The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
References
Link | Resource |
---|---|
https://theme-fusion.com/version-7-6-2-security-update/ | Patch Release Notes Third Party Advisory |
https://wpscan.com/vulnerability/bf7034ab-24c4-461f-a709-3f73988b536b | Exploit Third Party Advisory |
https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/ | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Mar 2024, 19:58
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:fusion_builder_project:fusion_builder:*:*:*:*:*:wordpress:*:* | |
First Time |
Fusion Builder Project
Fusion Builder Project fusion Builder |
Information
Published : 2022-05-16 15:15
Updated : 2024-03-14 19:58
NVD link : CVE-2022-1386
Mitre link : CVE-2022-1386
CVE.ORG link : CVE-2022-1386
JSON object : View
Products Affected
theme-fusion
- avada
fusion_builder_project
- fusion_builder
CWE
CWE-918
Server-Side Request Forgery (SSRF)