CVE-2021-4335 - OpenCVE

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissions to modify plugin settings, including retrieving arbitrary order information or creating/updating/deleting products, orders, or other sensitive information not associated with their own account.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Radykal	Fancy Product Designer

Configuration 1 [-]

cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://support.fancyproductdesigner.com/support/discussions/topics/13000029981
https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-10-20T06:35:28.661Z

Updated: 2024-09-11T18:36:34.757Z

Reserved: 2023-04-05T18:25:26.209Z

Link: CVE-2021-4335

Vulnrichment

Updated: 2024-08-03T17:23:10.681Z

NVD

Status : Modified

Published: 2023-10-20T07:15:14.757

Modified: 2023-11-07T03:40:43.427

Link: CVE-2021-4335

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-4335", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-04-05T18:25:26.209Z", "datePublished": "2023-10-20T06:35:28.661Z", "dateUpdated": "2024-09-11T18:36:34.757Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-10-20T06:35:28.661Z"}, "affected": [{"vendor": "Unknown", "product": "Fancy Product Designer", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "4.6.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissions to modify plugin settings, including retrieving arbitrary order information or creating/updating/deleting products, orders, or other sensitive information not associated with their own account."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve"}, {"url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000029981"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-285 Improper Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Ramuel Gall"}], "timeline": [{"time": "2021-06-09T00:00:00.000+00:00", "lang": "en", "value": "Vendor Notified"}, {"time": "2023-04-05T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:23:10.681Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve", "tags": ["x_transferred"]}, {"url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000029981", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T18:31:05.264225Z", "id": "CVE-2021-4335", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T18:36:34.757Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve", "tags": ["x_transferred"]}, {"url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000029981", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:23:10.681Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-4335", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-11T18:31:05.264225Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T18:36:29.022Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Ramuel Gall"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}], "affected": [{"vendor": "Unknown", "product": "Fancy Product Designer", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "4.6.9"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2021-06-09T00:00:00.000+00:00", "value": "Vendor Notified"}, {"lang": "en", "time": "2023-04-05T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve"}, {"url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000029981"}], "descriptions": [{"lang": "en", "value": "The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissions to modify plugin settings, including retrieving arbitrary order information or creating/updating/deleting products, orders, or other sensitive information not associated with their own account."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-285 Improper Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-10-20T06:35:28.661Z"}}}, "cveMetadata": {"cveId": "CVE-2021-4335", "state": "PUBLISHED", "dateUpdated": "2024-09-11T18:36:34.757Z", "dateReserved": "2023-04-05T18:25:26.209Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2023-10-20T06:35:28.661Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "71A93E72-A3FE-4AFC-96EB-88362E89A093", "versionEndExcluding": "4.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with subscriber-level permissions to modify plugin settings, including retrieving arbitrary order information or creating/updating/deleting products, orders, or other sensitive information not associated with their own account."}, {"lang": "es", "value": "El complemento Fancy Product Designer para WordPress es vulnerable al acceso no autorizado a los datos y a la modificaci\u00f3n de la configuraci\u00f3n del complemento debido a una falta de verificaci\u00f3n de capacidad en m\u00faltiples funciones AJAX en versiones hasta la 4.6.9 incluida. Esto hace posible que atacantes autenticados con permisos a nivel de suscriptor modifiquen la configuraci\u00f3n del complemento, incluida la recuperaci\u00f3n de informaci\u00f3n de pedidos arbitraria o la creaci\u00f3n/actualizaci\u00f3n/eliminaci\u00f3n de productos, pedidos u otra informaci\u00f3n confidencial no asociada con su propia cuenta."}], "id": "CVE-2021-4335", "lastModified": "2023-11-07T03:40:43.427", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2023-10-20T07:15:14.757", "references": [{"source": "security@wordfence.com", "tags": ["Release Notes"], "url": "https://support.fancyproductdesigner.com/support/discussions/topics/13000029981"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/644624d8-c193-4ee6-bc82-7ccda5d7f2ac?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}