3 matches found
WordPress Fancy Product Designer | WooCommerce WordPress plugin <= 6.4.8 - Unauthenticated Server-Side Request Forgery via Race Condition vulnerability
Unauthenticated Server-Side Request Forgery via Race Condition vulnerability discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress Plugin Fancy Product Designer versions = 6.4.8...
EUVD-2025-203524
The Fancy Product Designer plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 6.4.8. This is due to insufficient validation of user-supplied input in the 'url' parameter of the fpdcustomuplodfile AJAX action, which flows directly into the getimagesi...
PT-2025-51377
Name of the Vulnerable Software and Affected Versions Fancy Product Designer plugin for WordPress versions prior to 6.4.9 Description The software contains a flaw due to inadequate validation of user-provided input in the url parameter of the 'fpd custom uplod file' AJAX action. This input is...