Fusion Builder Project

fusion_builder_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Fusion Builder

fusion_builder

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-1386 2Fusion Builder Project Theme Fusion 2Avada Fusion Builder Nov 21, 2024 May 16, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in t...Show more The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-1386

2Fusion Builder Project

Theme Fusion

2Avada

Fusion Builder

Nov 21, 2024

May 16, 2022

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.Show less