is wpdb->replace() already sanitized?

For Ques#1, You don’t need to use prepare here. Its called upon your data internally. See this line in code here – http://core.trac.wordpress.org/browser/trunk/wp-includes/wp-db.php#L1220

For Ques#2, Why are you updating a post with sql queries? You should be using WordPress API for that – http://codex.wordpress.org/Function_Reference/wp_update_post

Related Posts:

  1. What is your best practice to execute one-time scripts?
  2. Why is Google Webmaster Tools telling me to update WordPress
  3. How to force function to run as the last one when saving the post?
  4. update Semiologic?
  5. After WooCommerce-Update fucntion not working anymore
  6. How should I structure a WP website project using git and updating from WP dashboard?
  7. WP-CLI not recognizing commercial plugin updates
  8. Plugin SVN & update API – how are plugins identified?
  9. Set custom messages for post update/save
  10. How can I manually upgrade translations?
  11. Automating the Backup Process (30+ websites)
  12. Update to older wordpress version from admin?
  13. Auto-updating WordPress from a local zip file
  14. Permissions to get autoupdate to work
  15. Git Deploying – Disabling plugin/theme installation/update on remote?
  16. Block updates by Server
  17. WordPress 5.5 AutoUpdate schedule
  18. How long does it take for theme / plugin automatic updates to initiate?
  19. Can’t preview drafts after upgrade to 4.0!
  20. Why won’t my site automatically apply updates after upgrade to 3.7?
  21. What are the details for function argument wp_update_plugin()
  22. Changing plugin slug with update
  23. Necessary user, group and permissions for core updates
  24. Reverting from a newer version of WordPress to an older version
  25. After updating wordpress 4.5 my homepage and images not displaying
  26. Make page template that is just an “include” of another?
  27. How to notify my plugin users about new version releases?
  28. Show last time WordPress site was updated / modified
  29. How Can I setup WP CLI on Windows development machine running AMPPS?
  30. Upgrading themes never works
  31. How can the temporary update directory be changed?
  32. Unable to update wordpress
  33. WordPress not showing upgrade to latest version
  34. Prevent wordpress from updating language files
  35. Some wp-admin folder file deleted when WordPress upgrade
  36. Possible to stay on Version 4?
  37. Worpdress update another update is currently in progress
  38. Upgrading from 3.5.2 to 3.9.1
  39. Updating Existed RocketTheme Theme on WordPress
  40. WP 5 upgrade and ALTER TABLE wp_post … post_password
  41. WP-CLI command to update all plugins and core fails when executed from cron
  42. Fresh new install or keep old version
  43. WordPress 3.8.1 update error
  44. Updating WordPress core with zero downtime – I mean zero
  45. What file(s) in core control automatic background updates?
  46. How can I quickly get a system showing the “Uncaught Error: Class ‘WP_Site_Health’ not found in” up and running again?
  47. WordPress and plugins can’t update (“inconsistent file permissions” error)?
  48. Update WordPress – Another update is currently in progress
  49. $wpdb->replace: WHERE?
  50. Is there a way to schedule automatic WordPress core updates?
  51. How does one dismiss the ‘upgrade notice’ when managing upgrades with SVN?
  52. WordPress updates being blocked by proxy
  53. Keep getting update notifcations despite there is nothing to update
  54. Which directory should be writable to update wordpress?
  55. Why would a WordPress site go into maintenance mode without me doing anything?
  56. Increased memory usage after updating to wordpress 4.3
  57. Installing new theme on running site
  58. Is it safe to update from 2.6.2 to the newest version?
  59. How to customize and keep things up-to-date?
  60. Can anything go wrong if I let users change their usernames?
  61. Where in the backend can I get information about the current WordPress version I am using?
  62. A shorter way to automatically update WordPress?
  63. check if WordPress website has updates remotely
  64. Updating WP 3.9.5 without destroying my website
  65. After adding mo localization files to WP 3.8.1 install backend shows new update to 3.8.1
  66. WordPress updates
  67. What do WordPress auto updates include?
  68. How to automate post update website check?
  69. How to keep cache files after plugin update?
  70. Which directories does WordPress attempt to create when updating core and installing plugins?
  71. Constant for ‘barebones’ update of WordPress
  72. Reliability of WordPress 4 one click update
  73. Can an update corrupt my installation?
  74. WordPress current version is 5.7.5 but I’m being prompted to “upgrade” to 4.9
  75. Avoid removal of a file on plugin update
  76. IP Address Whitelist to Allow WordPress Core Auto Updates
  77. How to modify last posts block without losing modification on next WP update
  78. Css path changed after update wordpress to new version
  79. Disabling forced FTP credentials for any updates
  80. Parent Theme update was not showing on the update page
  81. Auto Update A WordPress Plugin from within another WordPress Manager Plugin
  82. How to force an update of WordPress core to a newer minor version, using the Dashboard?
  83. What happend if I update my website?
  84. WordPress Not updating – No Cache Plugins, Admin sees updates
  85. How does WordPress get the upgrade URL?
  86. How to allow theme update downloads to WordPress installs only?
  87. Any way to permanently translate themes?
  88. FS method direct on NGINX
  89. What could have changed all of the ' characters in my content to &#039 strings?
  90. update post meta front end
  91. WordPress Updates 3.5.2 to 3.8 Any Problem? [duplicate]
  92. Updating from WordPress 3.5.2 to 3.6 Errors
  93. Autoupdate shows current when I’m on 3.1
  94. Restoring from a Backup after Update
  95. Avoid loosing changes to theme
  96. Update to WordPress 4.9.2, but have heavily customized theme
  97. Hook or function to check if performing a WP Core update?
  98. cURL error 28: SSL connection timeout while can download the plugin file
  99. WordPress recommending to downgrade instead of upgrade?
  100. WordPress is updating only patch version and not minor