The PCP scanner detects this error because you are using the $table1 variable directly in the SQL query without escaping it.

To fix this, you should use the esc_sql() function to sanitize the table name.

On line 2, update the code as follows:

$table1 = esc_sql($db->tb_lp_section);