2 matches found
CVE-2024-1668
The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents...
CVE-2024-1668
CVE-2024-1668 affects Avada Website Builder for WordPress & WooCommerce (versions up to 7.11.5). An authenticated attacker with Contributor+ privileges can expose sensitive form entries, including obfuscated fields like passwords, via the form entries page. Remediation: upgrade to a version later...