The plugin does not sanitise and escape some parameter before using them in SQL statements, leading to SQL Injections
SQLI
Lenon Leite
No
2022-04-25 (about 27 days ago)
2022-04-27 (about 25 days ago)