Fancy Product Designer Plugin Flaws Expose WordPress Sites

Posted on by Admin
Fancy Product Designer Plugin Flaws Expose WordPress Sites

Related Post


Two significant security vulnerabilities have been identified in the Fancy Product Designer premium plugin, which allows the customization of WooCommerce products. The issues remain unpatched in the latest version, 6.4.3, affecting WordPress websites using the plugin.

The plugin, developed by Radykal, has over 20,000 sales and enables extensive product customization. However, Patchstack researchers discovered two critical flaws last year – an unauthenticated arbitrary file upload vulnerability (CVE-2024-51919) and an unauthenticated SQL injection vulnerability (CVE-2024-51818).

Details of the Vulnerabilities

The unauthenticated arbitrary file upload vulnerability allows unauthenticated users to upload arbitrary files, including PHP files, which can result in remote code execution (RCE). The flaw originates from the save_remote_file and fpd_admin_copy_file functions, which fail to adequately verify user inputs, enabling file uploads without proper restrictions.

The unauthenticated SQL injection flaw permits unauthorized users to execute SQL queries directly on the WordPress database. The issue stems from the get_products_sql_attrs function, which does not sufficiently sanitize inputs, and instead relying on the strip_tags function, which is ineffective against SQL injection risks.

Patchstack researchers reportedly reached out to the vendor on March 18 2024, but have yet to receive a response. The vulnerabilities were publicly disclosed on January 8 2025.

Read more on SQL injection attacks: ResumeLooters Gang Raids Retail and Job Site Data

Security Recommendations

Website administrators using the Fancy Product Designer plugin are advised to deactivate or remove it immediately until a security patch becomes available.

Security experts recommend the following practices for developers to prevent similar issues:

  • Validate all file uploads thoroughly, checking both filename and extension

  • Use whitelisting for allowed file types

  • Implement prepared statements for SQL queries

  • Properly sanitize and escape all user inputs

Staying proactive with regular code audits can also significantly reduce vulnerability risks in WordPress plugins.



Source link

Leave a Comment