2 matches found
WordPress Fancy Product Designer plugin < 6.1.81 - Admin+ Cross Site Scripting via Product Title vulnerability
Admin+ Cross Site Scripting via Product Title vulnerability discovered by Bob Matyas in WordPress Plugin Fancy Product Designer versions 6.1.81...
PT-2024-15906 · WordPress · Fancy Product Designer
Name of the Vulnerable Software and Affected Versions: The Fancy Product Designer WordPress plugin versions prior to 6.1.81 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, f...