The Web Directory Free plugin for WordPress does not sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users. This leads to a SQL injection vulnerability using different techniques like UNION, Time-Based, and Error-Based.
View the template here CVE-2024-3552.yaml
References:
https://vulners.com/wpvulndb/CVE-2024-3552