Security bug in 13.2?

I’ve just noticed that the usually reliable WordFence Intelligence reports that 13.3 resolves a security issue.

If correct could the changelog be updated to mention this rather than simply showing “Tested up to 6.4” so the people don’t continue to run an insecure version on WP 6.3.x.

Reference: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/image-horizontal-reel-scroll-slideshow/image-horizontal-reel-scroll-slideshow-132-authenticated-subscriber-sql-injection-via-shortcode