CVE request: WordPress plugin sp-client-document-manager Blind SQL Injection

[Henri Salo <henri () nerv fi>]

Can I get CVE identifier for WordPress plugin sp-client-document-manager Blind
SQL Injection vulnerability, thanks?

URL: https://wordpress.org/plugins/sp-client-document-manager/
Affected: 2.5.3 and previous version
Fixed in: 2.5.4
PoC:
/wordpress/wp-content/plugins/sp-client-document-manager/ajax.php?function=thumbnails&pid=[SQLi]
Changelog says for 2.5.4: "Fixed exploit in ajax (credit: rh3792 () naver com)"
More information: https://www.exploit-db.com/exploits/36576/

Please note that changelog also says: "2.5.7.3: Security fix, please update",
but I do not yet have more information about that issue.

-- 
Henri Salo