Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
pickplugins

product_designer

3 Versions 3 CVEs

Versions

1.0.32

SEMANTIC 1 CVE

0

SINGLE_NUMBER 3 CVEs

1.0.33

SEMANTIC 2 CVEs

Recent CVEs

CVE-2024-38726

Missing Authorization vulnerability in PickPlugins Product Designer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Designer: from n/a through 1.0.33.

HIGH Nov 01, 2024

CVE-2024-3608

The Product Designer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the product_designer_ajax_delete_attach_id() function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to delete arbitrary attachments.

MEDIUM Jul 09, 2024

CVE-2024-31277

Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32.

HIGH Apr 07, 2024