The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL InjectionCreditslucyReferenceshttps://wpscan.com/vulnerability/9c608b14-dc5e-469e-b97a-84696fae804c
