The Avada theme for WordPress and WooCommerce has a security issue called “Server-Side Request Forgery.” This means that hackers who are logged in as contributors or higher can make requests from the website to other places on the internet. This could allow them to get information from internal services, or even change things on those services.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
