WordPress.DB.DirectDatabaseQuery.SchemaChange

Schema Change

The plugin runs a direct database query instead of using a higher-level WordPress API or cache-aware pattern.

medium weight

Why It Shows Up

Plugin Check found `$wpdb` access that queries the database directly, changes schema, or bypasses normal caching expectations.

Why It Matters

Direct queries can be correct, but they are easier to make unsafe, slower at scale, and harder for WordPress to cache or filter.

How to Fix

Use WordPress APIs such as post, term, metadata, option, or user functions when they fit the task.
If direct SQL is necessary, prepare dynamic values and add a clear caching strategy for repeated reads.
Keep schema changes in activation or upgrade routines and make them idempotent.

References

WordPress database access

Affected Plugins

Rank	Plugin	Score	Errors	Warnings	Installs	Added	Updated	Top Issue
#51	Wise Chat	21	470	506	5k+	12 years ago	4 months ago	Output is not escaped
#52	WooCommerce	21	1,359	6,172	7m+	15 years ago	today	Non-prefixed global variable
#53	Pay For Post with WooCommerce	21	960	1,474	1k+	12 years ago	5 months ago	Non-prefixed global variable
#54	Wordfence Security – Firewall, Malware Scan, and Login Security	21	1,592	2,973	5m+	14 years ago	1 month ago	Output is not escaped
#55	WP-Lister Lite for eBay	21	6,697	5,129	2k+	14 years ago	21 days ago	Output is not escaped
#56	wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin	21	1,811	1,432	70k+	11 years ago	today	Output is not escaped
#57	Premium Packages – Sell Digital Products Securely	21	2,765	2,444	3k+	8 years ago	6 months ago	Output is not escaped
#58	Frontend Admin by DynamiApps	22	5,922	3,208	10k+	7 years ago	7 days ago	Text Domain Mismatch
#59	Advanced Classifieds & Directory Pro	22	1,229	3,511	2k+	10 years ago	today	Non-prefixed global variable
#60	Advanced Form Integration — Connect Forms to 200+ Apps	22	5,771	4,678	10k+	7 years ago	6 days ago	wp function not compatible with requires wp
#61	Ajax Load More – Infinite Scroll, Load More, & Lazy Load	22	641	595	40k+	12 years ago	20 days ago	Unsafe printing function
#62	All-in-One Video Gallery	22	911	2,892	20k+	9 years ago	yesterday	Non-prefixed global variable
#63	Booking for Appointments and Events Calendar – Amelia	22	1,489	480	90k+	8 years ago	6 days ago	Exception output is not escaped
#64	Knowledge Base documentation & wiki plugin – BasePress Docs	22	671	1,767	2k+	9 years ago	5 months ago	Non-prefixed global variable
#65	Better Messages – Chat Rooms, Group Chat, Private Messages & AI Chat Bots	22	1,604	2,019	10k+	9 years ago	14 days ago	Direct Query
#66	BuddyPress	22	583	9,008	100k+	17 years ago	9 months ago	Non-prefixed function
#67	Captcha by BestWebSoft – Advanced Spam Protection, Math & OCR-Friendly Captcha for Site Forms	22	493	295	10k+	9 years ago	3 months ago	Text Domain Mismatch
#68	Divi Carousel Lite – 17+ Carousel Module	22	967	1,275	10k+	4 years ago	4 months ago	Non-prefixed global variable
#69	Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD	22	669	769	1k+	6 years ago	1 month ago	Output is not escaped
#70	Cleanup Action Scheduler	22	545	1,306	1k+	4 years ago	1 year ago	Non-prefixed global variable
#71	Passster – Password Protect Pages and Content	22	539	1,419	10k+	13 years ago	22 days ago	Non-prefixed global variable
#72	Cozy Blocks – Page Builder for Gutenberg Editor & FSE with 500+ Patterns, 57 Blocks & Templates	22	2,167	4,175	7k+	4 years ago	8 days ago	Non-prefixed global variable
#73	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login	22	3,654	5,061	8k+	12 years ago	2 days ago	Non-prefixed global variable
#74	Data Tables Generator by Supsystic	22	157	150	10k+	11 years ago	today	Exception output is not escaped
#75	Directorist: AI-Powered Business Directory, Listings & Classified Ads	22	443	2,129	20k+	9 years ago	15 days ago	Non-prefixed global variable
#76	Download Manager	22	2,290	1,301	100k+	16 years ago	8 days ago	Output is not escaped
#77	E2Pdf – Export Pdf Tool for WordPress	22	1,075	836	10k+	8 years ago	8 days ago	Unsafe printing function
#78	EleSpare – News, Magazine and Blog Addons for Elementor	22	733	1,423	10k+	5 years ago	29 days ago	Non-prefixed global variable
#79	Estatik Real Estate Plugin	22	3,049	325	10k+	11 years ago	11 days ago	Text Domain Mismatch
#80	Events Manager – Calendar, Bookings, Tickets, and more!	22	4,722	5,621	70k+	18 years ago	5 days ago	Output is not escaped
#81	FireBox Popups – Increase Sales and Grow Your Email List	22	153	812	7k+	5 years ago	9 days ago	Non-prefixed global variable
#82	Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder	22	409	236	700k+	8 years ago	15 days ago	Text Domain Mismatch
#83	Notification Bar, Announcement and Cookie Notice WordPress Plugin – FooBar	22	1,321	1,371	3k+	15 years ago	1 month ago	Non-prefixed global variable
#84	GeoDirectory – WP Business Directory Plugin and Classified Listings Directory	22	4,466	3,972	10k+	12 years ago	today	Output is not escaped
#85	Anti-Malware Security and Brute-Force Firewall	22	544	965	100k+	14 years ago	4 months ago	Output is not escaped
#86	HeadSpace2 SEO	22	940	360	3k+	19 years ago	9 years ago	Text Domain Mismatch
#87	IMPress for IDX Broker	22	1,085	636	7k+	14 years ago	2 months ago	Text Domain Mismatch
#88	Insert or Embed Articulate Content into WordPress	22	659	1,437	2k+	15 years ago	11 months ago	Non-prefixed global variable
#89	InfiniteWP Client	22	2,286	1,812	200k+	14 years ago	4 months ago	Exception output is not escaped
#90	Import WP – Export and Import CSV and XML files to WordPress	22	580	330	4k+	12 years ago	2 months ago	Exception output is not escaped
#91	LearnPress – WordPress LMS Plugin for Create and Sell Online Courses	22	2,361	3,384	70k+	11 years ago	7 days ago	Non-prefixed global variable
#92	Leyka	22	253	3,445	2k+	13 years ago	2 months ago	Request data is not unslashed
#93	Custom Login Page Customizer – Login Designer	22	588	1,455	30k+	9 years ago	8 months ago	Non-prefixed global variable
#94	MailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc.	22	2,619	2,453	10k+	9 years ago	5 days ago	Output is not escaped
#95	Modula Image Gallery – Photo Grid & Video Gallery	22	474	436	100k+	11 years ago	8 days ago	Text Domain Mismatch
#96	Moloni	22	902	356	2k+	7 years ago	2 months ago	Missing Arg Domain
#97	Newsletters	22	2,968	2,248	2k+	12 years ago	5 days ago	Text Domain Mismatch
#98	WP OAuth Server (OAuth Authentication)	22	189	347	3k+	13 years ago	5 months ago	Non-prefixed function
#99	PagBank / PagSeguro Connect para WooCommerce	22	504	743	4k+	2 years ago	yesterday	Non-prefixed global variable
#100	PAYCOMET for WooCommerce	22	1,206	423	2k+	11 years ago	7 days ago	Text Domain Mismatch