The plugin does not sanitise and escape some parameter before using them in SQL statements, leading to SQL Injections
SQLI
Lenon Leite
No
2022-04-25 (about 9 months ago)
2022-04-27 (about 9 months ago)