WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. SQL injection vulnerability exists in the WordPress plugin Fancy Product Designer 4.7.4 and earlier, which stems from insufficient escaping and parameterization of the ID parameter in the ~inc api class-view.php file. An attacker could use this vulnerability to inject arbitrary SQL queries to obtain sensitive information.