CVE-2024-6809 Information

Description

The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users leading to a SQL injection.

Reference

https://wpscan.com/vulnerability/60abcae5-4c89-4d48-95f8-6a80e5f06a37/