HOW TO FIX A CRITICAL 0-DAY WORDPRESS PLUGINS VULNERABILITY (CVE-2021-24370) FOUND IN FANCY PRODUCT DESIGNER
The Wordfence Threat Intelligence team has discovered a critical 0-day WordPress plugins vulnerability (CVE-2021-24370) on May 31, 2021. This file upload vulnerability is being manipulated in the Fancy Product Designer, a WordPress plugin installed on over 17,000 websites. As it’s a critical 0-day WordPress plugins vulnerability (CVE-2021-24370) under attack, it’s important to have a brief introduction about WordPress and its plugins.
* What Is WordPress? What Is WordPress Plugin?
* What Is A Zero-Day Vulnerability?
* Introducing Fancy Product Designer
* How Are Attackers Abusing This 0-day WordPress Plugins Vulnerability (CVE-2021-24370)?
* Targets Of This 0-day WordPress Plugins Vulnerability (CVE-2021-24370)
* Summary Of This 0-day WordPress Plugins Vulnerability (CVE-2021-24370)
* How To Fix A Critical 0-Day WordPress Plugins Vulnerability (CVE-2021-24370)?
* Indicator Of Compromise Recorded During The Analysis of 0-day WordPress Plugins Vulnerability (CVE-2021-24370)
* Countermeasures Suggested By WordPress
* #1. Statistical Techniques
* #2. Behavior-Based Defense
* #3. Signature-Based Defense
* #4. Hybrid Techniques
Table of Contents :
1. login to codecanyon.net.
2. visit the product page at https://codecanyon.net/item/fancy-product-designer-woocommercewordpress/6318393
3. Download the plugin file from the right-hand side of the product page.
4. After your download the patched version of the plugin Fancy Product Designer v4.6.9.
5. Login to your WordPress site.
6. Go to Plugins->Add New->Upload Plugin to upload the patched plugin.
7. Activate the plugin if not activated.
How to Fix Fancy Product Designer vulnerability CVE-2021-24370