query
#2812Security Ninja For MainWP4724671500Text Domain Mismatch
#2813Tabby Checkout4733464k+Non-prefixed class
#2814Taxonomy Switcher4723362k+Nonce verification recommended
#2815The Tribal Plugin474362800Non-prefixed function
#2816Userback4713202k+Output is not escaped
#2817Simple Client Dashboard4738362k+Missing direct file access protection
#2818Website Article Monetization By MageNet47172410k+Output is not escaped
#2819FedaPay Gateway for WooCommerce472411700Output is not escaped
#2820WP Prefix Changer472716900Missing Arg Domain
#2821QuadLayers TikTok Feed4778527k+Text Domain Mismatch
#2822Post Status Notifications4798411k+Text Domain Mismatch
#2823Compress, Resize & Lazy Load Images – WPvivid Image Optimization471075810k+Missing direct file access protection
#2824XML Sitemap & Google News47270224100k+Non-prefixed global variable
#2825Add-on WooCommerce – MailPoet 3483021600Output is not escaped
#2826AffiliateWP – Store Credit484721400Output is not escaped
#2827AnWP Post Grid and Post Carousel Slider for Elementor4875817120k+Text Domain Mismatch
#2828Comment Notifier481055400Non-prefixed global variable
#2829Better Badge – Custom Product Badges for WooCommerce482147500Non Singular String Literal Domain
#2830Disable Author Pages482356k+Unsafe printing function
#2831Jetpack Social4882925430k+Text Domain Mismatch
#2832Library Bookshelves481259500Nonce verification recommended
#2833Seznam Webmaster48478700Output is not escaped
#2834Simple Custom Post Order481077300k+Direct Query
#2835FlexStock – Product Stock Sync with Google Sheets for WooCommerce48241700Direct Query
#2836Easy Updates Manager4813182300k+Non-prefixed global variable
#2837Tako Movable Comments4818391k+Input is not sanitized
#2838WPC Smart Wishlist for WooCommerce484438100k+Output is not escaped
#2839WP Attachment Export481625600Input is not sanitized
#2840wp-Monalisa485694700Direct Query
#2841WP Remote Users Sync483551176k+Text Domain Mismatch
#2842WS Action Scheduler Cleaner4813802k+error log error log
#2843SiteEase Bulk Delete Manager495072900Direct Query
#2844Analytics by BestWebSoft – Google Analytics Dashboard and Statistic Plugin for WordPress494781761k+Text Domain Mismatch
#2845CryptAPI Payment Gateway for WooCommerce4918523400Text Domain Mismatch
#2846CIO Custom Fields Importer49238500Output is not escaped
#2847Download Media Library4922401k+Text Domain Mismatch
#2848Drag and Drop Multiple File Upload for WooCommerce49114295k+Text Domain Mismatch
#2849GDPR Tools: comment ip removement4918132k+Unsafe printing function
#2850Easy Property Listings4960665k+wp function not compatible with requires wp