From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Plugin Name: Viral Signup <= 2.1 2. Vulnerability Type: SQL Injection (SQLi) 3. Description: The plugin fails to properly sanitize and escape parameters when using AJAX actions, leading to SQL injection. 4. Affected Plugin: viral-signup 5. CVE ID: CVE-2024-6926 6. OWASP Top 10: A1: Injection 7. CWE ID: CWE-89 8. Original Researcher: Project Black 9. Submitter: Project Black 10. Submitter Website: https://projectblack.io/penetration-testing/ 11. Submitter Twitter: @project_blk 12. Verification Status: Verified 13. WPVDB ID: 9ce96ce5-fcf0-4d7a-b562-f63ea3418d93 14. Public Disclosure Date: 2024-08-13 15. Added Date: 2024-08-06 16. Last Updated Date: 2024-08-06 17. Related Vulnerabilities: - CBX Bookmark & Favorite < 1.7.21 - Admin+ SQLi - Ajax Store Locator <= 1.2 - Remote SQL Injection - FV Player < 7.5.47.7212 - Authenticated (Subscriber+) SQL Injection via exclude Parameter - tagDiv Opt-In Builder < 1.5 - Authenticated (Admin+) SQL Injection - Photo Gallery by WD <= 1.3.35 - Authenticated SQL Injection This information helps understand the vulnerability's details, scope of impact, and potential exploitation methods.