by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Avada (Fusion) Builder (slug: fusion-builder) is affected by a Medium severity vulnerability (CVSS 5.3) tracked as CVE-2026-32452. The CVSS vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) indicates the issue can be triggered remotely over the...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32453 is a Medium-severity vulnerability (CVSS 3.1: 5.3, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) affecting the Avada Core WordPress plugin (slug: fusion-core) in versions below 5.15.0. Because the issue is reachable over the...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32454 is a Medium-severity stored cross-site scripting (XSS) issue (CVSS 6.4) affecting the Avada Core WordPress plugin (slug: fusion-core) in versions up to 5.15.0. The primary attack path requires an attacker to already have a WordPress login...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Admin Menu Editor (slug: admin-menu-editor) versions 1.14.1 and below are affected by a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability tracked as CVE-2026-32456 (CVSS 4.3, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N). The...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Advanced Product Fields (Product Addons) for WooCommerce (slug: advanced-product-fields-for-woocommerce) is affected by CVE-2026-32457, rated Medium severity (CVSS 5.3). The issue can be reached over the network and does not require a logged-in user,...
Recent Comments