5 matches found
CVE-2023-39309
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1...
CVE-2023-39309
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1...
CVE-2023-39309 WordPress Avada Builder plugin <= 3.11.1 - Auth. SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1...
CVE-2023-39309
CVE-2023-39309 is an authenticated SQL injection in ThemeFusion Fusion Builder for WordPress, affecting Fusion Builder versions up to 3.11.1. Root cause is improper neutralization of SQL elements used in an SQL command. Reported base CVSS/Basescore: 8.8 (HIGH) with network access, low attack comp...
WordPress Fusion Builder Plugin <= 3.11.1 is vulnerable to SQL Injection
Software Fusion Builder Type Plugin Vulnerable versions = 3.11.1 Fixed in 3.11.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-39309 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID cdc92b887506 Credits Rafie Muhammad Patchstack Required privilege...