PT-2026-32994

The Avada Fusion Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up to, and including, 3.15.1. This is due to the plugin's output action hook function accepting user-controlled input to trigger any registered WordPress action hook without proper...

EUVD-2025-21580

Malicious code in bioql PyPI...

PT-2025-29709 · WordPress · Avada (Fusion) Builder

Name of the Vulnerable Software and Affected Versions: Avada Fusion Builder plugin for WordPress versions up to and including 3.12.1 Description: The Avada Fusion Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting through the fusion map shortcode. Insufficient input...

CVE-2024-13345

The Avada Builder plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

WordPress plugin Avada Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...