WordPress.DB.DirectDatabaseQuery.NoCaching
No Caching
The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.
Why It Shows Up
Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.
Why It Matters
Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.
How to Fix
- Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
- If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
- Keep schema changes in activation or upgrade routines and make them idempotent.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #3001 | Product Labels, Quick View, Buy Now, Pre-Orders, Frequently Bought Together & More for WooCommerce – Merchant | 60 | 11 | 740 | 10k+ | Non-prefixed global variable | ||
| #3002 | Post Duplicator | 60 | 33 | 24 | 200k+ | Missing direct file access protection | ||
| #3003 | Stream | 60 | 24 | 99 | 80k+ | Direct Query | ||
| #3004 | WPB Popup for Contact Form 7 – Showing Contact Form 7 Popup on Button Click | 60 | 21 | 9 | 6k+ | Output is not escaped | ||
| #3005 | WPSSO Schema Product Metadata for WooCommerce | 60 | 33 | 23 | 500 | Missing Translators Comment | ||
| #3006 | CommerceBird – AI Command Center, ERP Integrations & B2B for WooCommerce (Zoho, Exact Online). | 61 | 3 | 162 | 500 | Direct Query | ||
| #3007 | ELEX WooCommerce Catalog Mode | 61 | 97 | 49 | 10k+ | Text Domain Mismatch | ||
| #3008 | GetPaid Stripe Payments | 61 | 206 | 44 | 2k+ | Text Domain Mismatch | ||
| #3009 | Media Library Helper — Bulk edit image ALT, caption & description | 61 | 16 | 70 | 10k+ | Non-prefixed global variable | ||
| #3010 | Powerkit – Supercharge your WordPress Site | 61 | 67 | 115 | 10k+ | Non-prefixed global variable | ||
| #3011 | PW WooCommerce Copy Coupon | 61 | 15 | 17 | 1k+ | Text Domain Mismatch | ||
| #3012 | SEOPress for MainWP | 61 | 240 | 106 | 900 | Text Domain Mismatch | ||
| #3013 | Slider Factory | 61 | 3 | 414 | 2k+ | Non-prefixed global variable | ||
| #3014 | Show Variations as Single Products for WooCommerce | 61 | 12 | 27 | 500 | Unsafe printing function | ||
| #3015 | WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce | 61 | 22 | 74 | 1k+ | Non-prefixed global variable | ||
| #3016 | AAM Protected Media Files | 62 | 13 | 10 | 600 | Direct Query | ||
| #3017 | Add Meta Tag Keywords | 62 | 6 | 15 | 1k+ | Missing nonce verification | ||
| #3018 | Contact Form 7 – Blacklist Unwanted Email | 62 | 16 | 11 | 400 | Missing direct file access protection | ||
| #3019 | Bulk Page Creator | 62 | 9 | 17 | 10k+ | Request data is not unslashed | ||
| #3020 | Cloudways WordPress Migrator | 62 | 15 | 25 | 20k+ | Output is not escaped | ||
| #3021 | Carousel Slider | 62 | 71 | 30k+ | Non-prefixed global variable | |||
| #3022 | Kit (formerly ConvertKit) – Email Newsletter, Email Marketing, Membership, Subscribers and Landing Pages | 62 | 81 | 100 | 40k+ | Missing direct file access protection | ||
| #3023 | DreamHost Automated Migration | 62 | 15 | 23 | 20k+ | Output is not escaped | ||
| #3024 | exovia GDPR Google Maps | 62 | 40 | 6 | 4k+ | Output is not escaped | ||
| #3025 | Migrate To Liquid Web & Nexcess | 62 | 15 | 23 | 2k+ | Output is not escaped | ||
| #3026 | pensopay Payments v2 | 62 | 408 | 34 | 1k+ | Non Singular String Literal Domain | ||
| #3027 | Pressable Automated Migration | 62 | 15 | 23 | 3k+ | Output is not escaped | ||
| #3028 | Proofreading | 62 | 11 | 74 | 5k+ | Direct Query | ||
| #3029 | Spam Comments Cleaner | 62 | 14 | 29 | 1k+ | Non-prefixed function | ||
| #3030 | The Cache Purger | 62 | 12 | 25 | 1k+ | Input is not validated | ||
| #3031 | Topic SEO Content Optimization Tool | 62 | 35 | 15 | 1k+ | curl curl close | ||
| #3032 | Woo Product Remover | 62 | 23 | 14 | 1k+ | SQL query is not prepared | ||
| #3033 | Embed Videos For Product Image Gallery Using WooCommerce | 62 | 21 | 16 | 400 | Text Domain Mismatch | ||
| #3034 | WP Category Sort | 62 | 15 | 22 | 500 | Text Domain Mismatch | ||
| #3035 | XPoster – Share to Bluesky and Mastodon | 62 | 26 | 36 | 10k+ | Missing nonce verification | ||
| #3036 | Migrate to WordPress.com | 62 | 15 | 28 | 2k+ | Output is not escaped | ||
| #3037 | Automatic Featured Images from Videos | 63 | 14 | 13 | 7k+ | Missing direct file access protection | ||
| #3038 | Classic Editor and Classic Widgets | 63 | 18 | 41 | 20k+ | Nonce verification recommended | ||
| #3039 | Placeholder Image for WooCommerce | 63 | 31 | 5 | 400 | Output is not escaped | ||
| #3040 | Image Sitemap | 63 | 11 | 14 | 400 | Output is not escaped | ||
| #3041 | IndexNow Plugin | 63 | 14 | 91 | 100k+ | error log error log | ||
| #3042 | Missed Scheduled Posts Publisher by WPBeginner | 63 | 16 | 17 | 30k+ | Text Domain Mismatch | ||
| #3043 | MooWoodle – WordPress Moodle LMS Integration, Sell Moodle Courses via WooCommerce | 63 | 10 | 45 | 800 | No Caching | ||
| #3044 | Contact Form to Chat Apps | Click to Chat to Order – FormyChat | 63 | 30 | 136 | 3k+ | Direct Query | ||
| #3045 | Collapsing Archives | 64 | 36 | 9 | 3k+ | date date | ||
| #3046 | CV Demo Importer | 64 | 21 | 95 | 400 | Non-prefixed global variable | ||
| #3047 | DataFeedWatch Connector for WooCommerce | 64 | 16 | 112 | 600 | Non-prefixed hook name | ||
| #3048 | DoFollow Case by Case | 64 | 4 | 60 | 1k+ | Direct Query | ||
| #3049 | ELEX WooCommerce Product Price Custom Text (Before & After Text) and Discount | 64 | 444 | 137 | 2k+ | Missing Arg Domain | ||
| #3050 | Icon Element – Icon Pack for Elementor Page Builder (6718 icons) | 64 | 30 | 16 | 40k+ | wp function not compatible with requires wp |
