0.001 Low
EPSS
Percentile
48.0%
The plugin does not properly escape the orderby parameter before using it in multiple SQL statement, which could allow high privilege users to perform SQL injection