5 matches found
Exploit for Server-Side Request Forgery in Fusion_Builder_Project Fusion_Builder
git clone https://github.com/s...
CVE-2022-1386
creationtimestamp| type| source ---|---|--- 2023-03-10 13:47:05+00:00| published-proof-of-concept| https://t.me/DailyToolz/660 2023-03-10 18:42:57+00:00| published-proof-of-concept| https://t.me/DailyToolz/658 2024-01-09 07:23:02+00:00| seen| https://t.me/arpsyndicate/2725 2025-01-26...
CVE-2022-1386
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the...
CVE-2022-1386
CVE-2022-1386 : The WordPress Fusion Builder plugin (before 3.6.2) used with the Avada theme is vulnerable to a server-side request forgery (SSRF). The plugin does not validate a parameter in its forms, allowing an attacker to initiate arbitrary HTTP requests, with the response echoed back to the...
CVE-2022-1386 Fusion Builder < 3.6.2 - Unauthenticated SSRF
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the...