4 matches found
CVE-2021-4334
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpdupdateoptions function in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissio...
CVE-2021-4334 Fancy Product Designer <= 4.6.9 - Insufficient Authorization to Arbitrary Options Update via fpd_update_options
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpdupdateoptions function in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissio...
CVE-2021-4334
CVE-2021-4334 affects the Fancy Product Designer WordPress plugin. A missing capability check in fpd_update_options (
WordPress Fancy Product Designer Plugin <= 4.6.9 is vulnerable to Broken Access Control
Software Fancy Product Designer Type Plugin Vulnerable versions = 4.6.9 Fixed in 4.7.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-4334 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 81f6208d4f4f Credits Ramuel Gall Required...