In your query instead of using the search parameter as is, use the function use the SQL_EscapeString from SQLWildcardEscaper_Lib module, like in the screenshots below: