- SQL is not escaped at the point of use in some instances
- Is likely to contain blind SQL injection vulnerabilities, exploitable by a privileged user
- Any .php file placed in the extras directory will be automatically loaded. This is intended to allow the plugin to load plugins.
Reason for the 'Use with caution' result
The plugin contains or is likely to contain a vulnerability which could be exploited by a privileged user to affect the site’s confidentiality, integrity or availability in a manner exceeding their privileges: