Lucene search
China National Vulnerability DatabaseCNVD-2022-76223HistoryApr 20, 2022 - 12:00 a.m.
WordPress plugin Fancy Product Designer cross-site request forgery vulnerability
2022-04-2000:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
32.0%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress plugin Fancy Product Designer, which stems from a cross-site request forgery in the FPD_Admin_Import class. The vulnerability can be exploited to upload malicious files to gain webshell access to the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress fancy product designer | le | 4.7.5 |
Related
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-04-19 21:15:00
nvd
nvd
CVE-2021-4096
2022-04-19 21:15:13
cve
cve
CVE-2021-4096
2022-04-19 21:15:13
wpvulndb
wpvulndb
Fancy Product Designer < 4.7.6 - Arbitrary File Upload via CSRF
2022-04-14 00:00:00
cvelist
cvelist