Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 4:22 a.m.9 views

CVE-2021-4134

The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the /inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensiti...

7.2CVSS7.5AI score0.0144EPSS
Exploits1
OSV
OSV
added 2022/02/16 5:15 p.m.4 views

CVE-2021-4134

The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the /inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensiti...

4.9CVSS5.8AI score0.0144EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/02/16 4:38 p.m.19 views

CVE-2021-4134 Fancy Product Designer <= 4.7.4 Admin+ SQL Injection

The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the /inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensiti...

7.2CVSS7.5AI score0.0144EPSS
Exploits1References2
CVE
CVE
added 2022/02/16 4:38 p.m.70 views

CVE-2021-4134

CVE-2021-4134 relates to the Fancy Product Designer WordPress plugin. The vulnerability is a SQL injection caused by insufficient escaping/parameterization of the ID parameter in the file ~/inc/api/class-view.php, affecting versions up to and including 4.7.4. The issue is exploitable by attackers...

7.2CVSS5.8AI score0.0144EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder