Vulnerabilities > Quantumcloud > Simple Video Directory > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-12 CVE-2024-5811 Cross-site Scripting vulnerability in Quantumcloud Simple Video Directory
The Simple Video Directory WordPress plugin before 1.4.4 does not sanitise and escape some of its settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
network
low complexity
quantumcloud CWE-79
5.4