Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Fancy Product Designer — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in Fancy Product Designer, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2025-15526 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Full Path Disclosure via 'pdf' Parameter CWE-209 5.3 Medium2026-01-16
CVE-2025-13231 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Server-Side Request Forgery via Race Condition CWE-362 6.5 Medium2025-12-16
CVE-2025-13439 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Information Disclosure and PHAR Deserialization via 'url' Parameter CWE-200 5.9 Medium2025-12-16
CVE-2025-12570 Fancy Product Designer <= 6.4.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload CWE-79 7.2 High2025-12-12
CVE-2024-51919 WordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated Arbitrary File Upload vulnerability CWE-434 9.0 Critical2025-01-21
CVE-2024-51818 WordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated SQL Injection vulnerability CWE-89 9.3 Critical2025-01-21
CVE-2024-0904 Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting 4.8AIMediumAI2024-05-06
CVE-2024-0905 Fancy Product Designer < 6.1.8 - Reflected Cross Site Scripting 6.1AIMediumAI2024-04-26
CVE-2024-0902 Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting via Product Title 4.8AIMediumAI2024-04-15
CVE-2024-0365 Fancy Product Designer < 6.1.5 - Admin+ SQL Injection 7.2 -2024-03-18
CVE-2021-4334 Fancy Product Designer <= 4.6.9 - Insufficient Authorization to Arbitrary Options Update via fpd_update_options CWE-285 8.8 High2023-10-20
CVE-2021-4335 Fancy Product Designer <= 4.6.9 - Insufficient Authorization on Mulitple AJAX Actions CWE-285 6.3 Medium2023-10-20
CVE-2021-4096 Fancy Product Designer <= 4.7.5 - Cross-Site Request Forgery to Arbitrary File Upload CWE-352 8.8 High2022-04-19
CVE-2021-24370 Fancy Product Designer < 4.6.9 - Unauthenticated Arbitrary File Upload and RCE CWE-434 9.8 -2021-06-21

All 14 known CVE vulnerabilities affecting Fancy Product Designer with full Chinese analysis, references, and POCs where available.