WordPress.DB.DirectDatabaseQuery.NoCaching
No Caching
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #2951 | All in One SEO Pack Importer | 56 | 17 | 25 | 500 | Direct Query | ||
| #2952 | Booking Calendar | 56 | 16 | 40 | 50k+ | wp function not compatible with requires wp | ||
| #2953 | SMTP by BestWebSoft | 56 | 486 | 175 | 1k+ | Text Domain Mismatch | ||
| #2954 | Fluent Connect – Connect ThriveCart with your WordPress and FluentCRM | 56 | 37 | 54 | 600 | curl curl setopt | ||
| #2955 | CIELO API PIX, credit card, debit payment for WooCommerce | 56 | 11 | 121 | 700 | Nonce verification recommended | ||
| #2956 | PuzzleMe – Interactive Puzzles for WordPress – Easily publish crosswords, quizzes, word searches and more | 56 | 36 | 15 | 1k+ | Output is not escaped | ||
| #2957 | Replace Protected Password | 56 | 6 | 18 | 600 | Input is not sanitized | ||
| #2958 | Subscription & Recurring Payment for WooCommerce | 56 | 8 | 485 | 800 | Non-prefixed global variable | ||
| #2959 | TableKit: Table Builder Blocks for Gutenberg | 56 | 80 | 20 | 3k+ | Missing Translators Comment | ||
| #2960 | WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance | 56 | 5 | 769 | 1m+ | Non-prefixed global variable | ||
| #2961 | Social Chat – Click To Chat App Button | 56 | 81 | 45 | 200k+ | Text Domain Mismatch | ||
| #2962 | Pantheon Migrations | 57 | 15 | 26 | 1k+ | Output is not escaped | ||
| #2963 | BestWebSoft’s Pinterest | 57 | 490 | 176 | 500 | Text Domain Mismatch | ||
| #2964 | Delete Pending Comments | 57 | 16 | 11 | 10k+ | Unsafe printing function | ||
| #2965 | APG Google Image Sitemap Feed | 57 | 36 | 33 | 900 | Non-prefixed global variable | ||
| #2966 | iConvert Promoter | 57 | 98 | 217 | 1k+ | Non-prefixed global variable | ||
| #2967 | Internal Link Juicer: SEO Auto Linker for WordPress | 57 | 12 | 61 | 90k+ | Database parameter is not escaped | ||
| #2968 | JSON API User | 57 | 17 | 34 | 1k+ | Non-prefixed hook name | ||
| #2969 | Longer Permalinks | 57 | 27 | 21 | 8k+ | Missing Arg Domain | ||
| #2970 | MC4WP: Mailchimp for WordPress | 57 | 238 | 1m+ | Non-prefixed global variable | |||
| #2971 | Remove admin menus by role | 57 | 5 | 54 | 8k+ | Input is not validated | ||
| #2972 | Search Exclude | 57 | 73 | 40 | 50k+ | Text Domain Mismatch | ||
| #2973 | Ultimate Member – Terms & Conditions | 57 | 19 | 9 | 4k+ | Output is not escaped | ||
| #2974 | Filter Orders by Product for WooCommerce | 57 | 9 | 21 | 4k+ | Nonce verification recommended | ||
| #2975 | Sequential Order Numbers for WooCommerce | 57 | 9 | 24 | 10k+ | Interpolated SQL is not prepared | ||
| #2976 | WP Adsterra Dashboard | 57 | 22 | 21 | 400 | wp function not compatible with requires wp | ||
| #2977 | WP Table Builder – Drag & Drop Table Builder | 57 | 63 | 39 | 50k+ | Not Allowed | ||
| #2978 | XML Feed for Skroutz & BestPrice for WooCommerce | 57 | 12 | 50 | 600 | Input is not sanitized | ||
| #2979 | BCM Duplicate Menu | 58 | 8 | 11 | 4k+ | Nonce verification recommended | ||
| #2980 | Contact Form DB for Enfold | 58 | 21 | 14 | 700 | Output is not escaped | ||
| #2981 | Debloat – Remove Unused CSS, Optimize JS | 58 | 24 | 20 | 30k+ | Nonce verification recommended | ||
| #2982 | Error Log Viewer by BestWebSoft | 58 | 433 | 172 | 6k+ | Text Domain Mismatch | ||
| #2983 | flowpaper | 58 | 14 | 31 | 10k+ | Non-prefixed function | ||
| #2984 | HAL | 58 | 106 | 24 | 500 | Text Domain Mismatch | ||
| #2985 | PW WooCommerce BOGO | 58 | 30 | 8 | 400 | Unsafe printing function | ||
| #2986 | Videopack | 58 | 28 | 108 | 10k+ | Input is not sanitized | ||
| #2987 | View Admin As | 58 | 307 | 135 | 9k+ | Non Singular String Literal Domain | ||
| #2988 | Social Media Auto Poster – Schedule & Publish to Buffer | 58 | 23 | 210 | 8k+ | Dynamic hook name | ||
| #2989 | Custom API for WP | 59 | 173 | 16 | 1k+ | wp function not compatible with requires wp | ||
| #2990 | Display Post Types – Post Grid, post list and post sliders | 59 | 24 | 14 | 7k+ | Output is not escaped | ||
| #2991 | Fathom Analytics Conversions | 59 | 14 | 47 | 400 | Non-prefixed function | ||
| #2992 | UltraPress – AI Assistant, Chatbot & SEO | 59 | 12 | 38 | 800 | Non-prefixed global variable | ||
| #2993 | Virtuaria PagBank / PagSeguro for WooCommerce | 59 | 150 | 1k+ | Non-prefixed global variable | |||
| #2994 | Hide Posts | 59 | 9 | 70 | 20k+ | Direct Query | ||
| #2995 | Ultimate Gift Cards for WooCommerce | 59 | 3 | 448 | 7k+ | Non-prefixed global variable | ||
| #2996 | GST Invoice for WooCommerce | 59 | 10 | 42 | 1k+ | Missing nonce verification | ||
| #2997 | Variation Swatches for WooCommerce | 59 | 11 | 64 | 300k+ | Non-prefixed global variable | ||
| #2998 | RevivePress – Keep your Old Content Evergreen | 59 | 27 | 46 | 5k+ | date date | ||
| #2999 | Accesibilidad Web con el Widget de AccedeMe | 60 | 22 | 23 | 1k+ | Text Domain Mismatch | ||
| #3000 | EPROLO-Dropshipping | 60 | 16 | 34 | 1k+ | Missing nonce verification |