8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.0%
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada premium theme versions <= 7.8.1 on WordPress leading to arbitrary plugin installation/activation.
patchstack.com/database/vulnerability/avada/wordpress-avada-premium-theme-7-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
theme-fusion.com/documentation-assets/avada/changelog.txt
themeforest.net/item/avada-responsive-multipurpose-theme/2833226