CVE-2024-51818 — SQL Injection in Fancy Product Designer

CWE-89 — SQL Injection3 documents3 sources

Severity

—N/A

No vector

EPSS

9.9%

top 6.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Radykal Fancy Product Designer

Timeline

PublishedJan 21

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in radykal Fancy Product Designer fancy-product-designer.This issue affects Fancy Product Designer: from n/a through <= 6.4.3.

Affected Packages1 packages

▶CVEListV5radykal/fancy_product_designer6.4.3

🔴Vulnerability Details

CVEList

WordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated SQL Injection vulnerability↗2025-01-21

▶

GHSA

GHSA-j752-m9pw-j2v5: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Fancy Product Designer↗2025-01-21

▶