Radykal Fancy Product Designer
8 CVEs affecting Radykal Fancy Product Designer. Latest disclosed: 2026-01-16. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-51818 | Critical | 9.3 | 2025-01-21 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in radykal Fancy Product Designer fancy-product-designer.Thi… |
CVE-2024-51919 | Critical | 9.0 | 2025-01-21 | Unrestricted Upload of File with Dangerous Type vulnerability in radykal Fancy Product Designer fancy-product-designer.This issue affects Fancy Product Designe… |
CVE-2021-4334 | High | 8.8 | 2023-10-20 | The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpd_update_… |
CVE-2025-12570 | High | 7.2 | 2025-12-12 | The Fancy Product Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.4.8 d… |
CVE-2025-13231 | Medium | 6.5 | 2025-12-16 | The Fancy Product Designer plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.4.8. This is due to a time… |
CVE-2021-4335 | Medium | 6.3 | 2023-10-20 | The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability ch… |
CVE-2025-13439 | Medium | 5.9 | 2025-12-16 | The Fancy Product Designer plugin for WordPress is vulnerable to Information Disclosure and PHAR Deserialization in all versions up to, and including, 6.4.8. T… |
CVE-2025-15526 | Medium | 5.3 | 2026-01-16 | The Fancy Product Designer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.8. This is due to improper erro… |