Lucene search
WPScanCVELIST:CVE-2024-0365HistoryMar 18, 2024 - 7:05 p.m.
CVE-2024-0365 Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
2024-03-1819:05:42
WPScan
www.cve.org
1
cve-2024-0365
fancy product designer
sql injection
wordpress plugin
The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Fancy Product Designer",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "6.1.5"
}
],
"defaultStatus": "unaffected"
}
]Related
cve
cve
CVE-2024-0365
2024-03-18 19:15:06
wpvulndb
wpvulndb
Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
2024-02-20 00:00:00
nvd
nvd
CVE-2024-0365
2024-03-18 19:15:06
wpexploit
wpexploit
Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
2024-02-20 00:00:00
vulnrichment
vulnrichment
CVE-2024-0365 Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
2024-03-18 19:05:42