A proid GET parameter of the WordPress?????????®?Alipay|?´?????????Tenpay|?´???®?PayPal???????????????? WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.