SQL is a popular database language. WordPress is built on a version of SQL known as MySQL.
An SQL injection is a security violation in which a malicious database statement is inserted into a SQL database by way of a seemingly innocuous data entry field. This happens when the input of a data entry field is not properly validated by the software that processes the input. In a worst case scenario, a mischievous SQL injection could give a hacker control over your site.
When an SQL injection vulnerability is discovered in a WordPress plugin you use, it is important to upgrade to the newest plugin version so your site remains secure. WordHer is one of many sites that tweet and shout when popular WordPress themes or plugins have important security updates.
Using plugins that are not being maintained by their authors leaves your site open to hackers, because if any security issued are discovered, they are not fixed. The WordPress plugin repository now tells you how long it has been since the plugin author updated his plugin. This can be a measure of how responsive the author might be if a security loophole is discovered in his code.