CVE-2021-24370

Summary

The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.

Affected Software

VendorProductVersion RangeStatus
UnknownFancy Product Designer4.6.9 < 4.6.9affected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References