CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4335 – Fancy Product Designer <= 4.6.9 - Insufficient Authorization on Mulitple AJAX Actions
https://notcve.org/view.php?id=CVE-2021-4335
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissions to modify plugin settings, including retrieving arbitrary order information or creating/updating/deleting products, orders, or other sensitive information not associated with their own account. El complemento Fancy Product Designer para WordPress es vulnerable al acceso no autorizado a los datos y a la modificación de la configuración del complemento debido a una falta de verificación de capacidad en múltiples funciones AJAX en versiones hasta la 4.6.9 incluida. Esto hace posible que atacantes autenticados con permisos a nivel de suscriptor modifiquen la configuración del complemento, incluida la recuperación de información de pedidos arbitraria o la creación/actualización/eliminación de productos, pedidos u otra información confidencial no asociada con su propia cuenta. • https://support.fancyproductdesigner.com/support/discussions/topics/13000029981 https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve • CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4096 – Fancy Product Designer <= 4.7.5 - Cross-Site Request Forgery to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2021-4096
The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers to upload malicious files that could be used to gain webshell access to a server in versions up to, and including, 4.7.5. El plugin Fancy Product Designer para WordPress es vulnerable a un ataque de tipo Cross-Site Request Forgery por medio de la clase FPD_Admin_Import que hace posible que atacantes suban archivos maliciosos que podrían ser usados para conseguir acceso webshell a un servidor en versiones hasta, e incluyendo, la 4.7.5 • https://support.fancyproductdesigner.com/support/discussions/topics/13000031615 https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4096 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4134 – Fancy Product Designer <= 4.7.4 Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2021-4134
The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4. El plugin Fancy Product Designer de WordPress es vulnerable a la inyección SQL debido a un escape y parametrización insuficientes del parámetro ID que se encuentra en el archivo ~/inc/api/class-view.php, lo que permite a atacantes con permisos de nivel administrativo inyectar consultas SQL arbitrarias para obtener información confidencial, en versiones hasta 4.7.4 incluyéndola • https://support.fancyproductdesigner.com/support/discussions/topics/13000031264 https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 37%CPEs: 1EXPL: 5CVE-2021-24370 – Fancy Product Designer < 4.6.9 - Unauthenticated Arbitrary File Upload and RCE
https://notcve.org/view.php?id=CVE-2021-24370
The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution. El plugin Fancy Product Designer de WordPress versiones anteriores a 4.6.9, permite a atacantes no autenticados cargar archivos arbitrarios, resultando en una ejecución de código remota • https://lists.openwall.net/full-disclosure/2020/11/17/2 https://seclists.org/fulldisclosure/2020/Nov/30 https://wpscan.com/vulnerability/82c52461-1fdc-41e4-9f51-f9dd84962b38 https://www.secpod.com/blog/critical-zero-day-flaw-actively-exploited-in-wordpress-fancy-product-designer-plugin https://www.wordfence.com/blog/2021/06/critical-0-day-in-fancy-product-designer-under-active-attack • CWE-434: Unrestricted Upload of File with Dangerous Type •