0.222 Low
EPSS
Percentile
96.5%
Unauthenticated Server-Side Request Forgery (SSRF) vulnerability discovered by Calum Elrick in WordPress Avada premium theme (versions <= 7.6.1).
Update the WordPress Avada premium theme to the latest available version (at least 7.6.2).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1386
theme-fusion.com/documentation/avada/installation-maintenance/avada-changelog/
www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/