WordPress.DB.DirectDatabaseQuery.NoCaching
No Caching
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #2851 | wp-Monalisa | 48 | 56 | 94 | 700 | Direct Query | ||
| #2852 | WP Remote Users Sync | 48 | 355 | 117 | 6k+ | Text Domain Mismatch | ||
| #2853 | WS Action Scheduler Cleaner | 48 | 13 | 80 | 2k+ | error log error log | ||
| #2854 | SiteEase Bulk Delete Manager | 49 | 50 | 72 | 900 | Direct Query | ||
| #2855 | Analytics by BestWebSoft – Google Analytics Dashboard and Statistic Plugin for WordPress | 49 | 478 | 176 | 1k+ | Text Domain Mismatch | ||
| #2856 | CIO Custom Fields Importer | 49 | 23 | 8 | 500 | Output is not escaped | ||
| #2857 | Download Media Library | 49 | 22 | 40 | 1k+ | Text Domain Mismatch | ||
| #2858 | Drag and Drop Multiple File Upload for WooCommerce | 49 | 114 | 29 | 5k+ | Text Domain Mismatch | ||
| #2859 | GDPR Tools: comment ip removement | 49 | 18 | 13 | 2k+ | Unsafe printing function | ||
| #2860 | Easy Property Listings | 49 | 60 | 66 | 5k+ | wp function not compatible with requires wp | ||
| #2861 | Import into Easy Property Listings | 49 | 335 | 24 | 1k+ | Text Domain Mismatch | ||
| #2862 | Anti-Spam Protection – No API Key, GDPR Friendly | 49 | 2 | 106 | 1k+ | Direct Query | ||
| #2863 | GamiPress – Multimedia Content | 49 | 11 | 25 | 500 | Nonce verification recommended | ||
| #2864 | OneClick Chat to Order | 49 | 677 | 41 | 40k+ | Text Domain Mismatch | ||
| #2865 | Plugins Last Updated Column | 49 | 21 | 14 | 700 | Output is not escaped | ||
| #2866 | ReCrawler | 49 | 10 | 40 | 4k+ | Direct Query | ||
| #2867 | Search in Place | 49 | 74 | 57 | 3k+ | wp function not compatible with requires wp | ||
| #2868 | Secondary Product Image for WooCommerce | 49 | 25 | 29 | 2k+ | Output is not escaped | ||
| #2869 | Simple MyISAM to InnoDB | 49 | 11 | 22 | 1k+ | Output is not escaped | ||
| #2870 | SKT Themes Demo Import | 49 | 218 | 104 | 4k+ | Text Domain Mismatch | ||
| #2871 | Taxonomy Images | 49 | 38 | 50 | 9k+ | Output is not escaped | ||
| #2872 | Users by Date Registered | 49 | 13 | 20 | 1k+ | Nonce verification recommended | ||
| #2873 | Was This Helpful? | 49 | 19 | 28 | 1k+ | Output is not escaped | ||
| #2874 | PDF Invoices & Packing Slips for WooCommerce – Challan | 49 | 56 | 151 | 4k+ | Non-prefixed global variable | ||
| #2875 | Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit | 49 | 5 | 145 | 1k+ | Missing nonce verification | ||
| #2876 | WP Sitemap Page | 49 | 43 | 14 | 200k+ | Missing Translators Comment | ||
| #2877 | WP Smart Import : Import any XML File to WordPress | 49 | 28 | 302 | 1k+ | Non-prefixed global variable | ||
| #2878 | Auto Ping Booster Free | 50 | 18 | 21 | 900 | Setting is missing a sanitization callback | ||
| #2879 | BuddyPress Groups Extras | 50 | 30 | 51 | 400 | Missing direct file access protection | ||
| #2880 | File Manager | 50 | 42 | 72 | 10k+ | Missing direct file access protection | ||
| #2881 | Send Emails with Mandrill | 50 | 36 | 141 | 6k+ | Non-prefixed global variable | ||
| #2882 | Server Info – System Health & Diagnostics Suite | 50 | 15 | 46 | 3k+ | Input is not sanitized | ||
| #2883 | Simple User Listing | 50 | 27 | 56 | 900 | Non-prefixed global variable | ||
| #2884 | Table Addons for Elementor | 50 | 92 | 29 | 20k+ | wp function not compatible with requires wp | ||
| #2885 | Theme Demo Import | 50 | 101 | 95 | 5k+ | Non-prefixed hook name | ||
| #2886 | BestWebSoft's Twitter | 50 | 477 | 174 | 900 | Text Domain Mismatch | ||
| #2887 | User Activity Tracking and Log | 50 | 30 | 259 | 3k+ | Non-prefixed global variable | ||
| #2888 | WPML Multilingual for BuddyPress and BuddyBoss | 51 | 18 | 21 | 6k+ | SQL query is not prepared | ||
| #2889 | Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress | 51 | 3 | 116 | 1k+ | Missing nonce verification | ||
| #2890 | Firelight Lightbox | 51 | 78 | 97 | 200k+ | Non-prefixed global variable | ||
| #2891 | GamiPress – Reset User | 51 | 14 | 27 | 400 | Interpolated SQL is not prepared | ||
| #2892 | Interactive Globes – 3D World Maps | 51 | 24 | 104 | 400 | Non-prefixed global variable | ||
| #2893 | Lite Video Embed | 51 | 35 | 7 | 1k+ | Output is not escaped | ||
| #2894 | OnSale Page for WooCommerce | 51 | 30 | 44 | 2k+ | Text Domain Mismatch | ||
| #2895 | Quotes and Tips by BestWebSoft | 51 | 485 | 190 | 1k+ | Text Domain Mismatch | ||
| #2896 | SePay Gateway | 51 | 12 | 39 | 2k+ | Nonce verification recommended | ||
| #2897 | Popular Brand Icons – Simple Icons | 51 | 20 | 12 | 3k+ | Output is not escaped | ||
| #2898 | Trustpilot Reviews | 51 | 14 | 52 | 30k+ | Missing nonce verification | ||
| #2899 | Swift SMTP (formerly Welcome Email Editor) | 51 | 12 | 62 | 7k+ | Missing nonce verification | ||
| #2900 | WP Counter Up – Animated Number Counter & Milestone Showcase | 51 | 18 | 239 | 1k+ | Non-prefixed global variable |