← Back

Simple Video Directory

simple_video_directory

Vendor: Quantumcloud • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-6809
1Quantumcloud
1Simple Video Directory
Jun 5, 2025
May 15, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL inject...Show more
The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.Show less
CVE-2024-5811
1Quantumcloud
1Simple Video Directory
Nov 21, 2024
Jul 12, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Simple Video Directory WordPress plugin before 1.4.4 does not sanitise and escape some of its settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks even when the unfiltere...Show more
The Simple Video Directory WordPress plugin before 1.4.4 does not sanitise and escape some of its settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)Show less