I do not understand the results of this smart contract audit

someone checked this smart contract that is in the polygon network: 0x6A723643cF76E1C33aD4b36DED3D16e8a5FDCc84 (website: https://polygonscan.com/address/0x6A723643cF76E1C33aD4b36DED3D16e8a5FDCc84#writeContract) and told me that Withdrawals can be paused at any time and showed me this:

function withdraw(
        uint _pool
    )
        external
        payable
        nonReentrant
        whenNotPaused
        tenBlocks
        isNotContract
        hasNotStoppedProduction
    {
        payToUser(_pool);
    }

If the owner has given up ownership who is going to pause the withdrawals? or is it some backdoor I'm not seeing?
It also told me that the version
v0.8.20+commit.a1b79de6 is anitgu and that is also a risk. Could someone explain me?