What are the potential security risks associated with storing passwords in plain text in a MySQL table for a PHP login script?

Storing passwords in plain text in a MySQL table poses a significant security risk as it exposes user credentials to potential attackers in case of a data breach. To mitigate this risk, passwords should be securely hashed before storing them in the database. This way, even if the database is compromised, the actual passwords remain protected.

// Hashing and storing password securely
$password = $_POST['password'];
$hashed_password = password_hash($password, PASSWORD_DEFAULT);

// Storing hashed password in MySQL table
$query = "INSERT INTO users (username, password) VALUES ('$username', '$hashed_password')";
// Execute the query