This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
The Avada theme for WordPress is at risk of allowing unauthorized users to run shortcodes without proper validation. This could potentially be exploited by attackers without proper authentication.
Read MoreThe Avada website theme, used for WordPress and WooCommerce, has a security issue that allows unauthorized access. This is due to a missing check on a function in all versions up to 7.11.10. This mea...
Read MoreThe Avada theme for WordPress has a security issue in versions up to 7.11.10. This is because a certain function does not properly check for a specific code, making it possible for someone without pe...
Read MoreThe Avada theme for WordPress has a security issue that allows attackers to insert harmful code into pages using the theme's shortcodes. This can only be done by users with certain permissions, but i...
Read MoreThe Avada theme for WordPress has a security issue called SQL Injection, which affects all versions up to 7.11.6. This is because the 'entry' parameter is not properly protected and the existing SQL ...
Read MoreThe Avada theme for WordPress has a security issue that could allow unauthorized access to sensitive information. This affects all versions up to and including 7.11.6 and involves the directory '/wp-...
Read MoreThe Avada theme for WordPress and WooCommerce has a security issue called "Server-Side Request Forgery." This means that hackers who are logged in as contributors or higher can make requests from the...
Read MoreThe Avada theme for WordPress, specifically the version 7.11.5 and below, has a security issue where sensitive information can be exposed through the form entries page. This means that anyone with co...
Read MoreThe Avada theme for WordPress and WooCommerce has a security issue that allows attackers to upload any type of file to the website. This can be done by users with a certain level of access, and it co...
Read MoreThe Avada theme for WordPress has a security vulnerability in versions up to 7.11.1. This vulnerability can be exploited by attackers with contributor privileges to make web requests to any external ...
Read MoreThe Avada theme for WordPress, used up to and including version 7.11.1, has a security vulnerability that allows authenticated attackers with a subscriber-level access or higher to modify data withou...
Read MoreThe Avada theme for WordPress is vulnerable to a security issue that affects versions up to, and including, 7.11.1. This security issue allows people with author permissions to upload files to the se...
Read MoreThe Avada theme for WordPress has a vulnerability in versions up to, and including, 7.11.1 that could allow an attacker with contributor permissions to upload files onto the affected website's server...
Read MoreThe Fusion Builder plugin for WordPress is vulnerable to a security risk known as Reflected Cross-Site Scripting. This security risk makes it possible for unauthenticated attackers to inject maliciou...
Read MoreThe Fusion Builder plugin for WordPress is vulnerable to a type of attack called Cross-Site Request Forgery. This vulnerability affects versions of the plugin up to and including 3.11.1. The problem ...
Read MoreThe Fusion Builder plugin for WordPress is vulnerable to a type of attack called SQL Injection in versions up to 3.11.1. This type of attack happens when a user supplies a parameter without it being ...
Read MoreThe Fusion Builder plugin for WordPress has a security vulnerability that could allow someone with an account on the WordPress site to make unauthorized changes to data. This vulnerability affects ve...
Read MoreThe Avada theme for WordPress is not secure in versions up to 7.8.1. If someone can trick an administrator (like a website owner) into clicking a link
Read MoreThe Avada plugin for WordPress is not secure in versions up to and including 7.4.1. Attackers who have access to the backend of the plugin can inject malicious scripts into pages on the website. This...
Read MoreThe Fusion Builder plugin and Avada theme
Read MoreThe Avada theme for WordPress is not secure in versions up to 5.1.4. It is possible for unauthenticated people to upload files to your website if they can convince a site administrator to do something
Read MoreThe Avada theme for WordPress is not secure in versions up to, and including, 6.2.3. It has a vulnerability which means that people with limited access to the website may be able to insert malicious ...
Read MoreThe Avada theme for WordPress has a security issue that allows attackers with minimal permissions to put malicious code on some webpages. This code will execute when someone visits the affected page. ...
Read MoreThe Avada WordPress theme is vulnerable to a security issue called Reflected Cross-Site Scripting. It affects versions up to and including 7.4.1. This means that if someone can get a user to click on...
Read More