6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Description The theme is vulnerable to unauthorized modification of data due to a missing capability check, allowing any authenticated attackers, with such as subscriber and above, to save Portfolio permalinks.
patchstack.com/database/vulnerability/avada/wordpress-avada-theme-7-11-1-authenticated-broken-access-control-vulnerability