WordPress.DB.DirectDatabaseQuery.SchemaChange

Schema Change

The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.

medium weight

Why It Shows Up

Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.

Why It Matters

Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.

How to Fix

  • Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
  • If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
  • Keep schema changes in activation or upgrade routines and make them idempotent.

Affected Plugins

RankPluginScoreErrorsWarningsInstallsAddedUpdatedTop Issue
#801Blog2Social: Social Media Auto Post & Scheduler32796250k+Direct Query
#802WP Gravity Forms HubSpot32771160600Text Domain Mismatch
#803CRM Perks Integration for Gravity Forms and Salesforce328071781k+Text Domain Mismatch
#804WP Gravity Forms Zoho CRM and Bigin32750174400Text Domain Mismatch
#805GlotPress32403103500Unsafe printing function
#806Insights from Google PageSpeed3241447520k+Text Domain Mismatch
#807Gwolle Guestbook3226952720k+Output is not escaped
#808Honeypot Toolkit32155770400Missing nonce verification
#809HTML5 jQuery Audio Player322511531k+Unsafe printing function
#810MapPress Maps for WordPress3269513330k+Missing Arg Domain
#811WP Mobile Menu – The Mobile-Friendly Responsive Menu3299019580k+Output is not escaped
#812Plugin Organizer3232625710k+Output is not escaped
#813Relevanssi – A Better Search3286266100k+Missing direct file access protection
#814Restrict Usernames Emails Characters323273671k+Output is not escaped
#815Simple Ajax Chat – Add a Fast, Secure Chat Box321082662k+Output is not escaped
#816Spoki – Chat Buttons and WooCommerce Notifications321,074260700Unsafe printing function
#817Subscribe2 – Form, Email Subscribers & Newsletters323241010k+Direct Query
#818TK Google Fonts GDPR Compliant32582341k+Output is not escaped
#819Tumult Hype Animations32561171k+Output is not escaped
#820BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net32593340k+Non-prefixed global variable
#821WP Bannerize Pro32281216800Text Domain Mismatch
#822Privacy Policy Generator – WPLP Legal Pages322640910k+Non-prefixed global variable
#823Affiliate Program & Referral Tracking for WooCommerce & WordPress – Affilia3380172500Nonce verification recommended
#824AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth33332299k+Non-prefixed global variable
#825Addi – Cuotas que se adaptan a ti331062092k+Direct Query
#826Chartify – WordPress Chart Plugin33764113k+Non-prefixed global variable
#827ChatHelp – Click to Chat Button, WooCommerce Chat to Order & Floating Chat Form33572041k+Non-prefixed global variable
#828Companion Auto Update3315929850k+Direct Query
#829Companion Sitemap Generator – Simple, Smart, and SEO-Ready33118577k+Missing Translators Comment
#830Contact List – Online Staff Directory & Address Book331183421k+Nonce verification recommended
#831GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law3348370300k+Non-prefixed global variable
#832ITRO Popup Plugin335911356k+Output is not escaped
#833MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics33262797k+Non-prefixed global variable
#834MaxiBlocks Builder | 17,000+ Design Assets, Patterns, Icons & Starter Sites332503700Non-prefixed function
#835Mollie Payments for WooCommerce3370123100k+Dynamic hook name
#836Nomad World Map33424191700Text Domain Mismatch
#837Notification Master – Real-Time WordPress Notifications With Email, SMS, Webhooks & More332932151k+Text Domain Mismatch
#838PW WooCommerce Gift Cards3323818620k+Output is not escaped
#839Review Slider for WooCommerce33160422400Non-prefixed global variable
#840TaxCloud for WooCommerce3323261500Non-prefixed function
#841Social Rocket – Social Sharing Plugin331,0162551k+Unsafe printing function
#842Spiffy Calendar334732433k+Output is not escaped
#843Spin Wheel – Interactive spinning wheel that offers coupons33680313500Unsafe printing function
#844Website Monetization by MageNet33608720k+Output is not escaped
#845Rich Showcase for Google Reviews33213278100k+Output is not escaped
#846Wonder Slider Lite332731878k+Output is not escaped
#847CartBounty – Save and recover abandoned carts for WooCommerce3337039910k+Output is not escaped
#848CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce332291055k+Text Domain Mismatch
#849WOW Slider331761013k+Output is not escaped
#850Books Gallery – Book Showcase, Library & Affiliate Plugin331,7531782k+Output is not escaped