Fancy Product Designer < 6.1.8 - Reflected Cross Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against unauthenticated and admin-level users

PoC

Note: This requires WooCommerce to be installed. 1. Go to “Fancy Product Designer > Products” 2. Click “New” and save a new product (use any name, for example ‘Reflected’) 3. Add a product in WooCommerce. 4. Set a price for the product 5. In the side panel under “Fancy Product Designer”, assign a product (ex: ‘Reflected’ from above). 6. Save the product. 7. Access the product at https://wps-test.ddev.site/?product=__INSERT_PRODUCT_PAGE_&amp;cart;_item_key="><script>alert(1)</script> 8. See the XSS