CVE-2021-4134

The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4.

CVSS v3 7.2 HIGH
CVSS v2.0 4.0 MEDIUM

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://support.fancyproductdesigner.com/support/discussions/topics/13000031264	Release Notes Vendor Advisory
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134	Exploit Third Party Advisory
https://support.fancyproductdesigner.com/support/discussions/topics/13000031264	Release Notes Vendor Advisory
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 06:36

Type	Values Removed	Values Added
CVSS	v2 : ~~4.0~~ v3 : ~~4.9~~	v2 : 4.0 v3 : 7.2
References	~~() https://support.fancyproductdesigner.com/support/discussions/topics/13000031264 - Release Notes, Vendor Advisory~~	() https://support.fancyproductdesigner.com/support/discussions/topics/13000031264 - Release Notes, Vendor Advisory
References	~~() https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134 - Exploit, Third Party Advisory~~	() https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134 - Exploit, Third Party Advisory

Information

Published : 2022-02-16 17:15

Updated : 2024-11-21 06:36

NVD link : CVE-2021-4134

Mitre link : CVE-2021-4134

CVE.ORG link : CVE-2021-4134

JSON object : View

Products Affected

radykal

fancy_product_designer

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2021-4134", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2022-02-16T17:15:11.377", "references": [{"url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000031264", "tags": ["Release Notes", "Vendor Advisory"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134", "tags": ["Exploit", "Third Party Advisory"], "source": "security@wordfence.com"}, {"url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000031264", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-4134", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4."}, {"lang": "es", "value": "El plugin Fancy Product Designer de WordPress es vulnerable a la inyecci\u00f3n SQL debido a un escape y parametrizaci\u00f3n insuficientes del par\u00e1metro ID que se encuentra en el archivo ~/inc/api/class-view.php, lo que permite a atacantes con permisos de nivel administrativo inyectar consultas SQL arbitrarias para obtener informaci\u00f3n confidencial, en versiones hasta 4.7.4 incluy\u00e9ndola"}], "lastModified": "2024-11-21T06:36:58.570", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "577F7AEC-595D-4623-9CA2-4250F5EC747B", "versionEndExcluding": "4.7.5"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}