The WP Sessions Time Monitoring Full Automatic plugin for WordPress has a vulnerability that allows unauthorized people to access sensitive information from the database. This is because the plugin does not properly handle user input and SQL queries, making it possible for attackers to add their own queries. This vulnerability exists in versions up to 1.0.9.