[HIGH] Possible SQL injection in widget field value

PKSA-g8yy-64fv-qdtr GHSA-v3mr-gp7j-pw5w

Affected version: >=1.0.0,<3.3.5

Reported by:
GitHub, FriendsOfPHP/security-advisories