CVE-2024-13594
CVE-2024-13594 affects the WordPress plugin Simple Downloads List (versions up to 1.4.2). The vulnerability is an SQL Injection via the category parameter of the neofix_sdl shortcode, caused by insufficient escaping and lack of proper parameterization in the underlying query. Exploitation require...