SQL Injection Issue Still Exists

[PluginVulnerabilities]

The change made in version 1.8.19 to try to address the SQL injection issue doesn't resolve it. Among the issues with that attempt to resolve this, is that SQL code can be written without spaces. Implementing Anthony Thorne's suggestion to utilize the sanitize_sql_orderby() function to address this would be a good idea.