What is the correct way to use `$wpdb->prepare()` and why is it critical for database security?

Question

WordPress Fundamental — Hard

What is the correct way to use `$wpdb->prepare()` and why is it critical for database security?

Accepted Answer

Using $wpdb->prepare() with placeholders (%s, %d, %f) is crucial for database security because it safely escapes user-supplied data, preventing SQL injection attacks by separating it from the query structure.