Lucene search
K

4 matches found

NVD
NVD
added 2023/10/20 8:15 a.m.21 views

CVE-2021-4334

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpdupdateoptions function in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissio...

8.8CVSS8.4AI score0.00673EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/20 7:29 a.m.24 views

CVE-2021-4334 Fancy Product Designer <= 4.6.9 - Insufficient Authorization to Arbitrary Options Update via fpd_update_options

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpdupdateoptions function in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissio...

8.8CVSS8.5AI score0.00673EPSS
Exploits0References2
CVE
CVE
added 2023/10/20 7:29 a.m.79 views

CVE-2021-4334

CVE-2021-4334 affects the Fancy Product Designer WordPress plugin. A missing capability check in fpd_update_options (

8.8CVSS8.2AI score0.00673EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/06 12:0 a.m.12 views

WordPress Fancy Product Designer Plugin <= 4.6.9 is vulnerable to Broken Access Control

Software Fancy Product Designer Type Plugin Vulnerable versions = 4.6.9 Fixed in 4.7.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-4334 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 81f6208d4f4f Credits Ramuel Gall Required...

8.8CVSS6.8AI score0.00673EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder