diff --git a/main/inc/lib/statistics.lib.php b/main/inc/lib/statistics.lib.php
index 235be76629..fa2e6a0192 100644
--- a/main/inc/lib/statistics.lib.php
+++ b/main/inc/lib/statistics.lib.php
@@ -1917,8 +1917,10 @@ class Statistics
         $usersInfo = [];
 
         while ($rowStat = Database::fetch_assoc($result)) {
+            $firstname = Database::escape_string($rowStat['firstname']);
+            $lastname = Database::escape_string($rowStat['lastname']);
             $subsql = "SELECT id, email, registration_date, status, active
-                FROM user WHERE firstname = '{$rowStat['firstname']}' AND lastname = '{$rowStat['lastname']}'"
+                FROM user WHERE firstname = '$firstname' AND lastname = '$lastname'"
             ;
 
             $subResult = Database::query($subsql);