Avada
ThemeFusion
Developer
N/A
Latest version
N/A
Downloads
N/A
Last updated
Vulnerability history
0 present
18 patched
9 Mitigation rules
- Broken Access Control vulnerability<= 7.13.203/10/2025
- Unauthenticated Arbitrary Shortcode Execution vulnerability<= 7.11.1312/02/2025
- Broken Access Control vulnerability<= 7.11.1024/01/2025
- Cross Site Request Forgery (CSRF) vulnerability<= 7.11.1011/12/2024
- Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing vulnerability<= 7.11.621/03/2024
- Authenticated (Admin+) SQL Injection via entry vulnerability<= 7.11.621/03/2024
- Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action vulnerability<= 7.11.621/03/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 7.11.621/03/2024
- Authenticated(Contributor+) Sensitive Information Exposure via Form Entries vulnerability<= 7.11.504/03/2024
- Authenticated (Contributor+) Arbitrary File Upload vulnerability<= 7.11.428/02/2024
- Authenticated Arbitrary File Upload vulnerability<= 7.11.110/08/2023
- Authenticated Server Side Request Forgery (SSRF) vulnerability<= 7.11.110/08/2023
- Authenticated (Author+) Unrestricted Zip Extraction vulnerability<= 7.11.110/08/2023
- Authenticated Broken Access Control vulnerability<= 7.11.110/08/2023
- Cross-Site Request Forgery (CSRF) vulnerability<= 7.8.120/10/2022
- Unauthenticated Server-Side Request Forgery (SSRF) vulnerability<= 7.6.119/04/2022
- Arbitrary Post Creation, Edition and Deletion vulnerability<= 6.2.201/05/2020
- Stored Cross-Site Scripting (XSS) vulnerability<= 6.2.201/05/2020