Wordpress Exploit
Fancy Product Designer, a WordPress plugin used on over 17,000 websites, contains a critical file upload vulnerability that is currently being exploited in the wild to upload malware to websites where the plugin is installed.
The vulnerability was identified by Wordfence's Threat Intelligence team and reported to the vendor on May 31. Although the issue has been identified, it has yet to be fixed.
Fancy Product Designer is a platform that allows businesses to offer personalized items. Customers can design anything from t-shirts to phone cases by uploading photos and PDF files that can then be integrated into the product.