Manager log: SQL Injection Detected

Hi, since a week or so i get these messages in the manager log:

[2018-11-14 02:41:45] (ERROR @ /home/USER/domains/DOMAIN/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'somepage.html\'>title somepage</a> ')
[2018-11-14 02:41:45] (ERROR @ /home/jolien/domains/geheelnatuurlijk.nl/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'somepage.html\'>title somepage</a> ' OR 'somepage.html\'>title somepage</a> ' REGEXP `modRedirect`.`pattern` OR 'somepage.html\'>title somepage</a> ' REGEXP CONCAT('^', `modRedirect`.`pattern`, '$'))
[2018-11-14 02:41:47] (ERROR @ /home/USER/domains/DOMAIN/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'webpage.html\'>Webpage title</a> other text in sentence' OR 'webpage.html\'>Webpage title</a> other text in sentence' REGEXP `modRedirect`.`pattern` OR 'webpage.html\'>Webpage title</a> other text in sentence' REGEXP CONCAT('^', `modRedirect`.`pattern`, '$'))

Where 'USER', 'DOMAIN', 'sompage.html', 'webpage.html', 'title somepage' and 'other text in sentence' are edited by me but existant.

Has anyone got any ideas what is happening here. I can see they try to escape a quote. But what i can do to block this??

SQL injections won't be possible when using xPDO like MODX does, it's just warning you that it was attempted.
A way of stopping these errors would be to sanitize any form data that's submitted before it's handled. So that way you're not allowing the malicious code to even reach MODX.