6 matches found
WordPress Fancy Product Designer Plugin < 6.1.5 is vulnerable to SQL Injection
Software Fancy Product Designer Type Plugin Vulnerable versions 6.1.5 Fixed in 6.1.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0365 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 8a2fcc7e3e05 Credits Ivan Spiridonov Required privilege...
CVE-2024-0365
The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators...
CVE-2024-0365
The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators...
CVE-2024-0365 Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators...
CVE-2024-0365 Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators...
CVE-2024-0365
CVE-2024-0365 affects the WordPress plugin Fancy Product Designer prior to version 6.1.5. The issue arises from improper sanitisation/escaping of a parameter before it is used in a SQL statement, leading to a SQL injection that is exploitable by administrators. Affected versions: