Radykal Fancy_product_designer
9 CVEs affecting Radykal Fancy_product_designer. Latest disclosed: 2024-05-06. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-24370 | Critical | 9.8 | 2021-06-21 | The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution. |
CVE-2021-4334 | High | 8.8 | 2023-10-20 | The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpd_update_… |
CVE-2021-4096 | High | 8.8 | 2022-04-19 | The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers… |
CVE-2021-4134 | High | 7.2 | 2022-02-16 | The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~… |
CVE-2024-0365 | Medium | 6.5 | 2024-03-18 | The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL… |
CVE-2024-0905 | Medium | 6.3 | 2024-04-26 | The Fancy Product Designer WordPress plugin before 6.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected… |
CVE-2021-4335 | Medium | 6.3 | 2023-10-20 | The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability ch… |
CVE-2024-0904 | Medium | 5.9 | 2024-05-06 | The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as adm… |
CVE-2024-0902 | Medium | 4.8 | 2024-04-15 | The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as adm… |