Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for Avada | Website Builder For WordPress & WooCommerce by ThemeFusion

    CVE-2024-13346 (GCVE-0-2024-13346)

    Vulnerability from nvd – Published: 2025-02-13 06:58 – Updated: 2026-04-08 16:40
    VLAI
    Title
    Avada Theme <= 7.11.13 - Unauthenticated Arbitrary Shortcode Execution
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Credits
    Michael Mazzolini
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-13346",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-13T14:47:11.393852Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-13T14:47:26.368Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.13",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Mazzolini"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:40:56.379Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f2f390b-332b-452c-9fe7-ccd1a45390dd?source=cve"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-02-12T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada Theme \u003c= 7.11.13 - Unauthenticated Arbitrary Shortcode Execution"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-13346",
        "datePublished": "2025-02-13T06:58:04.888Z",
        "dateReserved": "2025-01-11T01:17:58.782Z",
        "dateUpdated": "2026-04-08T16:40:56.379Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2344 (GCVE-0-2024-2344)

    Vulnerability from nvd – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:23
    VLAI
    Title
    Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry
    Summary
    The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted attackers, with editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    ThemeFusion Avada | Website Builder For WordPress & WooCommerce Affected: 0 , ≤ 7.11.6 (semver)
    Create a notification for this product.
    theme-fusion avada Affected: 0 , ≤ 7.11.6 (semver)
        cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccf0d2ca-2891-45d1-8ea2-90dd435b359f?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/05a32f63d75082ab05de27e313e70fa3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "avada",
                "vendor": "theme-fusion",
                "versions": [
                  {
                    "lessThanOrEqual": "7.11.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-10T19:29:33.725829Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T20:22:32.259Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to SQL Injection via the \u0027entry\u0027 parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticted attackers, with editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:23:55.332Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccf0d2ca-2891-45d1-8ea2-90dd435b359f?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/05a32f63d75082ab05de27e313e70fa3"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Authenticated (Admin+) SQL Injection via entry"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2344",
        "datePublished": "2024-04-09T18:59:22.329Z",
        "dateReserved": "2024-03-08T21:26:25.441Z",
        "dateUpdated": "2026-04-08T17:23:55.332Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2343 (GCVE-0-2024-2343)

    Vulnerability from nvd – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:05
    VLAI
    Title
    Avada <= 7.11.6 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the form_to_url_action function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2343",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-15T15:20:13.146366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:29:06.151Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.437Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87ca07ac-6080-45d7-a8f5-74a918adec43?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/55d41870c7ce0e95f454d00100bc10dc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the form_to_url_action function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:05:09.872Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87ca07ac-6080-45d7-a8f5-74a918adec43?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/55d41870c7ce0e95f454d00100bc10dc"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2343",
        "datePublished": "2024-04-09T18:59:03.916Z",
        "dateReserved": "2024-03-08T20:51:03.840Z",
        "dateUpdated": "2026-04-08T17:05:09.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2340 (GCVE-0-2024-2340)

    Vulnerability from nvd – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:06
    VLAI
    Title
    Avada <= 7.11.6 - Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing
    Summary
    The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-548 - Exposure of Information Through Directory Listing
    Assigner
    Impacted products
    Vendor Product Version
    ThemeFusion Avada | Website Builder For WordPress & WooCommerce Affected: 0 , ≤ 7.11.6 (semver)
    Create a notification for this product.
    theme-fusion avada Affected: 0 , < 7.11.7 (semver)
        cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.384Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "avada",
                "vendor": "theme-fusion",
                "versions": [
                  {
                    "lessThan": "7.11.7",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2340",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-08T18:25:37.807880Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T18:27:14.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the \u0027/wp-content/uploads/fusion-forms/\u0027 directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-548",
                  "description": "CWE-548 Exposure of Information Through Directory Listing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:06:13.768Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cve"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2340",
        "datePublished": "2024-04-09T18:59:06.567Z",
        "dateReserved": "2024-03-08T20:06:51.188Z",
        "dateUpdated": "2026-04-08T17:06:13.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2311 (GCVE-0-2024-2311)

    Vulnerability from nvd – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:35
    VLAI
    Title
    Avada <= 7.11.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
    Summary
    The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.11.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2311",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-20T18:47:45.883663Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:30:20.386Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff6ff104-44c8-49a9-bebd-abb82e8e1cd6?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/8b0f2bf40092e00851fe2f57f15e947e"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/d3c36f7befe7d380ed240d3cb141d64c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/ebb7e1dee2b073b8a478c2f663521b30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/af52a553c02936479461189d53c1d4fe"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcodes in all versions up to, and including, 7.11.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:35:20.630Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff6ff104-44c8-49a9-bebd-abb82e8e1cd6?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/8b0f2bf40092e00851fe2f57f15e947e"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/d3c36f7befe7d380ed240d3cb141d64c"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/ebb7e1dee2b073b8a478c2f663521b30"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/af52a553c02936479461189d53c1d4fe"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2311",
        "datePublished": "2024-04-09T18:59:36.184Z",
        "dateReserved": "2024-03-07T23:25:41.928Z",
        "dateUpdated": "2026-04-08T17:35:20.630Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-1668 (GCVE-0-2024-1668)

    Vulnerability from nvd – Published: 2024-03-13 15:32 – Updated: 2026-04-08 17:23
    VLAI
    Title
    Avada <= 7.11.5 - Authenticated(Contributor+) Sensitive Information Exposure via Form Entries
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents of all form submissions, including fields that are obfuscated (such as the contact form's "password" field).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1668",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-13T18:15:31.860093Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:18.243Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:48:21.727Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd224169-ae51-4af8-b6de-706ed580ff8d?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/91bd37338022b15379f393356d1056a1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents of all form submissions, including fields that are obfuscated (such as the contact form\u0027s \"password\" field)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:23:59.161Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd224169-ae51-4af8-b6de-706ed580ff8d?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/91bd37338022b15379f393356d1056a1"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-01T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.5 - Authenticated(Contributor+) Sensitive Information Exposure via Form Entries"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-1668",
        "datePublished": "2024-03-13T15:32:40.387Z",
        "dateReserved": "2024-02-20T15:58:34.868Z",
        "dateUpdated": "2026-04-08T17:23:59.161Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-1468 (GCVE-0-2024-1468)

    Vulnerability from nvd – Published: 2024-02-29 03:30 – Updated: 2026-04-08 17:24
    VLAI
    Title
    Avada | Website Builder For WordPress & WooCommerce <= 7.11.4 - Authenticated (Contributor+) Arbitrary File Upload
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    ThemeFusion Avada | Website Builder For WordPress & WooCommerce Affected: 0 , ≤ 7.11.4 (semver)
    Create a notification for this product.
    avada website_builder Affected: 0 , < 7.11.5 (custom)
        cpe:2.3:a:avada:website_builder:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:40:21.187Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cde6e758-9723-43f2-9972-32be8aeb2b91?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:avada:website_builder:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "website_builder",
                "vendor": "avada",
                "versions": [
                  {
                    "lessThan": "7.11.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1468",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-01T18:31:17.401193Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T18:59:20.801Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:24:16.717Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cde6e758-9723-43f2-9972-32be8aeb2b91?source=cve"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-02-06T00:00:00.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2024-02-28T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada | Website Builder For WordPress \u0026 WooCommerce \u003c= 7.11.4 - Authenticated (Contributor+) Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-1468",
        "datePublished": "2024-02-29T03:30:29.778Z",
        "dateReserved": "2024-02-13T15:17:52.189Z",
        "dateUpdated": "2026-04-08T17:24:16.717Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-36711 (GCVE-0-2020-36711)

    Vulnerability from nvd – Published: 2023-06-07 01:51 – Updated: 2026-04-08 16:58
    VLAI
    Title
    Avada <= 6.2.2 - Authenticated (Contributor+) Cross-Site Scripting
    Summary
    The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the update_layout function in versions up to, and including, 6.2.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers, and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Credits
    Jerome Bruandet
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:37:06.584Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/684a1e8e-30f2-47dd-9df6-145198030c52?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.nintechnet.com/avada-wordpress-theme-fixed-multiple-vulnerabilities/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://theme-fusion.com/security-fix-added-in-6-2-3/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-36711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-20T23:28:46.386161Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-20T23:53:02.485Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThan": "6.2.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jerome Bruandet"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the update_layout function in versions up to, and including, 6.2.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers, and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:58:25.713Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/684a1e8e-30f2-47dd-9df6-145198030c52?source=cve"
            },
            {
              "url": "https://blog.nintechnet.com/avada-wordpress-theme-fixed-multiple-vulnerabilities/"
            },
            {
              "url": "https://theme-fusion.com/security-fix-added-in-6-2-3/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2020-04-24T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada  \u003c= 6.2.2 - Authenticated (Contributor+) Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2020-36711",
        "datePublished": "2023-06-07T01:51:24.728Z",
        "dateReserved": "2023-06-06T12:52:29.382Z",
        "dateUpdated": "2026-04-08T16:58:25.713Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-13346 (GCVE-0-2024-13346)

    Vulnerability from cvelistv5 – Published: 2025-02-13 06:58 – Updated: 2026-04-08 16:40
    VLAI
    Title
    Avada Theme <= 7.11.13 - Unauthenticated Arbitrary Shortcode Execution
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Credits
    Michael Mazzolini
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-13346",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-13T14:47:11.393852Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-13T14:47:26.368Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.13",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Mazzolini"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:40:56.379Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f2f390b-332b-452c-9fe7-ccd1a45390dd?source=cve"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-02-12T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada Theme \u003c= 7.11.13 - Unauthenticated Arbitrary Shortcode Execution"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-13346",
        "datePublished": "2025-02-13T06:58:04.888Z",
        "dateReserved": "2025-01-11T01:17:58.782Z",
        "dateUpdated": "2026-04-08T16:40:56.379Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2311 (GCVE-0-2024-2311)

    Vulnerability from cvelistv5 – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:35
    VLAI
    Title
    Avada <= 7.11.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
    Summary
    The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.11.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2311",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-20T18:47:45.883663Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:30:20.386Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff6ff104-44c8-49a9-bebd-abb82e8e1cd6?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/8b0f2bf40092e00851fe2f57f15e947e"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/d3c36f7befe7d380ed240d3cb141d64c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/ebb7e1dee2b073b8a478c2f663521b30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/af52a553c02936479461189d53c1d4fe"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcodes in all versions up to, and including, 7.11.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:35:20.630Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff6ff104-44c8-49a9-bebd-abb82e8e1cd6?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/8b0f2bf40092e00851fe2f57f15e947e"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/d3c36f7befe7d380ed240d3cb141d64c"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/ebb7e1dee2b073b8a478c2f663521b30"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/af52a553c02936479461189d53c1d4fe"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2311",
        "datePublished": "2024-04-09T18:59:36.184Z",
        "dateReserved": "2024-03-07T23:25:41.928Z",
        "dateUpdated": "2026-04-08T17:35:20.630Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2344 (GCVE-0-2024-2344)

    Vulnerability from cvelistv5 – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:23
    VLAI
    Title
    Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry
    Summary
    The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted attackers, with editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    ThemeFusion Avada | Website Builder For WordPress & WooCommerce Affected: 0 , ≤ 7.11.6 (semver)
    Create a notification for this product.
    theme-fusion avada Affected: 0 , ≤ 7.11.6 (semver)
        cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccf0d2ca-2891-45d1-8ea2-90dd435b359f?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/05a32f63d75082ab05de27e313e70fa3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "avada",
                "vendor": "theme-fusion",
                "versions": [
                  {
                    "lessThanOrEqual": "7.11.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-10T19:29:33.725829Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T20:22:32.259Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to SQL Injection via the \u0027entry\u0027 parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticted attackers, with editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:23:55.332Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccf0d2ca-2891-45d1-8ea2-90dd435b359f?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/05a32f63d75082ab05de27e313e70fa3"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Authenticated (Admin+) SQL Injection via entry"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2344",
        "datePublished": "2024-04-09T18:59:22.329Z",
        "dateReserved": "2024-03-08T21:26:25.441Z",
        "dateUpdated": "2026-04-08T17:23:55.332Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2340 (GCVE-0-2024-2340)

    Vulnerability from cvelistv5 – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:06
    VLAI
    Title
    Avada <= 7.11.6 - Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing
    Summary
    The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-548 - Exposure of Information Through Directory Listing
    Assigner
    Impacted products
    Vendor Product Version
    ThemeFusion Avada | Website Builder For WordPress & WooCommerce Affected: 0 , ≤ 7.11.6 (semver)
    Create a notification for this product.
    theme-fusion avada Affected: 0 , < 7.11.7 (semver)
        cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.384Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "avada",
                "vendor": "theme-fusion",
                "versions": [
                  {
                    "lessThan": "7.11.7",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2340",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-08T18:25:37.807880Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T18:27:14.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the \u0027/wp-content/uploads/fusion-forms/\u0027 directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-548",
                  "description": "CWE-548 Exposure of Information Through Directory Listing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:06:13.768Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cve"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2340",
        "datePublished": "2024-04-09T18:59:06.567Z",
        "dateReserved": "2024-03-08T20:06:51.188Z",
        "dateUpdated": "2026-04-08T17:06:13.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-2343 (GCVE-0-2024-2343)

    Vulnerability from cvelistv5 – Published: 2024-04-09 18:59 – Updated: 2026-04-08 17:05
    VLAI
    Title
    Avada <= 7.11.6 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the form_to_url_action function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-2343",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-15T15:20:13.146366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:29:06.151Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:11:53.437Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87ca07ac-6080-45d7-a8f5-74a918adec43?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/55d41870c7ce0e95f454d00100bc10dc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the form_to_url_action function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:05:09.872Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87ca07ac-6080-45d7-a8f5-74a918adec43?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/55d41870c7ce0e95f454d00100bc10dc"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-20T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.6 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-2343",
        "datePublished": "2024-04-09T18:59:03.916Z",
        "dateReserved": "2024-03-08T20:51:03.840Z",
        "dateUpdated": "2026-04-08T17:05:09.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-1668 (GCVE-0-2024-1668)

    Vulnerability from cvelistv5 – Published: 2024-03-13 15:32 – Updated: 2026-04-08 17:23
    VLAI
    Title
    Avada <= 7.11.5 - Authenticated(Contributor+) Sensitive Information Exposure via Form Entries
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents of all form submissions, including fields that are obfuscated (such as the contact form's "password" field).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1668",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-13T18:15:31.860093Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:18.243Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:48:21.727Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd224169-ae51-4af8-b6de-706ed580ff8d?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Xib3rR4dAr/91bd37338022b15379f393356d1056a1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents of all form submissions, including fields that are obfuscated (such as the contact form\u0027s \"password\" field)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:23:59.161Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd224169-ae51-4af8-b6de-706ed580ff8d?source=cve"
            },
            {
              "url": "https://gist.github.com/Xib3rR4dAr/91bd37338022b15379f393356d1056a1"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-01T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada \u003c= 7.11.5 - Authenticated(Contributor+) Sensitive Information Exposure via Form Entries"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-1668",
        "datePublished": "2024-03-13T15:32:40.387Z",
        "dateReserved": "2024-02-20T15:58:34.868Z",
        "dateUpdated": "2026-04-08T17:23:59.161Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-1468 (GCVE-0-2024-1468)

    Vulnerability from cvelistv5 – Published: 2024-02-29 03:30 – Updated: 2026-04-08 17:24
    VLAI
    Title
    Avada | Website Builder For WordPress & WooCommerce <= 7.11.4 - Authenticated (Contributor+) Arbitrary File Upload
    Summary
    The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    ThemeFusion Avada | Website Builder For WordPress & WooCommerce Affected: 0 , ≤ 7.11.4 (semver)
    Create a notification for this product.
    avada website_builder Affected: 0 , < 7.11.5 (custom)
        cpe:2.3:a:avada:website_builder:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Muhammad Zeeshan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:40:21.187Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cde6e758-9723-43f2-9972-32be8aeb2b91?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://avada.com/documentation/avada-changelog/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:avada:website_builder:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "website_builder",
                "vendor": "avada",
                "versions": [
                  {
                    "lessThan": "7.11.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1468",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-01T18:31:17.401193Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T18:59:20.801Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThanOrEqual": "7.11.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Zeeshan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada | Website Builder For WordPress \u0026 WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:24:16.717Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cde6e758-9723-43f2-9972-32be8aeb2b91?source=cve"
            },
            {
              "url": "https://avada.com/documentation/avada-changelog/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-02-06T00:00:00.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2024-02-28T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada | Website Builder For WordPress \u0026 WooCommerce \u003c= 7.11.4 - Authenticated (Contributor+) Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-1468",
        "datePublished": "2024-02-29T03:30:29.778Z",
        "dateReserved": "2024-02-13T15:17:52.189Z",
        "dateUpdated": "2026-04-08T17:24:16.717Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-36711 (GCVE-0-2020-36711)

    Vulnerability from cvelistv5 – Published: 2023-06-07 01:51 – Updated: 2026-04-08 16:58
    VLAI
    Title
    Avada <= 6.2.2 - Authenticated (Contributor+) Cross-Site Scripting
    Summary
    The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the update_layout function in versions up to, and including, 6.2.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers, and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Credits
    Jerome Bruandet
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:37:06.584Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/684a1e8e-30f2-47dd-9df6-145198030c52?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.nintechnet.com/avada-wordpress-theme-fixed-multiple-vulnerabilities/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://theme-fusion.com/security-fix-added-in-6-2-3/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-36711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-20T23:28:46.386161Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-20T23:53:02.485Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Avada | Website Builder For WordPress \u0026 WooCommerce",
              "vendor": "ThemeFusion",
              "versions": [
                {
                  "lessThan": "6.2.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jerome Bruandet"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the update_layout function in versions up to, and including, 6.2.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers, and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:58:25.713Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/684a1e8e-30f2-47dd-9df6-145198030c52?source=cve"
            },
            {
              "url": "https://blog.nintechnet.com/avada-wordpress-theme-fixed-multiple-vulnerabilities/"
            },
            {
              "url": "https://theme-fusion.com/security-fix-added-in-6-2-3/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2020-04-24T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Avada  \u003c= 6.2.2 - Authenticated (Contributor+) Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2020-36711",
        "datePublished": "2023-06-07T01:51:24.728Z",
        "dateReserved": "2023-06-06T12:52:29.382Z",
        "dateUpdated": "2026-04-08T16:58:25.713Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }