From this webpage screenshot, the following key vulnerability information can be obtained: 1. Plugin Name: WP-Advanced-Search < 3.3.9.2 2. Vulnerability Type: SQL Injection (SQLi) 3. Affected Versions: Versions 3.3.9.2 and earlier 4. Description: The plugin fails to validate and sanitize the parameter when constructing SQL queries, allowing unauthorized users to perform SQL injection attacks. 5. PoC Disclosure Date: October 23, 2024, providing users time to update. 6. CVE ID: CVE-2024-9796 7. Classification: - OWASP Top 10: A1: Injection - CWE: CWE-89 - CVSS Score: 8.6 (High) 8. Original Researcher: Wojciech Jezowski 9. Submitter: Wojciech Jezowski 10. Verification Status: Verified 11. WPVDB ID: 2dd6839-6bcb-4bb8-97e0-1516b8c2b99b 12. Public Release Date: September 17, 2024 13. Added Date: October 9, 2024 14. Last Updated Date: October 10, 2024 15. Related Vulnerabilities: - Forminator < 1.29.3 - Admin+ SQL Injection - Contextual Related Posts < 1.8.10.2 - Multiple Parameter SQL Injection - Contact Form by Supsystic < 1.7.11 - Authenticated SQL Injections - Users Ultra <= 3.1.0 - Unauthenticated SQL Injection - Pinpoint Booking System <= 2.0 - Authenticated Blind SQL Injection This information helps users understand the vulnerability details, affected scope, and how to verify and remediate the issue.