WordPress.DB.RestrictedFunctions.mysql_mysql_affected_rows
mysql mysql affected rows
The plugin uses a raw MySQL extension or class instead of WordPress database APIs.
Why It Shows Up
The scan found `mysql_*`, `mysqli_*`, PDO MySQL, or related database functions in plugin code.
Why It Matters
Bypassing `$wpdb` can ignore WordPress database configuration, escaping conventions, character sets, and compatibility layers.
How to Fix
- Replace raw MySQL calls with `$wpdb` methods or higher-level WordPress APIs.
- Use `$wpdb->prepare()` for dynamic values.
- If a third-party library requires a database connection, isolate it and document why WordPress APIs cannot be used.
References
Affected Plugins
| Rank | Plugin | Score | Errors | Warnings | Installs | Updated | Top Issue |
|---|---|---|---|---|---|---|---|
| #1 | WP-Lister Lite for eBay | 21 | 6,697 | 5,129 | 2k+ | Output Not Escaped | |
| #2 | Softaculous | 23 | 116 | 49 | 10k+ | file system operations fread | |
| #3 | Database Manager – WP Adminer | 24 | 1,005 | 2,752 | 20k+ | Non Prefixed Variable Found | |
| #4 | DB Cache Reloaded Fix | 29 | 133 | 42 | 2k+ | Output Not Escaped |
