0.002 Low
EPSS
Percentile
53.2%
The plugin does not escape the IP address (retrieved via headers such as X-Forwarded-For) before using it in a SQL statement, leading to an SQL injection