Lucene search
WpvulndbWPVDB-ID:69802CE1-5C3A-44E5-B007-98CC5A9D9D8FHistoryApr 14, 2022 - 12:00 a.m.
Fancy Product Designer < 4.7.6 - Arbitrary File Upload via CSRF
2022-04-1400:00:00
wpscan.com
10
0.001 Low
EPSS
Percentile
32.0%
The plugin is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers to upload malicious files that could be used to gain webshell access to a server via a CSRF attack
| CPE | Name | Operator | Version |
|---|---|---|---|
| fancy-product-designer | lt | 4.7.6 |
Related
patchstack
patchstack
cnvd
cnvd
prion
prion
Cross site request forgery (csrf)
2022-04-19 21:15:00
nvd
nvd
CVE-2021-4096
2022-04-19 21:15:13
cve
cve
CVE-2021-4096
2022-04-19 21:15:13
cvelist
cvelist