Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

radykal — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting radykal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Radykal primarily develops web application frameworks and content management systems, with its core use case enabling rapid deployment of dynamic websites. Historically, vulnerabilities in Radykal products frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and insecure default configurations. While no major public security incidents have been widely documented, the 8 CVEs attributed to Radykal highlight consistent security weaknesses in its offerings, particularly in authentication mechanisms and file handling processes. These vulnerabilities typically allow attackers to execute arbitrary code or bypass security controls, underscoring the need for rigorous input sanitization and secure coding practices in Radykal's development lifecycle.

Top products by radykal: Fancy Product Designer
CVE IDTitleCVSSSeverityPublished
CVE-2025-15526 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Full Path Disclosure via 'pdf' Parameter — Fancy Product DesignerCWE-209 5.3 Medium2026-01-16
CVE-2025-13231 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Server-Side Request Forgery via Race Condition — Fancy Product DesignerCWE-362 6.5 Medium2025-12-16
CVE-2025-13439 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Information Disclosure and PHAR Deserialization via 'url' Parameter — Fancy Product DesignerCWE-200 5.9 Medium2025-12-16
CVE-2025-12570 Fancy Product Designer <= 6.4.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload — Fancy Product DesignerCWE-79 7.2 High2025-12-12
CVE-2024-51919 WordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated Arbitrary File Upload vulnerability — Fancy Product DesignerCWE-434 9.0 Critical2025-01-21
CVE-2024-51818 WordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated SQL Injection vulnerability — Fancy Product DesignerCWE-89 9.3 Critical2025-01-21
CVE-2021-4334 Fancy Product Designer <= 4.6.9 - Insufficient Authorization to Arbitrary Options Update via fpd_update_options — Fancy Product DesignerCWE-285 8.8 High2023-10-20
CVE-2021-4335 Fancy Product Designer <= 4.6.9 - Insufficient Authorization on Mulitple AJAX Actions — Fancy Product DesignerCWE-285 6.3 Medium2023-10-20

This page lists every published CVE security advisory associated with radykal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.